import nss-3.67.0-7.el8_5
This commit is contained in:
parent
e1c4a2e0f8
commit
fed896e694
10
.gitignore
vendored
10
.gitignore
vendored
@ -4,12 +4,4 @@ SOURCES/blank-cert9.db
|
||||
SOURCES/blank-key3.db
|
||||
SOURCES/blank-key4.db
|
||||
SOURCES/blank-secmod.db
|
||||
SOURCES/cert8.db.xml
|
||||
SOURCES/cert9.db.xml
|
||||
SOURCES/key3.db.xml
|
||||
SOURCES/key4.db.xml
|
||||
SOURCES/nss-3.53.1.tar.gz
|
||||
SOURCES/nss-config.xml
|
||||
SOURCES/nss-softokn-cavs-1.0.tar.gz
|
||||
SOURCES/secmod.db.xml
|
||||
SOURCES/setup-nsssysinit.xml
|
||||
SOURCES/nss-3.67.tar.gz
|
||||
|
@ -4,12 +4,4 @@ b5570125fbf6bfb410705706af48217a0817c03a SOURCES/blank-cert9.db
|
||||
7f78b5bcecdb5005e7b803604b2ec9d1a9df2fb5 SOURCES/blank-key3.db
|
||||
f9c9568442386da370193474de1b25c3f68cdaf6 SOURCES/blank-key4.db
|
||||
bd748cf6e1465a1bbe6e751b72ffc0076aff0b50 SOURCES/blank-secmod.db
|
||||
6a43a6788fff0f2a967051209adbd354fad4c346 SOURCES/cert8.db.xml
|
||||
ea6705e15999bdc6365f05b3d66f9c1d49677f84 SOURCES/cert9.db.xml
|
||||
24c123810543ff0f6848647d6d910744e275fb01 SOURCES/key3.db.xml
|
||||
af51b16a56fda1f7525a0eed3ecbdcbb4133be0c SOURCES/key4.db.xml
|
||||
ee522d99ff582b849fe5190c1461f0633ffe1721 SOURCES/nss-3.53.1.tar.gz
|
||||
2905c9b06e7e686c9e3c0b5736a218766d4ae4c2 SOURCES/nss-config.xml
|
||||
d8a7f044570732caf4ed06fd44a63b3e86ea2a16 SOURCES/nss-softokn-cavs-1.0.tar.gz
|
||||
ca9ebf79c1437169a02527c18b1e3909943c4be9 SOURCES/secmod.db.xml
|
||||
bcbe05281b38d843273f91ae3f9f19f70c7d97b3 SOURCES/setup-nsssysinit.xml
|
||||
9cccf98f0476905c0d863a6b2cb08a1955482241 SOURCES/nss-3.67.tar.gz
|
||||
|
59
SOURCES/cert8.db.xml
Normal file
59
SOURCES/cert8.db.xml
Normal file
@ -0,0 +1,59 @@
|
||||
<?xml version='1.0' encoding='utf-8'?>
|
||||
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
|
||||
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
|
||||
<!ENTITY date SYSTEM "date.xml">
|
||||
<!ENTITY version SYSTEM "version.xml">
|
||||
]>
|
||||
|
||||
<refentry id="cert8.db">
|
||||
|
||||
<refentryinfo>
|
||||
<date>&date;</date>
|
||||
<title>Network Security Services</title>
|
||||
<productname>nss</productname>
|
||||
<productnumber>&version;</productnumber>
|
||||
</refentryinfo>
|
||||
|
||||
<refmeta>
|
||||
<refentrytitle>cert8.db</refentrytitle>
|
||||
<manvolnum>5</manvolnum>
|
||||
</refmeta>
|
||||
|
||||
<refnamediv>
|
||||
<refname>cert8.db</refname>
|
||||
<refpurpose>Legacy NSS certificate database</refpurpose>
|
||||
</refnamediv>
|
||||
|
||||
<refsection id="description">
|
||||
<title>Description</title>
|
||||
<para><emphasis>cert8.db</emphasis> is an NSS certificate database.</para>
|
||||
<para>This certificate database is in the legacy database format. Consider migrating to cert9.db and key4.db which are the new sqlite-based shared database format with support for concurrent access.
|
||||
</para>
|
||||
</refsection>
|
||||
|
||||
<refsection>
|
||||
<title>Files</title>
|
||||
<para><filename>/etc/pki/nssdb/cert8.db</filename></para>
|
||||
</refsection>
|
||||
|
||||
<refsection>
|
||||
<title>See also</title>
|
||||
<para>cert9.db(5), key4.db(5), pkcs11.txt(5), </para>
|
||||
</refsection>
|
||||
|
||||
<refsection id="authors">
|
||||
<title>Authors</title>
|
||||
<para>The nss libraries were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google.</para>
|
||||
<para>Authors: Elio Maldonado <emaldona@redhat.com>.</para>
|
||||
</refsection>
|
||||
|
||||
<!-- don't change -->
|
||||
<refsection id="license">
|
||||
<title>LICENSE</title>
|
||||
<para>Licensed under the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
||||
</para>
|
||||
|
||||
</refsection>
|
||||
|
||||
|
||||
</refentry>
|
59
SOURCES/cert9.db.xml
Normal file
59
SOURCES/cert9.db.xml
Normal file
@ -0,0 +1,59 @@
|
||||
<?xml version='1.0' encoding='utf-8'?>
|
||||
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
|
||||
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
|
||||
<!ENTITY date SYSTEM "date.xml">
|
||||
<!ENTITY version SYSTEM "version.xml">
|
||||
]>
|
||||
|
||||
<refentry id="cert9.db">
|
||||
|
||||
<refentryinfo>
|
||||
<date>&date;</date>
|
||||
<title>Network Security Services</title>
|
||||
<productname>nss</productname>
|
||||
<productnumber>&version;</productnumber>
|
||||
</refentryinfo>
|
||||
|
||||
<refmeta>
|
||||
<refentrytitle>cert9.db</refentrytitle>
|
||||
<manvolnum>5</manvolnum>
|
||||
</refmeta>
|
||||
|
||||
<refnamediv>
|
||||
<refname>cert9.db</refname>
|
||||
<refpurpose>NSS certificate database</refpurpose>
|
||||
</refnamediv>
|
||||
|
||||
<refsection id="description">
|
||||
<title>Description</title>
|
||||
<para><emphasis>cert9.db</emphasis> is an NSS certificate database.</para>
|
||||
<para>This certificate database is the sqlite-based shared database with support for concurrent access.
|
||||
</para>
|
||||
</refsection>
|
||||
|
||||
<refsection>
|
||||
<title>Files</title>
|
||||
<para><filename>/etc/pki/nssdb/cert9.db</filename></para>
|
||||
</refsection>
|
||||
|
||||
<refsection>
|
||||
<title>See also</title>
|
||||
<para>pkcs11.txt(5)</para>
|
||||
</refsection>
|
||||
|
||||
<refsection id="authors">
|
||||
<title>Authors</title>
|
||||
<para>The nss libraries were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google.</para>
|
||||
<para>Authors: Elio Maldonado <emaldona@redhat.com>.</para>
|
||||
</refsection>
|
||||
|
||||
<!-- don't change -->
|
||||
<refsection id="license">
|
||||
<title>LICENSE</title>
|
||||
<para>Licensed under the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
||||
</para>
|
||||
|
||||
</refsection>
|
||||
|
||||
|
||||
</refentry>
|
59
SOURCES/key3.db.xml
Normal file
59
SOURCES/key3.db.xml
Normal file
@ -0,0 +1,59 @@
|
||||
<?xml version='1.0' encoding='utf-8'?>
|
||||
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
|
||||
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
|
||||
<!ENTITY date SYSTEM "date.xml">
|
||||
<!ENTITY version SYSTEM "version.xml">
|
||||
]>
|
||||
|
||||
<refentry id="key3.db">
|
||||
|
||||
<refentryinfo>
|
||||
<date>&date;</date>
|
||||
<title>Network Security Services</title>
|
||||
<productname>nss</productname>
|
||||
<productnumber>&version;</productnumber>
|
||||
</refentryinfo>
|
||||
|
||||
<refmeta>
|
||||
<refentrytitle>key3.db</refentrytitle>
|
||||
<manvolnum>5</manvolnum>
|
||||
</refmeta>
|
||||
|
||||
<refnamediv>
|
||||
<refname>key3.db</refname>
|
||||
<refpurpose>Legacy NSS certificate database</refpurpose>
|
||||
</refnamediv>
|
||||
|
||||
<refsection id="description">
|
||||
<title>Description</title>
|
||||
<para><emphasis>key3.db</emphasis> is an NSS certificate database.</para>
|
||||
<para>This is a key database in the legacy database format. Consider migrating to cert9.db and key4.db which which are the new sqlite-based shared database format with support for concurrent access.
|
||||
</para>
|
||||
</refsection>
|
||||
|
||||
<refsection>
|
||||
<title>Files</title>
|
||||
<para><filename>/etc/pki/nssdb/key3.db</filename></para>
|
||||
</refsection>
|
||||
|
||||
<refsection>
|
||||
<title>See also</title>
|
||||
<para>cert9.db(5), key4.db(5), pkcs11.txt(5), </para>
|
||||
</refsection>
|
||||
|
||||
<refsection id="authors">
|
||||
<title>Authors</title>
|
||||
<para>The nss libraries were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google.</para>
|
||||
<para>Authors: Elio Maldonado <emaldona@redhat.com>.</para>
|
||||
</refsection>
|
||||
|
||||
<!-- don't change -->
|
||||
<refsection id="license">
|
||||
<title>LICENSE</title>
|
||||
<para>Licensed under the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
||||
</para>
|
||||
|
||||
</refsection>
|
||||
|
||||
|
||||
</refentry>
|
59
SOURCES/key4.db.xml
Normal file
59
SOURCES/key4.db.xml
Normal file
@ -0,0 +1,59 @@
|
||||
<?xml version='1.0' encoding='utf-8'?>
|
||||
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
|
||||
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
|
||||
<!ENTITY date SYSTEM "date.xml">
|
||||
<!ENTITY version SYSTEM "version.xml">
|
||||
]>
|
||||
|
||||
<refentry id="key4.db">
|
||||
|
||||
<refentryinfo>
|
||||
<date>&date;</date>
|
||||
<title>Network Security Services</title>
|
||||
<productname>nss</productname>
|
||||
<productnumber>&version;</productnumber>
|
||||
</refentryinfo>
|
||||
|
||||
<refmeta>
|
||||
<refentrytitle>key4.db</refentrytitle>
|
||||
<manvolnum>5</manvolnum>
|
||||
</refmeta>
|
||||
|
||||
<refnamediv>
|
||||
<refname>key4.db</refname>
|
||||
<refpurpose>NSS certificate database</refpurpose>
|
||||
</refnamediv>
|
||||
|
||||
<refsection id="description">
|
||||
<title>Description</title>
|
||||
<para><emphasis>key4.db</emphasis> is an NSS key database.</para>
|
||||
<para>This key database is the sqlite-based shared database format with support for concurrent access.
|
||||
</para>
|
||||
</refsection>
|
||||
|
||||
<refsection>
|
||||
<title>Files</title>
|
||||
<para><filename>/etc/pki/nssdb/key4.db</filename></para>
|
||||
</refsection>
|
||||
|
||||
<refsection>
|
||||
<title>See also</title>
|
||||
<para>pkcs11.txt(5)</para>
|
||||
</refsection>
|
||||
|
||||
<refsection id="authors">
|
||||
<title>Authors</title>
|
||||
<para>The nss libraries were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google.</para>
|
||||
<para>Authors: Elio Maldonado <emaldona@redhat.com>.</para>
|
||||
</refsection>
|
||||
|
||||
<!-- don't change -->
|
||||
<refsection id="license">
|
||||
<title>LICENSE</title>
|
||||
<para>Licensed under the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
||||
</para>
|
||||
|
||||
</refsection>
|
||||
|
||||
|
||||
</refentry>
|
@ -1,539 +0,0 @@
|
||||
Index: nss/gtests/pk11_gtest/manifest.mn
|
||||
===================================================================
|
||||
--- nss.orig/gtests/pk11_gtest/manifest.mn
|
||||
+++ nss/gtests/pk11_gtest/manifest.mn
|
||||
@@ -23,6 +23,7 @@ CPPSRCS = \
|
||||
pk11_find_certs_unittest.cc \
|
||||
pk11_hkdf_unittest.cc \
|
||||
pk11_import_unittest.cc \
|
||||
+ pk11_kdf_unittest.cc \
|
||||
pk11_kbkdf.cc \
|
||||
pk11_keygen.cc \
|
||||
pk11_key_unittest.cc \
|
||||
Index: nss/gtests/pk11_gtest/pk11_kdf_unittest.cc
|
||||
===================================================================
|
||||
--- /dev/null
|
||||
+++ nss/gtests/pk11_gtest/pk11_kdf_unittest.cc
|
||||
@@ -0,0 +1,509 @@
|
||||
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
|
||||
+/* vim: set ts=2 et sw=2 tw=80: */
|
||||
+/* This Source Code Form is subject to the terms of the Mozilla Public
|
||||
+ * License, v. 2.0. If a copy of the MPL was not distributed with this file,
|
||||
+ * You can obtain one at http://mozilla.org/MPL/2.0/. */
|
||||
+
|
||||
+#include <memory>
|
||||
+#include "nss.h"
|
||||
+#include "pk11pub.h"
|
||||
+
|
||||
+#include "cpputil.h"
|
||||
+
|
||||
+#include "gtest/gtest.h"
|
||||
+
|
||||
+namespace nss_test {
|
||||
+
|
||||
+const size_t kGxySize = 256;
|
||||
+const size_t kSeedSize = 8;
|
||||
+const size_t kKeySize = 64;
|
||||
+const size_t kLongKeySize = 1056;
|
||||
+const size_t kAesXcbcLen = 16;
|
||||
+const size_t kSha1Len = 20;
|
||||
+const size_t kSha224Len = 28;
|
||||
+const size_t kSha256Len = 32;
|
||||
+const size_t kSha384Len = 48;
|
||||
+const size_t kSha512Len = 64;
|
||||
+
|
||||
+// This is not the right size for anything
|
||||
+const size_t kIncorrectSize = 17;
|
||||
+
|
||||
+const uint8_t kGxyData[] = {
|
||||
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
|
||||
+ 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
|
||||
+ 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23,
|
||||
+ 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
|
||||
+ 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b,
|
||||
+ 0x3c, 0x3d, 0x3e, 0x3f, 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47,
|
||||
+ 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f, 0x50, 0x51, 0x52, 0x53,
|
||||
+ 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f,
|
||||
+ 0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b,
|
||||
+ 0x6c, 0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77,
|
||||
+ 0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f, 0x80, 0x21, 0x22, 0x23,
|
||||
+ 0x84, 0x85, 0x86, 0x87, 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f,
|
||||
+ 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, 0x98, 0x99, 0x9a, 0x9b,
|
||||
+ 0x9c, 0x9d, 0x9e, 0x9f, 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7,
|
||||
+ 0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf, 0xb0, 0xb1, 0xb2, 0xb3,
|
||||
+ 0xb4, 0xb5, 0xb6, 0xb7, 0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf,
|
||||
+ 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, 0xc8, 0xc9, 0xca, 0xcb,
|
||||
+ 0xcc, 0xcd, 0xce, 0xcf, 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7,
|
||||
+ 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf, 0xe0, 0xe1, 0xe2, 0xe3,
|
||||
+ 0xe4, 0xe5, 0xe6, 0xe7, 0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef,
|
||||
+ 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb,
|
||||
+ 0xfc, 0xfd, 0xfe, 0xff};
|
||||
+
|
||||
+const uint8_t kKeyData[] = {
|
||||
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
|
||||
+ 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
|
||||
+ 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23,
|
||||
+ 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
|
||||
+ 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b,
|
||||
+ 0x3c, 0x3d, 0x3e, 0x3f};
|
||||
+
|
||||
+const uint8_t kSeed[] = {
|
||||
+ 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb,
|
||||
+ 0xfc, 0xfd, 0xfe, 0xff, 0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7,
|
||||
+ 0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef, 0xd0, 0xd1, 0xd2, 0xd3};
|
||||
+
|
||||
+const uint8_t kExpectedOutputIkeSha256[] = {
|
||||
+ 0xd3, 0x9d, 0xb2, 0x77, 0x4b, 0x7f, 0xea, 0x81, 0xfc, 0xe5, 0x22, 0xb7,
|
||||
+ 0xdf, 0xa5, 0x65, 0x15, 0xc9, 0x8f, 0x89, 0x45, 0xda, 0xd9, 0x5d, 0x12,
|
||||
+ 0xbb, 0x52, 0xb6, 0x3b, 0xf4, 0x4d, 0xaf, 0x16};
|
||||
+
|
||||
+const uint8_t kExpectedOutputIke1Sha256[] = {
|
||||
+ 0x25, 0x45, 0x68, 0xd2, 0x98, 0x96, 0xa3, 0xda, 0x89, 0x76, 0x06, 0x01,
|
||||
+ 0xd0, 0xce, 0xf8, 0x05, 0x26, 0x3f, 0xaf, 0x95, 0x92, 0x48, 0x02, 0x0e,
|
||||
+ 0x39, 0x75, 0x94, 0x00, 0x22, 0xd8, 0x5a, 0x50};
|
||||
+
|
||||
+const uint8_t kExpectedOutputIkePlusSha256[] = {
|
||||
+ 0x03, 0x1e, 0xe7, 0x13, 0x6e, 0x58, 0x11, 0xc4, 0x81, 0x56, 0x42, 0x3c,
|
||||
+ 0x3c, 0xaa, 0xdb, 0xad, 0x8a, 0x84, 0xdc, 0xa3, 0x0f, 0xe7, 0x67, 0x55,
|
||||
+ 0x9c, 0x9f, 0xb8, 0x57, 0xa9, 0x5b, 0x41, 0x53, 0x86, 0xe0, 0xb3, 0x21,
|
||||
+ 0x08, 0x1b, 0x38, 0x24, 0xce, 0xef, 0x7c, 0x89, 0x0d, 0xa7, 0xae, 0x14,
|
||||
+ 0x58, 0xbd, 0x79, 0x9c, 0x32, 0x25, 0x7f, 0x3e, 0xbd, 0xe1, 0xfb, 0x3a,
|
||||
+ 0x38, 0x51, 0x05, 0xaa, 0xc8, 0x37, 0x3e, 0x4e, 0x9b, 0x70, 0xb8, 0xe2,
|
||||
+ 0x21, 0xe7, 0x12, 0xb3, 0xf7, 0x64, 0x21, 0x9d, 0x52, 0x38, 0x41, 0xfb,
|
||||
+ 0x54, 0xaf, 0x59, 0xc3, 0xab, 0xf3, 0x7f, 0x64, 0xee, 0x17, 0xf5, 0xa8,
|
||||
+ 0x2b, 0xdf, 0x2d, 0xd3, 0x29, 0x0e, 0x4f, 0x31, 0x54, 0x25, 0x4e, 0x65,
|
||||
+ 0x52, 0xdf, 0x66, 0xfd, 0x49, 0x85, 0x1f, 0x87, 0x71, 0xa1, 0x5c, 0xfa,
|
||||
+ 0x99, 0xf5, 0x21, 0x9a, 0xbc, 0x55, 0x5b, 0x1c, 0x19, 0xd9, 0x4b, 0x42,
|
||||
+ 0xc5, 0xa0, 0xed, 0x1a, 0x1e, 0xf0, 0x04, 0x52, 0xb3, 0xd0, 0x0f, 0x48,
|
||||
+ 0x45, 0x00, 0xdc, 0x94, 0xae, 0xd8, 0x70, 0x2e, 0xdd, 0x12, 0xe1, 0x66,
|
||||
+ 0x72, 0xc2, 0x39, 0xd2, 0xc6, 0xfa, 0xdd, 0x8c, 0x11, 0x9c, 0x9d, 0x60,
|
||||
+ 0xd1, 0x08, 0x79, 0x62, 0xbb, 0x97, 0x45, 0x38, 0x2d, 0x83, 0x9c, 0x2e,
|
||||
+ 0x8f, 0x88, 0xa3, 0xad, 0x5b, 0x8e, 0x4e, 0x0e, 0xdb, 0xee, 0xaf, 0x1d,
|
||||
+ 0xf6, 0xe7, 0x7e, 0x28, 0xc5, 0xcf, 0x0c, 0xd9, 0xee, 0xde, 0xc8, 0x87,
|
||||
+ 0x00, 0xfe, 0x02, 0xd8, 0x30, 0xa6, 0x68, 0xec, 0x51, 0x22, 0xac, 0x4c,
|
||||
+ 0x38, 0x0f, 0xbb, 0x5c, 0xcb, 0xd5, 0x93, 0xda, 0xea, 0xd0, 0x1b, 0x41,
|
||||
+ 0x85, 0x8d, 0x12, 0x56, 0xbb, 0x90, 0x62, 0xc9, 0x91, 0x62, 0xf8, 0x29,
|
||||
+ 0x9a, 0x4f, 0xd8, 0x5e, 0x7d, 0x1f, 0x69, 0xe8, 0x23, 0x53, 0x26, 0x98,
|
||||
+ 0x98, 0x88, 0xfa, 0x14, 0xdc, 0xa3, 0x0f, 0xc7, 0x58, 0xb2, 0x6d, 0xa5,
|
||||
+ 0x34, 0x53, 0xb5, 0xc3, 0xcc, 0xbb, 0xd7, 0xd4, 0x80, 0xf3, 0x8c, 0x79,
|
||||
+ 0xd2, 0xac, 0x12, 0xa5, 0xf9, 0x99, 0xe7, 0x1b, 0x46, 0x16, 0x02, 0x6a,
|
||||
+ 0xa3, 0xc5, 0x20, 0xb5, 0x5a, 0x55, 0xbd, 0xac, 0x70, 0xf1, 0x5b, 0xe4,
|
||||
+ 0x45, 0x12, 0x7e, 0xcf, 0x12, 0xbf, 0x53, 0x7e, 0x3d, 0xbe, 0x53, 0x77,
|
||||
+ 0xc4, 0x2c, 0x17, 0x5f, 0xe5, 0xb9, 0x73, 0x01, 0x5d, 0x9b, 0x34, 0x3c,
|
||||
+ 0x45, 0xf0, 0xa4, 0x91, 0xaf, 0x34, 0xa2, 0xd6, 0x0a, 0x14, 0x98, 0x2c,
|
||||
+ 0x91, 0xd5, 0x8f, 0x12, 0xde, 0x7c, 0x61, 0xd8, 0x42, 0x07, 0x42, 0x1a,
|
||||
+ 0x01, 0x2b, 0xf6, 0x54, 0xd1, 0xde, 0x6d, 0x9c, 0x8b, 0x51, 0x81, 0x3e,
|
||||
+ 0x01, 0xd1, 0xfb, 0x5a, 0xcd, 0xf0, 0xeb, 0xcc, 0x03, 0xe2, 0xc1, 0x31,
|
||||
+ 0x92, 0x11, 0x88, 0x1f, 0xec, 0x81, 0x07, 0x78, 0x89, 0x89, 0x29, 0x19,
|
||||
+ 0x3f, 0x75, 0x01, 0x0e, 0x73, 0xbc, 0x1e, 0x76, 0x23, 0x80, 0x36, 0xaa,
|
||||
+ 0x2a, 0xd0, 0x77, 0x57, 0x6a, 0xea, 0xe2, 0xdb, 0xed, 0x17, 0x79, 0x3d,
|
||||
+ 0x8b, 0x8a, 0xbe, 0x32, 0x90, 0x2e, 0x1c, 0x00, 0xc2, 0x27, 0xb5, 0x64,
|
||||
+ 0x7c, 0xc3, 0xca, 0xb8, 0xaf, 0xcb, 0x17, 0x29, 0xec, 0x00, 0x5b, 0x83,
|
||||
+ 0x9f, 0xfe, 0x8b, 0xb6, 0x6f, 0x01, 0x23, 0x6b, 0xb3, 0xaa, 0x34, 0x3f,
|
||||
+ 0x5c, 0x66, 0x7c, 0xec, 0x15, 0x5a, 0xa9, 0x3c, 0xe2, 0xef, 0xcb, 0xe5,
|
||||
+ 0x79, 0xfa, 0xf2, 0x7c, 0x4e, 0x0f, 0x70, 0x41, 0xa4, 0x09, 0x07, 0x30,
|
||||
+ 0xbd, 0x28, 0x3f, 0x30, 0xd3, 0xc2, 0xbd, 0x06, 0x5e, 0x21, 0xbd, 0x20,
|
||||
+ 0xae, 0xa4, 0xa9, 0x7d, 0x91, 0xe8, 0x9d, 0x0a, 0x81, 0x02, 0xf7, 0xd6,
|
||||
+ 0x7c, 0x1f, 0xb6, 0xa5, 0x40, 0xb6, 0x25, 0xac, 0xce, 0x77, 0x20, 0xfa,
|
||||
+ 0x71, 0x79, 0x21, 0x94, 0xcd, 0x63, 0xcf, 0x62, 0xd4, 0xda, 0xc6, 0xe8,
|
||||
+ 0x3c, 0xdb, 0x86, 0x1e, 0x8d, 0x2d, 0x12, 0xf6, 0xea, 0xb0, 0xed, 0xf8,
|
||||
+ 0xfa, 0xc6, 0x37, 0xee, 0xca, 0x11, 0x1a, 0xac, 0x95, 0xf6, 0xe3, 0x02,
|
||||
+ 0x97, 0xba, 0xb2, 0xb2, 0x02, 0x82, 0xbe, 0x32, 0xa3, 0xe8, 0xf4, 0xae,
|
||||
+ 0x4e, 0xaf, 0x47, 0xb9, 0xe7, 0x91, 0x18, 0x90, 0xd8, 0xcb, 0x59, 0xed,
|
||||
+ 0xc2, 0x47, 0x6d, 0xe1, 0x9d, 0x74, 0xe6, 0xc7, 0xc0, 0xdc, 0x82, 0x5b,
|
||||
+ 0x6a, 0x7d, 0x1c, 0x58, 0xc8, 0x3d, 0x7d, 0xed, 0xdd, 0x60, 0x91, 0x9e,
|
||||
+ 0x68, 0x6e, 0x56, 0x33, 0x8b, 0xca, 0x35, 0xf8, 0x96, 0x67, 0x22, 0x3a,
|
||||
+ 0xb9, 0x02, 0xe9, 0x7c, 0xb1, 0xca, 0x25, 0xc2, 0xc8, 0xc7, 0xd8, 0x71,
|
||||
+ 0xfa, 0xfa, 0x76, 0xeb, 0x1d, 0x52, 0x75, 0xc6, 0x56, 0xf3, 0x1a, 0xd3,
|
||||
+ 0xda, 0xe4, 0x49, 0x7b, 0xd0, 0x77, 0x72, 0x06, 0xe7, 0xb9, 0xd9, 0x06,
|
||||
+ 0x87, 0x43, 0x6a, 0x52, 0xee, 0x3a, 0x71, 0x6e, 0x51, 0x8d, 0x55, 0x7a,
|
||||
+ 0xb1, 0x62, 0x75, 0xac, 0xa9, 0x89, 0x77, 0x93, 0x40, 0xef, 0x66, 0x44,
|
||||
+ 0x08, 0x49, 0xbb, 0xdb, 0x85, 0x0b, 0xd3, 0xfa, 0x37, 0x27, 0x41, 0xd1,
|
||||
+ 0x57, 0xc3, 0x95, 0xaa, 0x85, 0x5a, 0x43, 0x74, 0x39, 0x72, 0x08, 0xdf,
|
||||
+ 0x58, 0xe1, 0xf7, 0x95, 0x6c, 0xc1, 0xb1, 0x9b, 0x21, 0x53, 0xc1, 0xf9,
|
||||
+ 0xcc, 0x74, 0xf9, 0x62, 0xa4, 0xa0, 0x34, 0x22, 0xaa, 0x84, 0x78, 0x49,
|
||||
+ 0x50, 0xa9, 0x8e, 0x7b, 0xfa, 0xaa, 0xc2, 0xe8, 0xae, 0x34, 0x3d, 0xa7,
|
||||
+ 0xe1, 0x5a, 0x14, 0xa6, 0xd7, 0x6c, 0x67, 0xc7, 0x5e, 0xda, 0x79, 0x36,
|
||||
+ 0x57, 0x85, 0x5e, 0x09, 0xa2, 0x1f, 0x96, 0x5a, 0x71, 0xc2, 0xfe, 0x57,
|
||||
+ 0x5c, 0x4c, 0xe8, 0xbf, 0x9b, 0x5c, 0xd7, 0x06, 0x09, 0xb5, 0x63, 0x93,
|
||||
+ 0x7e, 0xee, 0x65, 0xef, 0x88, 0xe1, 0x60, 0x3e, 0x50, 0x84, 0x39, 0xb9,
|
||||
+ 0xae, 0xab, 0xad, 0xee, 0x31, 0x04, 0x7f, 0xed, 0x78, 0x35, 0xc0, 0x14,
|
||||
+ 0xa6, 0xc3, 0xeb, 0x3c, 0xd7, 0xc3, 0xb3, 0x6b, 0x58, 0x63, 0x7e, 0xa8,
|
||||
+ 0xc9, 0xb9, 0x23, 0xd3, 0xe5, 0xe7, 0xcc, 0x84, 0x63, 0xc8, 0xbd, 0x31,
|
||||
+ 0x9f, 0x02, 0x4e, 0x74, 0x98, 0xba, 0x8a, 0x0c, 0x80, 0xab, 0x10, 0xc4,
|
||||
+ 0xb2, 0x61, 0xad, 0x3d, 0x93, 0x9d, 0xdc, 0x76, 0xe5, 0x0e, 0x2e, 0x4b,
|
||||
+ 0x81, 0x3b, 0x1f, 0xd3, 0x54, 0xc0, 0x2a, 0xde, 0x0e, 0x1d, 0x59, 0x31,
|
||||
+ 0x5c, 0x28, 0xf8, 0x75, 0xfc, 0x71, 0x2e, 0xc1, 0x85, 0x90, 0x23, 0xfd,
|
||||
+ 0x2e, 0x8b, 0xb9, 0x52, 0x1a, 0xdf, 0x61, 0x54, 0x9b, 0x43, 0xa6, 0x8d,
|
||||
+ 0x5f, 0xd0, 0x52, 0x0b, 0x66, 0xbc, 0xf5, 0x1a, 0xce, 0x58, 0xef, 0xb3,
|
||||
+ 0x1d, 0x8d, 0x4b, 0x1b, 0xf3, 0x8e, 0xe6, 0x68, 0xc3, 0xd5, 0x95, 0x42,
|
||||
+ 0xf5, 0xb0, 0x73, 0x2c, 0x31, 0x71, 0x20, 0xf5, 0xdc, 0xbf, 0x56, 0x72,
|
||||
+ 0x53, 0xf9, 0xfe, 0xfa, 0x19, 0xdc, 0x46, 0xd1, 0x2b, 0xe3, 0xdb, 0x50,
|
||||
+ 0xec, 0x14, 0xee, 0x70, 0xcc, 0xe6, 0x11, 0x75, 0xb4, 0x63, 0xfc, 0xd1,
|
||||
+ 0x8f, 0x54, 0xfa, 0xcc, 0x99, 0xcc, 0xb8, 0x61, 0xa7, 0x33, 0x18, 0xa2,
|
||||
+ 0x17, 0xee, 0xb1, 0x82, 0x3d, 0x6a, 0x8d, 0x63, 0xe0, 0x15, 0x1b, 0x5c,
|
||||
+ 0x20, 0x53, 0x33, 0xa7, 0x85, 0x17, 0x81, 0xba, 0x18, 0x2a, 0x73, 0x00,
|
||||
+ 0x1e, 0x3e, 0x2c, 0xb5, 0x5f, 0x4e, 0x82, 0xa8, 0x09, 0xa0, 0x22, 0xdc,
|
||||
+ 0xc4, 0x76, 0x7c, 0x66, 0xf4, 0x78, 0xa1, 0x0a, 0xf7, 0x39, 0x06, 0x0a,
|
||||
+ 0xd7, 0x43, 0x72, 0x12, 0x3b, 0x8e, 0x7e, 0x62, 0x4f, 0x5a, 0x03, 0xe5,
|
||||
+ 0x22, 0x97, 0xdc, 0xbb, 0xaa, 0xa2, 0xc0, 0x03, 0x8e, 0x60, 0xd1, 0x61,
|
||||
+ 0xc7, 0xef, 0x0f, 0x54, 0x43, 0x4e, 0x38, 0xda, 0xb6, 0xe2, 0x5b, 0x0e,
|
||||
+ 0x45, 0xae, 0x39, 0x86, 0x85, 0x25, 0x30, 0xb1, 0x9d, 0xda, 0xdb, 0x70,
|
||||
+ 0xa7, 0xe5, 0x77, 0xb8, 0x47, 0xaa, 0xe7, 0x3e, 0xe8, 0x5a, 0x96, 0xc6,
|
||||
+ 0x0a, 0x0b, 0x07, 0x8d, 0x6d, 0xeb, 0x80, 0x0c, 0xd9, 0x80, 0x2d, 0x4d};
|
||||
+
|
||||
+const uint8_t kExpectedOutputIkeAppBSha256[] = {
|
||||
+ 0xe7, 0x11, 0x54, 0x6e, 0x3f, 0xaa, 0xd4, 0xc7, 0xc4, 0xaa, 0x75, 0x6b,
|
||||
+ 0xc2, 0x6c, 0xad, 0x6a, 0xbe, 0xa8, 0x24, 0x19, 0x84, 0xa0, 0xf6, 0xb0,
|
||||
+ 0x83, 0x9c, 0x70, 0xca, 0x61, 0xc4, 0xef, 0x88, 0xd7, 0xd5, 0xb7, 0x2e,
|
||||
+ 0x45, 0x32, 0xe1, 0x1d, 0x12, 0x38, 0xfb, 0xcb, 0x08, 0x54, 0xc7, 0xdb,
|
||||
+ 0xc4, 0x80, 0x2d, 0xd4, 0xf3, 0xbf, 0x51, 0x80, 0xf3, 0xa6, 0xdf, 0x77,
|
||||
+ 0x51, 0x61, 0xd8, 0xdb, 0x98, 0x2c, 0xc2, 0xe6, 0x72, 0x36, 0x90, 0xf9,
|
||||
+ 0xd2, 0x2a, 0x6d, 0x6c, 0xeb, 0x10, 0x3f, 0xa0, 0xa3, 0xff, 0xe4, 0x8b,
|
||||
+ 0x5a, 0x4a, 0x1b, 0xec, 0xb0, 0x48, 0xb0, 0xed, 0x16, 0x8a, 0x89, 0x31,
|
||||
+ 0x96, 0x5e, 0xa9, 0x11, 0x1f, 0x28, 0x68, 0x07, 0xf1, 0xa3, 0x2b, 0x01,
|
||||
+ 0x4f, 0x0b, 0x73, 0x78, 0x3b, 0xca, 0x4f, 0x8f, 0x34, 0xc0, 0x21, 0x14,
|
||||
+ 0xe3, 0xdf, 0xa1, 0xf7, 0x05, 0x63, 0xcb, 0x74, 0x7a, 0x90, 0x59, 0x19,
|
||||
+ 0xc9, 0xa9, 0x47, 0xcf, 0xe7, 0xbe, 0x04, 0xa7, 0x0c, 0x32, 0xdd, 0x34,
|
||||
+ 0x07, 0x8f, 0x4f, 0xb5, 0x75, 0xfb, 0xb9, 0x06, 0xd2, 0x55, 0x08, 0xce,
|
||||
+ 0x0a, 0x47, 0xc2, 0x64, 0x5f, 0xd5, 0xab, 0x55, 0x2a, 0x1a, 0x7e, 0xbd,
|
||||
+ 0xd5, 0x6d, 0x43, 0x89, 0x3c, 0x53, 0xde, 0x01, 0xfe, 0x19, 0x19, 0xc3,
|
||||
+ 0xaf, 0xa0, 0x64, 0x2d, 0x7e, 0xe1, 0x7e, 0x31, 0x61, 0xf9, 0xe6, 0x4f,
|
||||
+ 0x56, 0xc3, 0xc9, 0x7e, 0x92, 0xd7, 0x88, 0x58, 0x1a, 0x7f, 0x3c, 0x3e,
|
||||
+ 0xae, 0x3f, 0x86, 0xec, 0xb2, 0xaa, 0x8b, 0xaf, 0x22, 0x49, 0xa5, 0x3d,
|
||||
+ 0xc2, 0xb1, 0x94, 0x0f, 0x5b, 0x08, 0x49, 0xac, 0x23, 0xa4, 0x79, 0x33,
|
||||
+ 0xde, 0xfb, 0x8b, 0xd3, 0xe6, 0x6c, 0x83, 0xce, 0x01, 0xc7, 0xb4, 0x23,
|
||||
+ 0x5c, 0x6d, 0x81, 0xda, 0x70, 0x71, 0x43, 0x9c, 0x94, 0x6a, 0x9e, 0x03,
|
||||
+ 0x6d, 0xc3, 0x71, 0x69, 0x53, 0x83, 0x89, 0x08, 0x1b, 0x2b, 0x4b, 0xa8,
|
||||
+ 0x4a, 0x2a, 0xdf, 0x26, 0xaf, 0xc3, 0x8e, 0x59, 0x15, 0xa7, 0x24, 0x8f,
|
||||
+ 0x3c, 0xad, 0x08, 0xf2, 0x12, 0xe1, 0x42, 0x41, 0x0c, 0xcb, 0x3e, 0xf4,
|
||||
+ 0x71, 0xab, 0xb1, 0x16, 0x2c, 0xb7, 0xe1, 0x3f, 0x94, 0x03, 0x01, 0x78,
|
||||
+ 0xd7, 0x84, 0x1d, 0x63, 0x03, 0xfe, 0x4b, 0x3f, 0x40, 0xce, 0x30, 0x75,
|
||||
+ 0x10, 0xd1, 0xa4, 0xd3, 0x3c, 0x68, 0x9b, 0xc0, 0x6b, 0xdc, 0xe1, 0xda,
|
||||
+ 0x06, 0x41, 0x71, 0x20, 0x88, 0x82, 0x60, 0x2e, 0x48, 0x93, 0x78, 0x30,
|
||||
+ 0xb4, 0xb9, 0xe3, 0x88, 0x79, 0xf7, 0x0d, 0x0b, 0xa4, 0xae, 0x2e, 0x7b,
|
||||
+ 0x00, 0x82, 0x49, 0xbf, 0xe8, 0x07, 0xb4, 0x51, 0xd9, 0xa0, 0xf7, 0x8f,
|
||||
+ 0xe6, 0x24, 0x17, 0xd0, 0xa5, 0x58, 0xcc, 0x37, 0xf2, 0x86, 0x6e, 0xc2,
|
||||
+ 0xf0, 0xf0, 0x87, 0x64, 0xfa, 0x6e, 0x94, 0x99, 0x1a, 0xbc, 0xd9, 0xea,
|
||||
+ 0x48, 0x07, 0x38, 0x2e, 0x79, 0x61, 0x82, 0x69, 0x09, 0x6f, 0xbc, 0x8e,
|
||||
+ 0x44, 0x38, 0x0e, 0xc9, 0x6f, 0xcd, 0xb7, 0x39, 0x92, 0x02, 0x27, 0x23,
|
||||
+ 0x35, 0xcf, 0x4f, 0xf7, 0x52, 0x7b, 0x33, 0x93, 0xbd, 0x6c, 0x7c, 0xef,
|
||||
+ 0x39, 0x4b, 0x1a, 0x9f, 0xdf, 0x8f, 0x5c, 0x5b, 0x7b, 0xdb, 0x6b, 0xfd,
|
||||
+ 0x72, 0xe0, 0xb0, 0xc5, 0x97, 0x5b, 0x08, 0x6b, 0x17, 0x2f, 0x38, 0xd7,
|
||||
+ 0xbe, 0xf8, 0xd7, 0x20, 0xf5, 0x33, 0x68, 0x69, 0x16, 0xe5, 0x08, 0x05,
|
||||
+ 0x6c, 0x1b, 0xfa, 0xa8, 0x63, 0x55, 0xb4, 0x03, 0xb9, 0x89, 0xd7, 0x61,
|
||||
+ 0xf3, 0x9a, 0xf6, 0x45, 0xb4, 0xb2, 0x16, 0x5d, 0xf3, 0x09, 0x7b, 0x09,
|
||||
+ 0x09, 0x75, 0x0a, 0xbd, 0xdf, 0x7d, 0xe6, 0x1e, 0x07, 0xec, 0x7c, 0x14,
|
||||
+ 0xac, 0x4b, 0x68, 0xa8, 0x44, 0x5f, 0x77, 0x36, 0xb8, 0x1d, 0x7c, 0x73,
|
||||
+ 0x82, 0x80, 0xc2, 0x52, 0x55, 0x2c, 0x5d, 0xba, 0x53, 0x79, 0x45, 0xad,
|
||||
+ 0x51, 0x98, 0xbb, 0x8a, 0xea, 0x4f, 0x19, 0x22, 0x22, 0x69, 0xd3, 0x3a,
|
||||
+ 0x72, 0xd8, 0xe3, 0x37, 0xf4, 0x3b, 0xf3, 0xf1, 0x52, 0x48, 0x4d, 0xbf,
|
||||
+ 0xa5, 0x7a, 0xef, 0x44, 0x53, 0x7b, 0x6e, 0x6c, 0xb7, 0x1a, 0xa8, 0x75,
|
||||
+ 0xaf, 0xdb, 0x15, 0x05, 0x53, 0xc8, 0xb9, 0x9c, 0xea, 0x1a, 0xf7, 0x9d,
|
||||
+ 0x9b, 0xb6, 0xa6, 0x5e, 0x0f, 0xf7, 0x49, 0x7e, 0xc9, 0x12, 0x38, 0x3d,
|
||||
+ 0x78, 0xaf, 0x80, 0x3d, 0x76, 0x6d, 0x96, 0x4f, 0x06, 0xff, 0xdf, 0xc5,
|
||||
+ 0x9c, 0x47, 0xbe, 0x3e, 0x3d, 0xc2, 0x2a, 0x41, 0x15, 0x7e, 0xbd, 0xab,
|
||||
+ 0x12, 0x02, 0xfe, 0xa5, 0x4f, 0xb4, 0x1a, 0xf5, 0x6a, 0xed, 0xff, 0x50,
|
||||
+ 0x5a, 0x56, 0x7b, 0x2f, 0xff, 0xff, 0x29, 0xb5, 0x77, 0xf4, 0x38, 0xb3,
|
||||
+ 0x40, 0xd9, 0x17, 0x89, 0x43, 0x3f, 0x86, 0x29, 0x50, 0xce, 0x72, 0xde,
|
||||
+ 0x55, 0x63, 0x06, 0x14, 0x50, 0xae, 0xc1, 0x49, 0x10, 0x55, 0x21, 0xeb,
|
||||
+ 0x68, 0xe7, 0xfc, 0xc7, 0xf5, 0x92, 0xc5, 0xf2, 0xe2, 0xc9, 0xdb, 0x42,
|
||||
+ 0x59, 0x44, 0x0e, 0xda, 0x23, 0x50, 0x62, 0xef, 0x6e, 0xae, 0x1c, 0x0e,
|
||||
+ 0x93, 0x74, 0xa6, 0xdb, 0x4c, 0xc7, 0x4b, 0xa6, 0xe2, 0x3a, 0xe3, 0x03,
|
||||
+ 0x22, 0xd1, 0xe4, 0x21, 0x13, 0x98, 0x6a, 0xeb, 0x43, 0xbf, 0xe6, 0x8a,
|
||||
+ 0xfb, 0x28, 0x15, 0x47, 0x7e, 0xaa, 0x12, 0x60, 0x08, 0x23, 0xc6, 0x59,
|
||||
+ 0xeb, 0xc1, 0x71, 0x18, 0x03, 0x16, 0x7f, 0x75, 0x5f, 0x65, 0x8a, 0x7f,
|
||||
+ 0x1d, 0xae, 0x98, 0x94, 0xa4, 0xb1, 0xf5, 0xcc, 0x0a, 0x6f, 0x62, 0x79,
|
||||
+ 0x27, 0x38, 0x32, 0x73, 0x90, 0xc8, 0x3f, 0x70, 0xf7, 0x44, 0xcf, 0xfd,
|
||||
+ 0xc8, 0xfa, 0xcb, 0x3e, 0x73, 0x5f, 0x1d, 0xde, 0xb5, 0x73, 0x4d, 0x00,
|
||||
+ 0x2a, 0xce, 0x77, 0x92, 0x17, 0x0f, 0xcf, 0xbf, 0x87, 0x78, 0xdc, 0xbc,
|
||||
+ 0x83, 0xb3, 0x86, 0xd5, 0x32, 0xf5, 0x17, 0x73, 0xba, 0x90, 0xae, 0xc4,
|
||||
+ 0x40, 0x25, 0x26, 0xde, 0x8c, 0x5e, 0xbb, 0x83, 0x0e, 0x27, 0xd5, 0x0a,
|
||||
+ 0x4d, 0x89, 0xf0, 0xf3, 0x0f, 0xb5, 0x7d, 0xe3, 0x04, 0x6b, 0x5a, 0x59,
|
||||
+ 0xf4, 0x0a, 0x23, 0xc9, 0xe9, 0xe5, 0x1c, 0x20, 0x43, 0xac, 0xe2, 0x61,
|
||||
+ 0x10, 0x8d, 0x20, 0x83, 0xe7, 0x60, 0x28, 0x32, 0xd0, 0x15, 0x67, 0xf1,
|
||||
+ 0xaf, 0xd4, 0xcb, 0x2a, 0xec, 0xc5, 0xe2, 0xe7, 0xa2, 0x57, 0x18, 0x3d,
|
||||
+ 0x5e, 0xdd, 0x14, 0x88, 0x39, 0x59, 0x10, 0x9c, 0xa9, 0xf9, 0xd9, 0xb9,
|
||||
+ 0xdd, 0x09, 0xb0, 0x2f, 0x5a, 0x30, 0x0f, 0xbf, 0x34, 0x8a, 0xf1, 0x62,
|
||||
+ 0x40, 0x15, 0x4e, 0xe9, 0x69, 0x2f, 0x94, 0x87, 0x07, 0xf0, 0x01, 0xa2,
|
||||
+ 0x8f, 0x11, 0xb9, 0x31, 0x4c, 0x2b, 0x7d, 0x7f, 0x6c, 0x04, 0xd6, 0x91,
|
||||
+ 0x4d, 0x71, 0x6b, 0x8c, 0xa7, 0x47, 0xb1, 0x34, 0x34, 0x08, 0xda, 0x5b,
|
||||
+ 0xcb, 0x82, 0xbb, 0x5b, 0x14, 0x27, 0x2a, 0x20, 0x25, 0xda, 0xbe, 0x1d,
|
||||
+ 0x21, 0xa8, 0x68, 0x77, 0xf4, 0x17, 0xaf, 0x7f, 0x22, 0xda, 0xd4, 0xc6,
|
||||
+ 0x38, 0x0c, 0xbe, 0xf1, 0xa5, 0x0b, 0x17, 0x83, 0x22, 0xb3, 0x5b, 0x12,
|
||||
+ 0x1f, 0x0a, 0x18, 0x14, 0x46, 0xbf, 0x9b, 0xc0, 0x53, 0x7a, 0x83, 0x40,
|
||||
+ 0xde, 0x1a, 0x9d, 0xf0, 0x3b, 0x66, 0x74, 0x01, 0xa1, 0xfc, 0x29, 0xde,
|
||||
+ 0x08, 0x66, 0x85, 0x56, 0x2c, 0xc8, 0x30, 0xb7, 0x42, 0x1f, 0xa2, 0x32,
|
||||
+ 0x28, 0xc4, 0xc5, 0xfe, 0xea, 0xb0, 0x4e, 0x81, 0x59, 0x74, 0x90, 0x93,
|
||||
+ 0xb1, 0x1c, 0x5c, 0x4f, 0x54, 0x5e, 0xcc, 0xd7, 0x1d, 0x75, 0xd2, 0x3d,
|
||||
+ 0x77, 0xff, 0x72, 0xa8, 0x74, 0x31, 0xec, 0x74, 0xe8, 0xcc, 0x69, 0xce,
|
||||
+ 0xde, 0xe5, 0x05, 0x1e, 0xc2, 0x99, 0x90, 0x22, 0xe5, 0x10, 0xd4, 0xaf,
|
||||
+ 0x52, 0xe3, 0x47, 0xf4, 0x38, 0xeb, 0xa3, 0xd2, 0x72, 0x64, 0xb2, 0xd3,
|
||||
+ 0x0c, 0x0c, 0xaa, 0xae, 0x29, 0xb5, 0x38, 0xd4, 0x52, 0xfa, 0x96, 0x17,
|
||||
+ 0x7a, 0x18, 0xe8, 0x89, 0xd2, 0xd5, 0xd9, 0xae, 0x5a, 0x0e, 0x25, 0x8d};
|
||||
+
|
||||
+class IkeKdfTest : public ::testing::Test {
|
||||
+ public:
|
||||
+ IkeKdfTest()
|
||||
+ : params_({siBuffer, nullptr, 0}),
|
||||
+ gxy_item_({siBuffer, toUcharPtr(kGxyData), kGxySize}),
|
||||
+ skey_item_({siBuffer, toUcharPtr(kKeyData), kKeySize}),
|
||||
+ key_mech_(0),
|
||||
+ slot_(nullptr),
|
||||
+ gxy_(nullptr),
|
||||
+ skey_(nullptr),
|
||||
+ okey_(nullptr) {}
|
||||
+
|
||||
+ ~IkeKdfTest() {
|
||||
+ if (slot_) {
|
||||
+ PK11_FreeSlot(slot_);
|
||||
+ }
|
||||
+ if (gxy_) {
|
||||
+ PK11_FreeSymKey(gxy_);
|
||||
+ }
|
||||
+ ClearTempVars();
|
||||
+ }
|
||||
+
|
||||
+ void ClearTempVars() {
|
||||
+ if (skey_) {
|
||||
+ PK11_FreeSymKey(skey_);
|
||||
+ skey_ = nullptr;
|
||||
+ }
|
||||
+ if (okey_) {
|
||||
+ PK11_FreeSymKey(okey_);
|
||||
+ okey_ = nullptr;
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ void Init() {
|
||||
+ params_.type = siBuffer;
|
||||
+
|
||||
+ gxy_item_.type = siBuffer;
|
||||
+ gxy_item_.data =
|
||||
+ const_cast<unsigned char*>(static_cast<const unsigned char*>(kGxyData));
|
||||
+ gxy_item_.len = sizeof(kGxyData);
|
||||
+ skey_item_.type = siBuffer;
|
||||
+ skey_item_.data =
|
||||
+ const_cast<unsigned char*>(static_cast<const unsigned char*>(kKeyData));
|
||||
+
|
||||
+ slot_ = PK11_GetInternalSlot();
|
||||
+ ASSERT_NE(nullptr, slot_);
|
||||
+ gxy_ = PK11_ImportSymKey(slot_, CKM_NSS_IKE_PRF_DERIVE, PK11_OriginUnwrap,
|
||||
+ CKA_DERIVE, &gxy_item_, NULL);
|
||||
+ ASSERT_NE(nullptr, gxy_);
|
||||
+ }
|
||||
+
|
||||
+ void ComputeAndVerifyKey(CK_MECHANISM_TYPE derive_mech,
|
||||
+ CK_MECHANISM_TYPE hash_mech, const uint8_t* expected) {
|
||||
+ // Infer prf length from mechanism
|
||||
+ int prf_len = 0;
|
||||
+ std::string mac = "unknown";
|
||||
+
|
||||
+ switch (hash_mech) {
|
||||
+ case CKM_AES_XCBC_MAC:
|
||||
+ prf_len = kAesXcbcLen;
|
||||
+ mac = "CKM_AES_XCBC_MAC";
|
||||
+ break;
|
||||
+ case CKM_SHA_1_HMAC:
|
||||
+ prf_len = kSha1Len;
|
||||
+ mac = "CKM_SHA_1_HMAC";
|
||||
+ break;
|
||||
+ case CKM_SHA224_HMAC:
|
||||
+ prf_len = kSha224Len;
|
||||
+ mac = "CKM_SHA224_HMAC";
|
||||
+ break;
|
||||
+ case CKM_SHA256_HMAC:
|
||||
+ prf_len = kSha256Len;
|
||||
+ mac = "CKM_SHA256_HMAC";
|
||||
+ break;
|
||||
+ case CKM_SHA384_HMAC:
|
||||
+ prf_len = kSha384Len;
|
||||
+ mac = "CKM_SHA384_HMAC";
|
||||
+ break;
|
||||
+ case CKM_SHA512_HMAC:
|
||||
+ prf_len = kSha512Len;
|
||||
+ mac = "CKM_SHA512_HMAC";
|
||||
+ break;
|
||||
+ default:
|
||||
+ ASSERT_TRUE(false) << "Invalid PRF Mechanism";
|
||||
+ }
|
||||
+
|
||||
+ Inner(derive_mech, hash_mech, mac, prf_len, expected);
|
||||
+ }
|
||||
+
|
||||
+ // Set output == nullptr to test when errors occur
|
||||
+ void Inner(CK_MECHANISM_TYPE derive_mech, CK_MECHANISM_TYPE hash_mech,
|
||||
+ std::string mac, size_t prf_len, const uint8_t* expected) {
|
||||
+ PRBool use_skey = PR_FALSE;
|
||||
+ size_t output_len = 0;
|
||||
+ PK11SymKey *derive_key = nullptr;
|
||||
+ std::stringstream s;
|
||||
+ s << "Derive:";
|
||||
+ std::string msg;
|
||||
+
|
||||
+ ClearTempVars();
|
||||
+
|
||||
+ // Import the params
|
||||
+ CK_NSS_IKE_PRF_DERIVE_PARAMS ike_prf;
|
||||
+ CK_NSS_IKE1_PRF_DERIVE_PARAMS ike1_prf;
|
||||
+ CK_NSS_IKE_PRF_PLUS_DERIVE_PARAMS ikep_prf;
|
||||
+ CK_MECHANISM_TYPE ike1_app_b;
|
||||
+
|
||||
+ switch (derive_mech) {
|
||||
+ case CKM_NSS_IKE_PRF_DERIVE:
|
||||
+ ike_prf.prfMechanism = hash_mech;
|
||||
+ ike_prf.bDataAsKey = PR_TRUE;
|
||||
+ ike_prf.bRekey = PR_FALSE;
|
||||
+ ike_prf.pNi = toUcharPtr(kSeed);
|
||||
+ ike_prf.ulNiLen = kSeedSize;
|
||||
+ ike_prf.pNr = toUcharPtr(kSeed);
|
||||
+ ike_prf.ulNrLen = kSeedSize;
|
||||
+ ike_prf.hNewKey = CK_INVALID_HANDLE;
|
||||
+ output_len = 0;
|
||||
+ use_skey = PR_FALSE;
|
||||
+ params_.data = reinterpret_cast<unsigned char*>(&ike_prf);
|
||||
+ params_.len = sizeof(ike_prf);
|
||||
+ s << "CKM_NSS_IKE_PRF_DERIVE";
|
||||
+ break;
|
||||
+ case CKM_NSS_IKE_PRF_PLUS_DERIVE:
|
||||
+ ikep_prf.prfMechanism = hash_mech;
|
||||
+ ikep_prf.bHasSeedKey = PR_FALSE;
|
||||
+ ikep_prf.pSeedData= toUcharPtr(kSeed);
|
||||
+ ikep_prf.ulSeedDataLen = kSeedSize*4;
|
||||
+ output_len = kLongKeySize;
|
||||
+ use_skey = PR_TRUE;
|
||||
+ params_.data = reinterpret_cast<unsigned char*>(&ikep_prf);
|
||||
+ params_.len = sizeof(ikep_prf);
|
||||
+ s << "CKM_NSS_IKE_PRF_PLUS_DERIVE";
|
||||
+ break;
|
||||
+ case CKM_NSS_IKE1_PRF_DERIVE:
|
||||
+ ike1_prf.prfMechanism = hash_mech;
|
||||
+ ike1_prf.bHasPrevKey = PR_FALSE;
|
||||
+ ike1_prf.hKeygxy = PK11_GetSymKeyHandle(gxy_);
|
||||
+ ike1_prf.hPrevKey = CK_INVALID_HANDLE;
|
||||
+ ike1_prf.pCKYi = toUcharPtr(kSeed);
|
||||
+ ike1_prf.ulCKYiLen = kSeedSize;
|
||||
+ ike1_prf.pCKYr = toUcharPtr(kSeed);
|
||||
+ ike1_prf.ulCKYrLen = kSeedSize;
|
||||
+ ike1_prf.keyNumber = 0;
|
||||
+ output_len = prf_len;
|
||||
+ use_skey = PR_TRUE;
|
||||
+ params_.data = reinterpret_cast<unsigned char*>(&ike1_prf);
|
||||
+ params_.len = sizeof(ike1_prf);
|
||||
+ s << "CKM_NSS_IKE1_PRF_DERIVE";
|
||||
+ break;
|
||||
+ case CKM_NSS_IKE1_APP_B_PRF_DERIVE:
|
||||
+ ike1_app_b = hash_mech;
|
||||
+ output_len = kLongKeySize;
|
||||
+ use_skey = PR_TRUE;
|
||||
+ params_.data = reinterpret_cast<unsigned char*>(&ike1_app_b);
|
||||
+ params_.len = sizeof(ike1_app_b);
|
||||
+ s << "CKM_NSS_IKE1_APP_B_DERIVE";
|
||||
+ break;
|
||||
+ default:
|
||||
+ ASSERT_TRUE(false) << "Invalid IKE DERIVE mechanism";
|
||||
+ }
|
||||
+
|
||||
+ s << " Mac/Prf:" << mac;
|
||||
+ msg = s.str();
|
||||
+
|
||||
+
|
||||
+ // Import the PMS
|
||||
+ derive_key = gxy_;
|
||||
+ if (use_skey) {
|
||||
+ skey_item_.len = prf_len;
|
||||
+ skey_ = PK11_ImportSymKey(slot_, derive_mech, PK11_OriginUnwrap,
|
||||
+ CKA_DERIVE, &skey_item_, NULL);
|
||||
+ ASSERT_NE(nullptr, skey_) << msg;
|
||||
+ derive_key = skey_;
|
||||
+ }
|
||||
+
|
||||
+ // Compute the result key
|
||||
+ okey_ = PK11_DeriveWithFlags(derive_key, derive_mech, ¶ms_, key_mech_,
|
||||
+ CKA_DERIVE, output_len, CKF_SIGN | CKF_VERIFY);
|
||||
+
|
||||
+ // Verify the result has the expected value (null or otherwise)
|
||||
+ int error = PORT_GetError();
|
||||
+ s << " Error=" << error;
|
||||
+ msg = s.str();
|
||||
+ if (!expected) {
|
||||
+ EXPECT_EQ(nullptr, okey_) << msg;
|
||||
+ } else {
|
||||
+ ASSERT_NE(nullptr, okey_) << msg;
|
||||
+
|
||||
+ SECStatus rv = PK11_ExtractKeyValue(okey_);
|
||||
+ ASSERT_EQ(SECSuccess, rv) << "PK11_ExtractKeyValue";
|
||||
+
|
||||
+ SECItem* oData = PK11_GetKeyData(okey_);
|
||||
+ ASSERT_NE(nullptr, oData) << "PK11_GetKeyData";
|
||||
+
|
||||
+ if (output_len == 0) {
|
||||
+ output_len = prf_len;
|
||||
+ }
|
||||
+ s << "\n" << "output_len=" << output_len << " oData->len=" << oData->len << ".\n";
|
||||
+ for (unsigned int i=0; i < oData->len; i++) {
|
||||
+ if (i % 12 == 0) s << "\n ";
|
||||
+ s << " 0x" << std::setfill('0')
|
||||
+ << std::setw(2) << std::hex << (int) oData->data[i] << ",";
|
||||
+ }
|
||||
+ s << "};\n";
|
||||
+ msg = s.str();
|
||||
+ ASSERT_EQ(output_len, oData->len) << msg ;
|
||||
+
|
||||
+ EXPECT_EQ(0, memcmp(oData->data, expected, output_len)) << msg;
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ protected:
|
||||
+ SECItem params_;
|
||||
+ SECItem gxy_item_;
|
||||
+ SECItem skey_item_;
|
||||
+ CK_MECHANISM_TYPE key_mech_;
|
||||
+ PK11SlotInfo* slot_;
|
||||
+ PK11SymKey* gxy_;
|
||||
+ PK11SymKey* skey_;
|
||||
+ PK11SymKey* okey_;
|
||||
+};
|
||||
+
|
||||
+//
|
||||
+// The full range is tested with the FIPS vectors in the cavs tests.
|
||||
+// just make sure the NSS Derive iterfaces are working for everything.
|
||||
+//
|
||||
+TEST_F(IkeKdfTest, IkePrfSha256) {
|
||||
+ Init();
|
||||
+ ComputeAndVerifyKey(CKM_NSS_IKE_PRF_DERIVE, CKM_SHA256_HMAC,
|
||||
+ kExpectedOutputIkeSha256);
|
||||
+}
|
||||
+
|
||||
+TEST_F(IkeKdfTest, Ike1PrfSha256) {
|
||||
+ Init();
|
||||
+ ComputeAndVerifyKey(CKM_NSS_IKE1_PRF_DERIVE, CKM_SHA256_HMAC,
|
||||
+ kExpectedOutputIke1Sha256);
|
||||
+}
|
||||
+
|
||||
+TEST_F(IkeKdfTest, IkePlusPrfSha256) {
|
||||
+ Init();
|
||||
+ ComputeAndVerifyKey(CKM_NSS_IKE_PRF_PLUS_DERIVE, CKM_SHA256_HMAC,
|
||||
+ kExpectedOutputIkePlusSha256);
|
||||
+}
|
||||
+
|
||||
+TEST_F(IkeKdfTest, Ike1AppBPrfSha256) {
|
||||
+ Init();
|
||||
+ ComputeAndVerifyKey(CKM_NSS_IKE1_APP_B_PRF_DERIVE, CKM_SHA256_HMAC,
|
||||
+ kExpectedOutputIkeAppBSha256);
|
||||
+}
|
||||
+
|
||||
+} // namespace nss_test
|
||||
Index: nss/lib/softoken/sftkike.c
|
||||
===================================================================
|
||||
--- nss.orig/lib/softoken/sftkike.c
|
||||
+++ nss/lib/softoken/sftkike.c
|
||||
@@ -774,7 +774,7 @@ sftk_ike1_appendix_b_prf(CK_SESSION_HAND
|
||||
* key is inKey
|
||||
*/
|
||||
thisKey = outKeyData;
|
||||
- for (genKeySize = 0; genKeySize <= keySize; genKeySize += macSize) {
|
||||
+ for (genKeySize = 0; genKeySize < keySize; genKeySize += macSize) {
|
||||
PRBool hashedData = PR_FALSE;
|
||||
crv = prf_init(&context, inKey->attrib.pValue, inKey->attrib.ulValueLen);
|
||||
if (crv != CKR_OK) {
|
@ -1,12 +0,0 @@
|
||||
diff -up ./lib/pk11wrap/pk11pub.h.strict_proto_fix ./lib/pk11wrap/pk11pub.h
|
||||
--- ./lib/pk11wrap/pk11pub.h.strict_proto_fix 2020-06-04 16:48:54.721954514 -0700
|
||||
+++ ./lib/pk11wrap/pk11pub.h 2020-06-04 16:49:17.074066050 -0700
|
||||
@@ -948,7 +948,7 @@ PRBool SECMOD_HasRootCerts(void);
|
||||
* the system state independent of the database state and can be called
|
||||
* before NSS initializes.
|
||||
*/
|
||||
-int SECMOD_GetSystemFIPSEnabled();
|
||||
+int SECMOD_GetSystemFIPSEnabled(void);
|
||||
|
||||
SEC_END_PROTOS
|
||||
|
@ -1,74 +0,0 @@
|
||||
|
||||
# HG changeset patch
|
||||
# User Benjamin Beurdouche <bbeurdouche@mozilla.com>
|
||||
# Date 1595031218 0
|
||||
# Node ID c25adfdfab34ddb08d3262aac3242e3399de1095
|
||||
# Parent f282556e6cc7715f5754aeaadda6f902590e7e38
|
||||
Bug 1636771 - Fix incorrect call to Chacha20Poly1305 by PKCS11. r=jcj,kjacobs,rrelyea
|
||||
|
||||
Differential Revision: https://phabricator.services.mozilla.com/D74801
|
||||
|
||||
diff --git a/gtests/pk11_gtest/pk11_chacha20poly1305_unittest.cc b/gtests/pk11_gtest/pk11_chacha20poly1305_unittest.cc
|
||||
--- a/gtests/pk11_gtest/pk11_chacha20poly1305_unittest.cc
|
||||
+++ b/gtests/pk11_gtest/pk11_chacha20poly1305_unittest.cc
|
||||
@@ -40,28 +40,35 @@ class Pkcs11ChaCha20Poly1305Test
|
||||
aead_params.ulNonceLen = iv_len;
|
||||
aead_params.pAAD = toUcharPtr(aad);
|
||||
aead_params.ulAADLen = aad_len;
|
||||
aead_params.ulTagLen = 16;
|
||||
|
||||
SECItem params = {siBuffer, reinterpret_cast<unsigned char*>(&aead_params),
|
||||
sizeof(aead_params)};
|
||||
|
||||
- // Encrypt with bad parameters.
|
||||
+ // Encrypt with bad parameters (TagLen is too long).
|
||||
unsigned int encrypted_len = 0;
|
||||
std::vector<uint8_t> encrypted(data_len + aead_params.ulTagLen);
|
||||
aead_params.ulTagLen = 158072;
|
||||
SECStatus rv =
|
||||
PK11_Encrypt(key.get(), kMech, ¶ms, encrypted.data(),
|
||||
&encrypted_len, encrypted.size(), data, data_len);
|
||||
EXPECT_EQ(SECFailure, rv);
|
||||
EXPECT_EQ(0U, encrypted_len);
|
||||
- aead_params.ulTagLen = 16;
|
||||
+
|
||||
+ // Encrypt with bad parameters (TagLen is too short).
|
||||
+ aead_params.ulTagLen = 2;
|
||||
+ rv = PK11_Encrypt(key.get(), kMech, ¶ms, encrypted.data(),
|
||||
+ &encrypted_len, encrypted.size(), data, data_len);
|
||||
+ EXPECT_EQ(SECFailure, rv);
|
||||
+ EXPECT_EQ(0U, encrypted_len);
|
||||
|
||||
// Encrypt.
|
||||
+ aead_params.ulTagLen = 16;
|
||||
rv = PK11_Encrypt(key.get(), kMech, ¶ms, encrypted.data(),
|
||||
&encrypted_len, encrypted.size(), data, data_len);
|
||||
|
||||
// Return if encryption failure was expected due to invalid IV.
|
||||
// Without valid ciphertext, all further tests can be skipped.
|
||||
if (invalid_iv) {
|
||||
EXPECT_EQ(rv, SECFailure);
|
||||
EXPECT_EQ(0U, encrypted_len)
|
||||
diff --git a/lib/freebl/chacha20poly1305.c b/lib/freebl/chacha20poly1305.c
|
||||
--- a/lib/freebl/chacha20poly1305.c
|
||||
+++ b/lib/freebl/chacha20poly1305.c
|
||||
@@ -76,17 +76,17 @@ ChaCha20Poly1305_InitContext(ChaCha20Pol
|
||||
{
|
||||
#ifdef NSS_DISABLE_CHACHAPOLY
|
||||
return SECFailure;
|
||||
#else
|
||||
if (keyLen != 32) {
|
||||
PORT_SetError(SEC_ERROR_BAD_KEY);
|
||||
return SECFailure;
|
||||
}
|
||||
- if (tagLen == 0 || tagLen > 16) {
|
||||
+ if (tagLen != 16) {
|
||||
PORT_SetError(SEC_ERROR_INPUT_LEN);
|
||||
return SECFailure;
|
||||
}
|
||||
|
||||
PORT_Memcpy(ctx->key, key, sizeof(ctx->key));
|
||||
ctx->tagLen = tagLen;
|
||||
|
||||
return SECSuccess;
|
||||
|
@ -1,96 +0,0 @@
|
||||
|
||||
# HG changeset patch
|
||||
# User Benjamin Beurdouche <bbeurdouche@mozilla.com>
|
||||
# Date 1595031194 0
|
||||
# Node ID f282556e6cc7715f5754aeaadda6f902590e7e38
|
||||
# Parent 89733253df83ef7fe8dd0d49f6370b857e93d325
|
||||
Bug 1636771 - Disable PKCS11 incremental mode for ChaCha20. r=kjacobs,rrelyea
|
||||
|
||||
Depends on D74801
|
||||
|
||||
Differential Revision: https://phabricator.services.mozilla.com/D83994
|
||||
|
||||
diff --git a/gtests/pk11_gtest/pk11_cipherop_unittest.cc b/gtests/pk11_gtest/pk11_cipherop_unittest.cc
|
||||
--- a/gtests/pk11_gtest/pk11_cipherop_unittest.cc
|
||||
+++ b/gtests/pk11_gtest/pk11_cipherop_unittest.cc
|
||||
@@ -72,9 +72,58 @@ TEST(Pkcs11CipherOp, SingleCtxMultipleUn
|
||||
ASSERT_EQ(GetBytes(ctx, outbuf, 17), SECSuccess);
|
||||
|
||||
PK11_FreeSymKey(key);
|
||||
PK11_FreeSlot(slot);
|
||||
PK11_DestroyContext(ctx, PR_TRUE);
|
||||
NSS_ShutdownContext(globalctx);
|
||||
}
|
||||
|
||||
+TEST(Pkcs11CipherOp, SingleCtxMultipleUnalignedCipherOpsChaCha20) {
|
||||
+ PK11SlotInfo* slot;
|
||||
+ PK11SymKey* key;
|
||||
+ PK11Context* ctx;
|
||||
+
|
||||
+ NSSInitContext* globalctx =
|
||||
+ NSS_InitContext("", "", "", "", NULL,
|
||||
+ NSS_INIT_READONLY | NSS_INIT_NOCERTDB | NSS_INIT_NOMODDB |
|
||||
+ NSS_INIT_FORCEOPEN | NSS_INIT_NOROOTINIT);
|
||||
+
|
||||
+ const CK_MECHANISM_TYPE cipher = CKM_NSS_CHACHA20_CTR;
|
||||
+
|
||||
+ slot = PK11_GetInternalSlot();
|
||||
+ ASSERT_TRUE(slot);
|
||||
+
|
||||
+ // Use arbitrary bytes for the ChaCha20 key and IV
|
||||
+ uint8_t key_bytes[32];
|
||||
+ for (size_t i = 0; i < 32; i++) {
|
||||
+ key_bytes[i] = i;
|
||||
+ }
|
||||
+ SECItem keyItem = {siBuffer, key_bytes, 32};
|
||||
+
|
||||
+ uint8_t iv_bytes[16];
|
||||
+ for (size_t i = 0; i < 16; i++) {
|
||||
+ key_bytes[i] = i;
|
||||
+ }
|
||||
+ SECItem ivItem = {siBuffer, iv_bytes, 16};
|
||||
+
|
||||
+ SECItem* param = PK11_ParamFromIV(cipher, &ivItem);
|
||||
+
|
||||
+ key = PK11_ImportSymKey(slot, cipher, PK11_OriginUnwrap, CKA_ENCRYPT,
|
||||
+ &keyItem, NULL);
|
||||
+ ctx = PK11_CreateContextBySymKey(cipher, CKA_ENCRYPT, key, param);
|
||||
+ ASSERT_TRUE(key);
|
||||
+ ASSERT_TRUE(ctx);
|
||||
+
|
||||
+ uint8_t outbuf[128];
|
||||
+ // This is supposed to fail for Chacha20. This is because the underlying
|
||||
+ // PK11_CipherOp operation is calling the C_EncryptUpdate function for
|
||||
+ // which multi-part is disabled for ChaCha20 in counter mode.
|
||||
+ ASSERT_EQ(GetBytes(ctx, outbuf, 7), SECFailure);
|
||||
+
|
||||
+ PK11_FreeSymKey(key);
|
||||
+ PK11_FreeSlot(slot);
|
||||
+ SECITEM_FreeItem(param, PR_TRUE);
|
||||
+ PK11_DestroyContext(ctx, PR_TRUE);
|
||||
+ NSS_ShutdownContext(globalctx);
|
||||
+}
|
||||
+
|
||||
} // namespace nss_test
|
||||
diff --git a/lib/softoken/pkcs11c.c b/lib/softoken/pkcs11c.c
|
||||
--- a/lib/softoken/pkcs11c.c
|
||||
+++ b/lib/softoken/pkcs11c.c
|
||||
@@ -1251,16 +1251,17 @@ sftk_CryptInit(CK_SESSION_HANDLE hSessio
|
||||
|
||||
case CKM_NSS_CHACHA20_CTR: /* old NSS private version */
|
||||
case CKM_CHACHA20: /* PKCS #11 v3 version */
|
||||
{
|
||||
unsigned char *counter;
|
||||
unsigned char *nonce;
|
||||
unsigned long counter_len;
|
||||
unsigned long nonce_len;
|
||||
+ context->multi = PR_FALSE;
|
||||
if (pMechanism->mechanism == CKM_NSS_CHACHA20_CTR) {
|
||||
if (key_type != CKK_NSS_CHACHA20) {
|
||||
crv = CKR_KEY_TYPE_INCONSISTENT;
|
||||
break;
|
||||
}
|
||||
if (pMechanism->pParameter == NULL || pMechanism->ulParameterLen != 16) {
|
||||
crv = CKR_MECHANISM_PARAM_INVALID;
|
||||
break;
|
||||
|
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
@ -1,899 +0,0 @@
|
||||
diff -up ./lib/nss/nss.h.orig ./lib/nss/nss.h
|
||||
--- ./lib/nss/nss.h.orig 2020-06-16 15:50:59.000000000 -0700
|
||||
+++ ./lib/nss/nss.h 2020-10-29 13:17:16.386664203 -0700
|
||||
@@ -299,6 +299,8 @@ SECStatus NSS_UnregisterShutdown(NSS_Shu
|
||||
* old NSS versions. This option might be removed in the future NSS
|
||||
* releases; don't rely on it. */
|
||||
#define __NSS_PKCS12_DECODE_FORCE_UNICODE 0x00c
|
||||
+#define NSS_DEFAULT_LOCKS 0x00d /* lock default values */
|
||||
+#define NSS_DEFAULT_SSL_LOCK 1 /* lock the ssl default values */
|
||||
|
||||
/*
|
||||
* Set and get global options for the NSS library.
|
||||
diff -up ./lib/nss/nssoptions.c.orig ./lib/nss/nssoptions.c
|
||||
--- ./lib/nss/nssoptions.c.orig 2020-06-16 15:50:59.000000000 -0700
|
||||
+++ ./lib/nss/nssoptions.c 2020-10-29 13:17:16.386664203 -0700
|
||||
@@ -14,6 +14,7 @@
|
||||
#include "secoid.h"
|
||||
#include "nss.h"
|
||||
#include "nssoptions.h"
|
||||
+#include "secerr.h"
|
||||
|
||||
struct nssOps {
|
||||
PRInt32 rsaMinKeySize;
|
||||
@@ -24,6 +25,7 @@ struct nssOps {
|
||||
PRInt32 dtlsVersionMinPolicy;
|
||||
PRInt32 dtlsVersionMaxPolicy;
|
||||
PRInt32 pkcs12DecodeForceUnicode;
|
||||
+ PRInt32 defaultLocks;
|
||||
};
|
||||
|
||||
static struct nssOps nss_ops = {
|
||||
@@ -34,7 +36,8 @@ static struct nssOps nss_ops = {
|
||||
0xffff, /* set TLS max to more than the largest legal SSL value */
|
||||
1,
|
||||
0xffff,
|
||||
- PR_FALSE
|
||||
+ PR_FALSE,
|
||||
+ 0
|
||||
};
|
||||
|
||||
SECStatus
|
||||
@@ -42,6 +45,11 @@ NSS_OptionSet(PRInt32 which, PRInt32 val
|
||||
{
|
||||
SECStatus rv = SECSuccess;
|
||||
|
||||
+ if (NSS_IsPolicyLocked()) {
|
||||
+ PORT_SetError(SEC_ERROR_POLICY_LOCKED);
|
||||
+ return SECFailure;
|
||||
+ }
|
||||
+
|
||||
switch (which) {
|
||||
case NSS_RSA_MIN_KEY_SIZE:
|
||||
nss_ops.rsaMinKeySize = value;
|
||||
@@ -67,7 +75,11 @@ NSS_OptionSet(PRInt32 which, PRInt32 val
|
||||
case __NSS_PKCS12_DECODE_FORCE_UNICODE:
|
||||
nss_ops.pkcs12DecodeForceUnicode = value;
|
||||
break;
|
||||
+ case NSS_DEFAULT_LOCKS:
|
||||
+ nss_ops.defaultLocks = value;
|
||||
+ break;
|
||||
default:
|
||||
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
|
||||
rv = SECFailure;
|
||||
}
|
||||
|
||||
@@ -104,6 +116,9 @@ NSS_OptionGet(PRInt32 which, PRInt32 *va
|
||||
case __NSS_PKCS12_DECODE_FORCE_UNICODE:
|
||||
*value = nss_ops.pkcs12DecodeForceUnicode;
|
||||
break;
|
||||
+ case NSS_DEFAULT_LOCKS:
|
||||
+ *value = nss_ops.defaultLocks;
|
||||
+ break;
|
||||
default:
|
||||
rv = SECFailure;
|
||||
}
|
||||
diff -up ./lib/pk11wrap/pk11pars.c.orig ./lib/pk11wrap/pk11pars.c
|
||||
--- ./lib/pk11wrap/pk11pars.c.orig 2020-10-29 13:14:14.119727304 -0700
|
||||
+++ ./lib/pk11wrap/pk11pars.c 2020-10-29 13:17:16.387664208 -0700
|
||||
@@ -158,16 +158,17 @@ SECMOD_CreateModule(const char *library,
|
||||
* Disallow values are parsed first, then allow values, independent of the
|
||||
* order they appear.
|
||||
*
|
||||
- * Future key words (not yet implemented):
|
||||
+ * flags: turn on the following flags:
|
||||
+ * policy-lock: turn off the ability for applications to change policy with
|
||||
+ * the call NSS_SetAlgorithmPolicy or the other system policy
|
||||
+ * calls (SSL_SetPolicy, etc.)
|
||||
+ * ssl-lock: turn off the ability to change the ssl defaults.
|
||||
+ *
|
||||
+ * The following only apply to ssl cipher suites (future smime)
|
||||
+ *
|
||||
* enable: turn on ciphersuites by default.
|
||||
* disable: turn off ciphersuites by default without disallowing them by policy.
|
||||
- * flags: turn on the following flags:
|
||||
- * ssl-lock: turn off the ability for applications to change policy with
|
||||
- * the SSL_SetCipherPolicy (or SSL_SetPolicy).
|
||||
- * policy-lock: turn off the ability for applications to change policy with
|
||||
- * the call NSS_SetAlgorithmPolicy.
|
||||
- * ssl-default-lock: turn off the ability for applications to change cipher
|
||||
- * suite states with SSL_EnableCipher, SSL_DisableCipher.
|
||||
+ *
|
||||
*
|
||||
*/
|
||||
|
||||
@@ -389,7 +390,13 @@ static const oidValDef kxOptList[] = {
|
||||
static const oidValDef signOptList[] = {
|
||||
/* Signatures */
|
||||
{ CIPHER_NAME("DSA"), SEC_OID_ANSIX9_DSA_SIGNATURE,
|
||||
- NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
|
||||
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_SIGNATURE },
|
||||
+ { CIPHER_NAME("RSA-PKCS"), SEC_OID_PKCS1_RSA_ENCRYPTION,
|
||||
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_SIGNATURE },
|
||||
+ { CIPHER_NAME("RSA-PSS"), SEC_OID_PKCS1_RSA_PSS_SIGNATURE,
|
||||
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_SIGNATURE },
|
||||
+ { CIPHER_NAME("ECDSA"), SEC_OID_ANSIX962_EC_PUBLIC_KEY,
|
||||
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_SIGNATURE },
|
||||
};
|
||||
|
||||
typedef struct {
|
||||
@@ -405,7 +412,7 @@ static const algListsDef algOptLists[] =
|
||||
{ macOptList, PR_ARRAY_SIZE(macOptList), "MAC", PR_FALSE },
|
||||
{ cipherOptList, PR_ARRAY_SIZE(cipherOptList), "CIPHER", PR_FALSE },
|
||||
{ kxOptList, PR_ARRAY_SIZE(kxOptList), "OTHER-KX", PR_FALSE },
|
||||
- { signOptList, PR_ARRAY_SIZE(signOptList), "OTHER-SIGN", PR_TRUE },
|
||||
+ { signOptList, PR_ARRAY_SIZE(signOptList), "OTHER-SIGN", PR_FALSE },
|
||||
};
|
||||
|
||||
static const optionFreeDef sslOptList[] = {
|
||||
@@ -443,10 +450,19 @@ static const policyFlagDef policyFlagLis
|
||||
/* add other key exhanges in the future */
|
||||
{ CIPHER_NAME("KEY-EXCHANGE"), NSS_USE_ALG_IN_SSL_KX },
|
||||
{ CIPHER_NAME("CERT-SIGNATURE"), NSS_USE_ALG_IN_CERT_SIGNATURE },
|
||||
- /* add other signatures in the future */
|
||||
- { CIPHER_NAME("SIGNATURE"), NSS_USE_ALG_IN_CERT_SIGNATURE },
|
||||
- /* enable everything */
|
||||
- { CIPHER_NAME("ALL"), NSS_USE_ALG_IN_SSL | NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
|
||||
+ { CIPHER_NAME("CMS-SIGNATURE"), NSS_USE_ALG_IN_CMS_SIGNATURE },
|
||||
+ { CIPHER_NAME("ALL-SIGNATURE"), NSS_USE_ALG_IN_SIGNATURE },
|
||||
+ /* sign turns off all signatures, but doesn't change the
|
||||
+ * allowance for specific sigantures... for example:
|
||||
+ * disallow=sha256/all allow=sha256/signature doesn't allow
|
||||
+ * cert-sigantures, where disallow=sha256/all allow=sha256/all-signature
|
||||
+ * does.
|
||||
+ * however, disallow=sha356/signature and disallow=sha256/all-siganture are
|
||||
+ * equivalent in effect */
|
||||
+ { CIPHER_NAME("SIGNATURE"), NSS_USE_ALG_IN_ANY_SIGNATURE },
|
||||
+ /* enable/disable everything */
|
||||
+ { CIPHER_NAME("ALL"), NSS_USE_ALG_IN_SSL | NSS_USE_ALG_IN_SSL_KX |
|
||||
+ NSS_USE_ALG_IN_SIGNATURE },
|
||||
{ CIPHER_NAME("NONE"), 0 }
|
||||
};
|
||||
|
||||
@@ -538,8 +554,82 @@ secmod_getPolicyOptValue(const char *pol
|
||||
return SECFailure;
|
||||
}
|
||||
|
||||
+/* Policy operations:
|
||||
+ * Disallow: operation is disallowed by policy. Implies disabled.
|
||||
+ * Allow: operation is allowed by policy (but could be disabled).
|
||||
+ * Disable: operation is turned off by default (but could be allowed).
|
||||
+ * Enable: operation is enabled by default. Implies allowed.
|
||||
+ */
|
||||
+typedef enum {
|
||||
+ NSS_DISALLOW,
|
||||
+ NSS_ALLOW,
|
||||
+ NSS_DISABLE,
|
||||
+ NSS_ENABLE
|
||||
+} NSSPolicyOperation;
|
||||
+
|
||||
+/* apply the operator specific policy */
|
||||
+SECStatus
|
||||
+secmod_setPolicyOperation(SECOidTag oid, NSSPolicyOperation operation,
|
||||
+ PRUint32 value)
|
||||
+{
|
||||
+ SECStatus rv = SECSuccess;
|
||||
+ switch (operation) {
|
||||
+ case NSS_DISALLOW:
|
||||
+ /* clear the requested policy bits */
|
||||
+ rv = NSS_SetAlgorithmPolicy(oid, 0, value);
|
||||
+ break;
|
||||
+ case NSS_ALLOW:
|
||||
+ /* set the requested policy bits */
|
||||
+ rv = NSS_SetAlgorithmPolicy(oid, value, 0);
|
||||
+ break;
|
||||
+ /* enable/disable only apply to SSL cipher suites (future S/MIME).
|
||||
+ * Enable/disable is implemented by clearing the DEFAULT_NOT_VALID
|
||||
+ * flag, then setting the NSS_USE_DEFAULT_SSL_ENABLE flag to the
|
||||
+ * correct value. The ssl policy code will then sort out what to
|
||||
+ * set based on ciphers and cipher suite values.*/
|
||||
+ case NSS_DISABLE:
|
||||
+ if (value & (NSS_USE_ALG_IN_SSL | NSS_USE_ALG_IN_SSL_KX)) {
|
||||
+ /* clear not valid and enable */
|
||||
+ rv = NSS_SetAlgorithmPolicy(oid, 0,
|
||||
+ NSS_USE_DEFAULT_NOT_VALID |
|
||||
+ NSS_USE_DEFAULT_SSL_ENABLE);
|
||||
+ }
|
||||
+ break;
|
||||
+ case NSS_ENABLE:
|
||||
+ if (value & (NSS_USE_ALG_IN_SSL | NSS_USE_ALG_IN_SSL_KX)) {
|
||||
+ /* set enable, clear not valid. NOTE: enable implies allow! */
|
||||
+ rv = NSS_SetAlgorithmPolicy(oid, value | NSS_USE_DEFAULT_SSL_ENABLE,
|
||||
+ NSS_USE_DEFAULT_NOT_VALID);
|
||||
+ }
|
||||
+ break;
|
||||
+ default:
|
||||
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
|
||||
+ rv = SECFailure;
|
||||
+ break;
|
||||
+ }
|
||||
+ return rv;
|
||||
+}
|
||||
+
|
||||
+const char *
|
||||
+secmod_getOperationString(NSSPolicyOperation operation)
|
||||
+{
|
||||
+ switch (operation) {
|
||||
+ case NSS_DISALLOW:
|
||||
+ return "disallow";
|
||||
+ case NSS_ALLOW:
|
||||
+ return "allow";
|
||||
+ case NSS_DISABLE:
|
||||
+ return "disable";
|
||||
+ case NSS_ENABLE:
|
||||
+ return "enable";
|
||||
+ default:
|
||||
+ break;
|
||||
+ }
|
||||
+ return "invalid";
|
||||
+}
|
||||
+
|
||||
static SECStatus
|
||||
-secmod_applyCryptoPolicy(const char *policyString, PRBool allow,
|
||||
+secmod_applyCryptoPolicy(const char *policyString, NSSPolicyOperation operation,
|
||||
PRBool printPolicyFeedback)
|
||||
{
|
||||
const char *cipher, *currentString;
|
||||
@@ -573,18 +663,10 @@ secmod_applyCryptoPolicy(const char *pol
|
||||
for (i = 0; i < PR_ARRAY_SIZE(algOptLists); i++) {
|
||||
const algListsDef *algOptList = &algOptLists[i];
|
||||
for (j = 0; j < algOptList->entries; j++) {
|
||||
- PRUint32 enable, disable;
|
||||
if (!newValue) {
|
||||
value = algOptList->list[j].val;
|
||||
}
|
||||
- if (allow) {
|
||||
- enable = value;
|
||||
- disable = 0;
|
||||
- } else {
|
||||
- enable = 0;
|
||||
- disable = value;
|
||||
- }
|
||||
- NSS_SetAlgorithmPolicy(algOptList->list[j].oid, enable, disable);
|
||||
+ secmod_setPolicyOperation(algOptList->list[j].oid, operation, value);
|
||||
}
|
||||
}
|
||||
continue;
|
||||
@@ -603,20 +685,12 @@ secmod_applyCryptoPolicy(const char *pol
|
||||
if ((newOption || algOpt->name_size == length) &&
|
||||
PORT_Strncasecmp(algOpt->name, cipher, name_size) == 0) {
|
||||
PRUint32 value = algOpt->val;
|
||||
- PRUint32 enable, disable;
|
||||
if (newOption) {
|
||||
value = secmod_parsePolicyValue(&cipher[name_size] + 1,
|
||||
length - name_size - 1,
|
||||
printPolicyFeedback);
|
||||
}
|
||||
- if (allow) {
|
||||
- enable = value;
|
||||
- disable = 0;
|
||||
- } else {
|
||||
- enable = 0;
|
||||
- disable = value;
|
||||
- }
|
||||
- rv = NSS_SetAlgorithmPolicy(algOpt->oid, enable, disable);
|
||||
+ rv = secmod_setPolicyOperation(algOptList->list[j].oid, operation, value);
|
||||
if (rv != SECSuccess) {
|
||||
/* could not enable option */
|
||||
/* NSS_SetAlgorithPolicy should have set the error code */
|
||||
@@ -666,7 +740,7 @@ secmod_applyCryptoPolicy(const char *pol
|
||||
if (unknown && printPolicyFeedback) {
|
||||
PR_SetEnv("NSS_POLICY_FAIL=1");
|
||||
fprintf(stderr, "NSS-POLICY-FAIL %s: unknown identifier: %.*s\n",
|
||||
- allow ? "allow" : "disallow", length, cipher);
|
||||
+ secmod_getOperationString(operation), length, cipher);
|
||||
}
|
||||
}
|
||||
return rv;
|
||||
@@ -709,7 +783,8 @@ secmod_sanityCheckCryptoPolicy(void)
|
||||
anyEnabled = PR_TRUE;
|
||||
fprintf(stderr, "NSS-POLICY-INFO: %s is enabled for SSL\n", algOpt->name);
|
||||
}
|
||||
- if ((algOpt->val & NSS_USE_ALG_IN_CERT_SIGNATURE) && (value & NSS_USE_ALG_IN_CERT_SIGNATURE)) {
|
||||
+ if ((algOpt->val & NSS_USE_ALG_IN_CERT_SIGNATURE) &&
|
||||
+ ((value & NSS_USE_CERT_SIGNATURE_OK) == NSS_USE_CERT_SIGNATURE_OK)) {
|
||||
++num_sig_enabled;
|
||||
anyEnabled = PR_TRUE;
|
||||
fprintf(stderr, "NSS-POLICY-INFO: %s is enabled for CERT-SIGNATURE\n", algOpt->name);
|
||||
@@ -740,7 +815,7 @@ secmod_sanityCheckCryptoPolicy(void)
|
||||
static SECStatus
|
||||
secmod_parseCryptoPolicy(const char *policyConfig, PRBool printPolicyFeedback)
|
||||
{
|
||||
- char *disallow, *allow;
|
||||
+ char *args;
|
||||
SECStatus rv;
|
||||
|
||||
if (policyConfig == NULL) {
|
||||
@@ -752,20 +827,46 @@ secmod_parseCryptoPolicy(const char *pol
|
||||
if (rv != SECSuccess) {
|
||||
return rv;
|
||||
}
|
||||
- disallow = NSSUTIL_ArgGetParamValue("disallow", policyConfig);
|
||||
- rv = secmod_applyCryptoPolicy(disallow, PR_FALSE, printPolicyFeedback);
|
||||
- if (disallow)
|
||||
- PORT_Free(disallow);
|
||||
+ args = NSSUTIL_ArgGetParamValue("disallow", policyConfig);
|
||||
+ rv = secmod_applyCryptoPolicy(args, NSS_DISALLOW, printPolicyFeedback);
|
||||
+ if (args)
|
||||
+ PORT_Free(args);
|
||||
if (rv != SECSuccess) {
|
||||
return rv;
|
||||
}
|
||||
- allow = NSSUTIL_ArgGetParamValue("allow", policyConfig);
|
||||
- rv = secmod_applyCryptoPolicy(allow, PR_TRUE, printPolicyFeedback);
|
||||
- if (allow)
|
||||
- PORT_Free(allow);
|
||||
+ args = NSSUTIL_ArgGetParamValue("allow", policyConfig);
|
||||
+ rv = secmod_applyCryptoPolicy(args, NSS_ALLOW, printPolicyFeedback);
|
||||
+ if (args)
|
||||
+ PORT_Free(args);
|
||||
if (rv != SECSuccess) {
|
||||
return rv;
|
||||
}
|
||||
+ args = NSSUTIL_ArgGetParamValue("disable", policyConfig);
|
||||
+ rv = secmod_applyCryptoPolicy(args, NSS_DISABLE, printPolicyFeedback);
|
||||
+ if (args)
|
||||
+ PORT_Free(args);
|
||||
+ if (rv != SECSuccess) {
|
||||
+ return rv;
|
||||
+ }
|
||||
+ args = NSSUTIL_ArgGetParamValue("enable", policyConfig);
|
||||
+ rv = secmod_applyCryptoPolicy(args, NSS_ENABLE, printPolicyFeedback);
|
||||
+ if (args)
|
||||
+ PORT_Free(args);
|
||||
+ if (rv != SECSuccess) {
|
||||
+ return rv;
|
||||
+ }
|
||||
+ /* this has to be last. Everything after this will be a noop */
|
||||
+ if (NSSUTIL_ArgHasFlag("flags", "ssl-lock", policyConfig)) {
|
||||
+ PRInt32 locks;
|
||||
+ /* don't overwrite other (future) lock flags */
|
||||
+ rv = NSS_OptionGet(NSS_DEFAULT_LOCKS, &locks);
|
||||
+ if (rv == SECSuccess) {
|
||||
+ NSS_OptionSet(NSS_DEFAULT_LOCKS, locks | NSS_DEFAULT_SSL_LOCK);
|
||||
+ }
|
||||
+ }
|
||||
+ if (NSSUTIL_ArgHasFlag("flags", "policy-lock", policyConfig)) {
|
||||
+ NSS_LockPolicy();
|
||||
+ }
|
||||
if (printPolicyFeedback) {
|
||||
/* This helps to distinguish configurations that don't contain any
|
||||
* policy config= statement. */
|
||||
diff -up ./lib/ssl/ssl3con.c.orig ./lib/ssl/ssl3con.c
|
||||
--- ./lib/ssl/ssl3con.c.orig 2020-10-29 13:14:14.122727319 -0700
|
||||
+++ ./lib/ssl/ssl3con.c 2020-10-29 13:23:11.101487525 -0700
|
||||
@@ -13534,6 +13534,61 @@ ssl3_DestroySSL3Info(sslSocket *ss)
|
||||
tls13_DestroyEarlyData(&ss->ssl3.hs.bufferedEarlyData);
|
||||
}
|
||||
|
||||
+/*
|
||||
+ * parse the policy value for a single algorithm in a cipher_suite,
|
||||
+ * return TRUE if we disallow by the cipher suite by policy
|
||||
+ * (we don't have to parse any more algorithm policies on this cipher suite),
|
||||
+ * otherwise return FALSE.
|
||||
+ * 1. If we don't have the required policy, disable by default, disallow by
|
||||
+ * policy and return TRUE (no more processing needed).
|
||||
+ * 2. If we have the required policy, and we are disabled, return FALSE,
|
||||
+ * (if we are disabled, we only need to parse policy, not default).
|
||||
+ * 3. If we have the required policy, and we aren't adjusting the defaults
|
||||
+ * return FALSE. (only parsing the policy, not default).
|
||||
+ * 4. We have the required policy and we are adjusting the defaults.
|
||||
+ * If we are setting default = FALSE, set isDisabled to true so that
|
||||
+ * we don't try to re-enable the cipher suite based on a different
|
||||
+ * algorithm.
|
||||
+ */
|
||||
+PRBool
|
||||
+ssl_HandlePolicy(int cipher_suite, SECOidTag policyOid,
|
||||
+ PRUint32 requiredPolicy, PRBool *isDisabled)
|
||||
+{
|
||||
+ PRUint32 policy;
|
||||
+ SECStatus rv;
|
||||
+
|
||||
+ /* first fetch the policy for this algorithm */
|
||||
+ rv = NSS_GetAlgorithmPolicy(policyOid, &policy);
|
||||
+ if (rv != SECSuccess) {
|
||||
+ return PR_FALSE; /* no policy value, continue to the next algorithm */
|
||||
+ }
|
||||
+ /* first, are we allowed by policy, if not turn off allow and disable */
|
||||
+ if (!(policy & requiredPolicy)) {
|
||||
+ ssl_CipherPrefSetDefault(cipher_suite, PR_FALSE);
|
||||
+ ssl_CipherPolicySet(cipher_suite, SSL_NOT_ALLOWED);
|
||||
+ return PR_TRUE;
|
||||
+ }
|
||||
+ /* If we are already disabled, or the policy isn't setting a default
|
||||
+ * we are done processing this algorithm */
|
||||
+ if (*isDisabled || (policy & NSS_USE_DEFAULT_NOT_VALID)) {
|
||||
+ return PR_FALSE;
|
||||
+ }
|
||||
+ /* set the default value for the cipher suite. If we disable the cipher
|
||||
+ * suite, remember that so we don't process the next default. This has
|
||||
+ * the effect of disabling the whole cipher suite if any of the
|
||||
+ * algorithms it uses are disabled by default. We still have to
|
||||
+ * process the upper level because the cipher suite is still allowed
|
||||
+ * by policy, and we may still have to disallow it based on other
|
||||
+ * algorithms in the cipher suite. */
|
||||
+ if (policy & NSS_USE_DEFAULT_SSL_ENABLE) {
|
||||
+ ssl_CipherPrefSetDefault(cipher_suite, PR_TRUE);
|
||||
+ } else {
|
||||
+ *isDisabled = PR_TRUE;
|
||||
+ ssl_CipherPrefSetDefault(cipher_suite, PR_FALSE);
|
||||
+ }
|
||||
+ return PR_FALSE;
|
||||
+}
|
||||
+
|
||||
#define MAP_NULL(x) (((x) != 0) ? (x) : SEC_OID_NULL_CIPHER)
|
||||
|
||||
SECStatus
|
||||
@@ -13552,30 +13607,30 @@ ssl3_ApplyNSSPolicy(void)
|
||||
for (i = 1; i < PR_ARRAY_SIZE(cipher_suite_defs); ++i) {
|
||||
const ssl3CipherSuiteDef *suite = &cipher_suite_defs[i];
|
||||
SECOidTag policyOid;
|
||||
+ PRBool isDisabled = PR_FALSE;
|
||||
+
|
||||
+ /* if we haven't explicitly disabled it below enable by policy */
|
||||
+ ssl_CipherPolicySet(suite->cipher_suite, SSL_ALLOWED);
|
||||
|
||||
+ /* now check the various key exchange, ciphers and macs and
|
||||
+ * if we ever disallow by policy, we are done, go to the next cipher
|
||||
+ */
|
||||
policyOid = MAP_NULL(kea_defs[suite->key_exchange_alg].oid);
|
||||
- rv = NSS_GetAlgorithmPolicy(policyOid, &policy);
|
||||
- if (rv == SECSuccess && !(policy & NSS_USE_ALG_IN_SSL_KX)) {
|
||||
- ssl_CipherPrefSetDefault(suite->cipher_suite, PR_FALSE);
|
||||
- ssl_CipherPolicySet(suite->cipher_suite, SSL_NOT_ALLOWED);
|
||||
+ if (ssl_HandlePolicy(suite->cipher_suite, policyOid,
|
||||
+ NSS_USE_ALG_IN_SSL_KX, &isDisabled)) {
|
||||
continue;
|
||||
}
|
||||
|
||||
policyOid = MAP_NULL(ssl_GetBulkCipherDef(suite)->oid);
|
||||
- rv = NSS_GetAlgorithmPolicy(policyOid, &policy);
|
||||
- if (rv == SECSuccess && !(policy & NSS_USE_ALG_IN_SSL)) {
|
||||
- ssl_CipherPrefSetDefault(suite->cipher_suite, PR_FALSE);
|
||||
- ssl_CipherPolicySet(suite->cipher_suite, SSL_NOT_ALLOWED);
|
||||
+ if (ssl_HandlePolicy(suite->cipher_suite, policyOid,
|
||||
+ NSS_USE_ALG_IN_SSL, &isDisabled)) {
|
||||
continue;
|
||||
}
|
||||
|
||||
if (ssl_GetBulkCipherDef(suite)->type != type_aead) {
|
||||
policyOid = MAP_NULL(ssl_GetMacDefByAlg(suite->mac_alg)->oid);
|
||||
- rv = NSS_GetAlgorithmPolicy(policyOid, &policy);
|
||||
- if (rv == SECSuccess && !(policy & NSS_USE_ALG_IN_SSL)) {
|
||||
- ssl_CipherPrefSetDefault(suite->cipher_suite, PR_FALSE);
|
||||
- ssl_CipherPolicySet(suite->cipher_suite,
|
||||
- SSL_NOT_ALLOWED);
|
||||
+ if (ssl_HandlePolicy(suite->cipher_suite, policyOid,
|
||||
+ NSS_USE_ALG_IN_SSL, &isDisabled)) {
|
||||
continue;
|
||||
}
|
||||
}
|
||||
diff -up ./lib/ssl/sslsock.c.orig ./lib/ssl/sslsock.c
|
||||
--- ./lib/ssl/sslsock.c.orig 2020-10-29 13:14:14.201727725 -0700
|
||||
+++ ./lib/ssl/sslsock.c 2020-10-29 13:17:16.389664218 -0700
|
||||
@@ -1447,6 +1447,10 @@ SSL_CipherPolicySet(PRInt32 which, PRInt
|
||||
if (rv != SECSuccess) {
|
||||
return rv;
|
||||
}
|
||||
+ if (NSS_IsPolicyLocked()) {
|
||||
+ PORT_SetError(SEC_ERROR_POLICY_LOCKED);
|
||||
+ return SECFailure;
|
||||
+ }
|
||||
return ssl_CipherPolicySet(which, policy);
|
||||
}
|
||||
|
||||
@@ -1493,10 +1497,15 @@ SECStatus
|
||||
SSL_CipherPrefSetDefault(PRInt32 which, PRBool enabled)
|
||||
{
|
||||
SECStatus rv = ssl_Init();
|
||||
+ PRInt32 locks;
|
||||
|
||||
if (rv != SECSuccess) {
|
||||
return rv;
|
||||
}
|
||||
+ rv = NSS_OptionGet(NSS_DEFAULT_LOCKS, &locks);
|
||||
+ if ((rv == SECSuccess) && (locks & NSS_DEFAULT_SSL_LOCK)) {
|
||||
+ return SECSuccess;
|
||||
+ }
|
||||
return ssl_CipherPrefSetDefault(which, enabled);
|
||||
}
|
||||
|
||||
@@ -1522,11 +1531,17 @@ SECStatus
|
||||
SSL_CipherPrefSet(PRFileDesc *fd, PRInt32 which, PRBool enabled)
|
||||
{
|
||||
sslSocket *ss = ssl_FindSocket(fd);
|
||||
+ PRInt32 locks;
|
||||
+ SECStatus rv;
|
||||
|
||||
if (!ss) {
|
||||
SSL_DBG(("%d: SSL[%d]: bad socket in CipherPrefSet", SSL_GETPID(), fd));
|
||||
return SECFailure;
|
||||
}
|
||||
+ rv = NSS_OptionGet(NSS_DEFAULT_LOCKS, &locks);
|
||||
+ if ((rv == SECSuccess) && (locks & NSS_DEFAULT_SSL_LOCK)) {
|
||||
+ return SECSuccess;
|
||||
+ }
|
||||
if (ssl_IsRemovedCipherSuite(which))
|
||||
return SECSuccess;
|
||||
return ssl3_CipherPrefSet(ss, (ssl3CipherSuite)which, enabled);
|
||||
diff -up ./lib/util/nssutil.def.orig ./lib/util/nssutil.def
|
||||
--- ./lib/util/nssutil.def.orig 2020-06-16 15:50:59.000000000 -0700
|
||||
+++ ./lib/util/nssutil.def 2020-10-29 13:17:16.390664223 -0700
|
||||
@@ -334,3 +334,10 @@ NSSUTIL_AddNSSFlagToModuleSpec;
|
||||
;+ local:
|
||||
;+ *;
|
||||
;+};
|
||||
+;+NSSUTIL_3.59 { # NSS Utilities 3.59 release
|
||||
+;+ global:
|
||||
+NSS_IsPolicyLocked;
|
||||
+NSS_LockPolicy;
|
||||
+;+ local:
|
||||
+;+ *;
|
||||
+;+};
|
||||
diff -up ./lib/util/secerr.h.orig ./lib/util/secerr.h
|
||||
--- ./lib/util/secerr.h.orig 2020-10-29 13:17:16.390664223 -0700
|
||||
+++ ./lib/util/secerr.h 2020-10-29 13:28:22.701093270 -0700
|
||||
@@ -210,6 +210,11 @@ typedef enum {
|
||||
|
||||
SEC_ERROR_APPLICATION_CALLBACK_ERROR = (SEC_ERROR_BASE + 178),
|
||||
|
||||
+ SEC_ERROR_INVALID_STATE = (SEC_ERROR_BASE + 179),
|
||||
+
|
||||
+ SEC_ERROR_POLICY_LOCKED = (SEC_ERROR_BASE + 180),
|
||||
+ SEC_ERROR_SIGNATURE_ALGORITHM_DISABLED = (SEC_ERROR_BASE + 181),
|
||||
+
|
||||
/* Add new error codes above here. */
|
||||
SEC_ERROR_END_OF_LIST
|
||||
} SECErrorCodes;
|
||||
diff -up ./lib/util/SECerrs.h.orig ./lib/util/SECerrs.h
|
||||
--- ./lib/util/SECerrs.h.orig 2020-10-29 13:17:16.389664218 -0700
|
||||
+++ ./lib/util/SECerrs.h 2020-10-29 13:26:46.960599243 -0700
|
||||
@@ -549,3 +549,12 @@ ER3(SEC_ERROR_LEGACY_DATABASE, (SEC_ERRO
|
||||
|
||||
ER3(SEC_ERROR_APPLICATION_CALLBACK_ERROR, (SEC_ERROR_BASE + 178),
|
||||
"The certificate was rejected by extra checks in the application.")
|
||||
+
|
||||
+ER3(SEC_ERROR_INVALID_STATE, (SEC_ERROR_BASE + 179),
|
||||
+ "The attempted operation is invalid for the current state.")
|
||||
+
|
||||
+ER3(SEC_ERROR_POLICY_LOCKED, (SEC_ERROR_BASE + 180),
|
||||
+ "Could not change the policy because the policy is now locked.")
|
||||
+
|
||||
+ER3(SEC_ERROR_SIGNATURE_ALGORITHM_DISABLED, (SEC_ERROR_BASE + 181),
|
||||
+ "Could not create or verify a signature using a signature algorithm that is disabled because it is not secure.")
|
||||
diff -up ./lib/util/secoid.c.orig ./lib/util/secoid.c
|
||||
--- ./lib/util/secoid.c.orig 2020-10-29 13:14:14.119727304 -0700
|
||||
+++ ./lib/util/secoid.c 2020-10-29 13:17:16.390664223 -0700
|
||||
@@ -2257,6 +2257,8 @@ NSS_GetAlgorithmPolicy(SECOidTag tag, PR
|
||||
return SECSuccess;
|
||||
}
|
||||
|
||||
+static PRBool nss_policy_locked = PR_FALSE;
|
||||
+
|
||||
/* The Set function modifies the stored value according to the following
|
||||
* algorithm:
|
||||
* policy[tag] = (policy[tag] & ~clearBits) | setBits;
|
||||
@@ -2268,6 +2270,11 @@ NSS_SetAlgorithmPolicy(SECOidTag tag, PR
|
||||
PRUint32 policyFlags;
|
||||
if (!pxo)
|
||||
return SECFailure;
|
||||
+
|
||||
+ if (nss_policy_locked) {
|
||||
+ PORT_SetError(SEC_ERROR_POLICY_LOCKED);
|
||||
+ return SECFailure;
|
||||
+ }
|
||||
/* The stored policy flags are the ones complement of the flags as
|
||||
* seen by the user. This is not atomic, but these changes should
|
||||
* be done rarely, e.g. at initialization time.
|
||||
@@ -2278,6 +2285,20 @@ NSS_SetAlgorithmPolicy(SECOidTag tag, PR
|
||||
return SECSuccess;
|
||||
}
|
||||
|
||||
+/* Get the state of nss_policy_locked */
|
||||
+PRBool
|
||||
+NSS_IsPolicyLocked(void)
|
||||
+{
|
||||
+ return nss_policy_locked;
|
||||
+}
|
||||
+
|
||||
+/* Once the policy is locked, it can't be unlocked */
|
||||
+void
|
||||
+NSS_LockPolicy(void)
|
||||
+{
|
||||
+ nss_policy_locked = PR_TRUE;
|
||||
+}
|
||||
+
|
||||
/* --------- END OF opaque extended OID table accessor functions ---------*/
|
||||
|
||||
/* for now, this is only used in a single place, so it can remain static */
|
||||
@@ -2339,6 +2360,9 @@ SECOID_Shutdown(void)
|
||||
dynOidEntriesAllocated = 0;
|
||||
dynOidEntriesUsed = 0;
|
||||
}
|
||||
+ /* we are trashing the old policy state now, also reenable changing
|
||||
+ * the policy as well */
|
||||
+ nss_policy_locked = PR_FALSE;
|
||||
memset(xOids, 0, sizeof xOids);
|
||||
return SECSuccess;
|
||||
}
|
||||
diff -up ./lib/util/secoid.h.orig ./lib/util/secoid.h
|
||||
--- ./lib/util/secoid.h.orig 2020-06-16 15:50:59.000000000 -0700
|
||||
+++ ./lib/util/secoid.h 2020-10-29 13:17:16.390664223 -0700
|
||||
@@ -135,6 +135,15 @@ extern SECStatus NSS_GetAlgorithmPolicy(
|
||||
extern SECStatus
|
||||
NSS_SetAlgorithmPolicy(SECOidTag tag, PRUint32 setBits, PRUint32 clearBits);
|
||||
|
||||
+/* Lock the policy so NSS_SetAlgorithmPolicy (and other policy functions)
|
||||
+ * No longer function */
|
||||
+void
|
||||
+NSS_LockPolicy(void);
|
||||
+
|
||||
+/* return true if policy changes are now locked out */
|
||||
+PRBool
|
||||
+NSS_IsPolicyLocked(void);
|
||||
+
|
||||
SEC_END_PROTOS
|
||||
|
||||
#endif /* _SECOID_H_ */
|
||||
diff -up ./lib/util/secoidt.h.orig ./lib/util/secoidt.h
|
||||
--- ./lib/util/secoidt.h.orig 2020-06-16 15:50:59.000000000 -0700
|
||||
+++ ./lib/util/secoidt.h 2020-10-29 13:17:16.390664223 -0700
|
||||
@@ -538,7 +538,24 @@ struct SECOidDataStr {
|
||||
#define NSS_USE_ALG_IN_SSL_KX 0x00000004 /* used in SSL key exchange */
|
||||
#define NSS_USE_ALG_IN_SSL 0x00000008 /* used in SSL record protocol */
|
||||
#define NSS_USE_POLICY_IN_SSL 0x00000010 /* enable policy in SSL protocol */
|
||||
-#define NSS_USE_ALG_RESERVED 0xfffffffc /* may be used in future */
|
||||
+#define NSS_USE_ALG_IN_ANY_SIGNATURE 0x00000020 /* used in S/MIME */
|
||||
+#define NSS_USE_DEFAULT_NOT_VALID 0x80000000 /* clear to make the default flag valid */
|
||||
+#define NSS_USE_DEFAULT_SSL_ENABLE 0x40000000 /* default cipher suite setting 1=enable */
|
||||
+
|
||||
+/* Combo policy bites */
|
||||
+#define NSS_USE_ALG_RESERVED 0x3fffffc0 /* may be used in future */
|
||||
+/* Alias of all the signature values. */
|
||||
+#define NSS_USE_ALG_IN_SIGNATURE (NSS_USE_ALG_IN_CERT_SIGNATURE | \
|
||||
+ NSS_USE_ALG_IN_CMS_SIGNATURE | \
|
||||
+ NSS_USE_ALG_IN_ANY_SIGNATURE)
|
||||
+/* all the bits needed for a certificate signature
|
||||
+ * and only the bits needed for a certificate signature */
|
||||
+#define NSS_USE_CERT_SIGNATURE_OK (NSS_USE_ALG_IN_CERT_SIGNATURE | \
|
||||
+ NSS_USE_ALG_IN_ANY_SIGNATURE)
|
||||
+/* all the bits needed for an SMIME signature
|
||||
+ * and only the bits needed for an SMIME signature */
|
||||
+#define NSS_USE_CMS_SIGNATURE_OK (NSS_USE_ALG_IN_CMS_SIGNATURE | \
|
||||
+ NSS_USE_ALG_IN_ANY_SIGNATURE)
|
||||
|
||||
/* Code MUST NOT SET or CLEAR reserved bits, and must NOT depend on them
|
||||
* being all zeros or having any other known value. The reserved bits
|
||||
diff -up ./tests/policy/crypto-policy.txt.orig ./tests/policy/crypto-policy.txt
|
||||
--- ./tests/policy/crypto-policy.txt.orig 2020-06-16 15:50:59.000000000 -0700
|
||||
+++ ./tests/policy/crypto-policy.txt 2020-10-29 13:17:16.390664223 -0700
|
||||
@@ -3,14 +3,15 @@
|
||||
# col 3: an extended regular expression, expected to match the output
|
||||
# col 4: description of the test
|
||||
#
|
||||
-0 disallow=ALL_allow=HMAC-SHA256:HMAC-SHA1:HMAC-SHA384:HMAC-SHA512:SECP256R1:SECP384R1:SECP521R1:aes256-gcm:chacha20-poly1305:aes256-cbc:camellia256-cbc:aes128-gcm:aes128-cbc:camellia128-cbc:SHA256:SHA384:SHA512:SHA1:ECDHE-RSA:ECDHE-ECDSA:RSA:DHE-RSA:tls-version-min=tls1.0:dtls-version-min=dtls1.0:DH-MIN=1023:DSA-MIN=2048:RSA-MIN=2048 NSS-POLICY-INFO.*LOADED-SUCCESSFULLY Standard policy
|
||||
-0 disallow=ALL_allow=HMAC-SHA1:HMAC-SHA256:HMAC-SHA384:HMAC-SHA512:SECP256R1:SECP384R1:SECP521R1:aes256-gcm:chacha20-poly1305:aes256-cbc:camellia256-cbc:aes128-gcm:aes128-cbc:camellia128-cbc:des-ede3-cbc:rc4:SHA256:SHA384:SHA512:SHA1:ECDHE-RSA:ECDHE-ECDSA:RSA:DHE-RSA:DHE-DSS:tls-version-min=tls1.0:dtls-version-min=tls1.0:DH-MIN=1023:DSA-MIN=1023:RSA-MIN=1023 NSS-POLICY-INFO.*LOADED-SUCCESSFULLY Legacy policy
|
||||
-0 disallow=ALL_allow=HMAC-SHA256:HMAC-SHA384:HMAC-SHA512:SECP384R1:SECP521R1:aes256-gcm:chacha20-poly1305:SHA384:SHA512:ECDHE-RSA:ECDHE-ECDSA:RSA:DHE-RSA:tls-version-min=tls1.2:dtls-version-min=dtls1.2:DH-MIN=3072:DSA-MIN=3072:RSA-MIN=3072 NSS-POLICY-INFO.*LOADED-SUCCESSFULLY Reduced policy
|
||||
+0 disallow=ALL_allow=HMAC-SHA256:HMAC-SHA1:HMAC-SHA384:HMAC-SHA512:SECP256R1:SECP384R1:SECP521R1:aes256-gcm:chacha20-poly1305:aes256-cbc:camellia256-cbc:aes128-gcm:aes128-cbc:camellia128-cbc:SHA256:SHA384:SHA512:SHA1:ECDHE-RSA:ECDHE-ECDSA:RSA:DHE-RSA:rsa-pkcs:rsa-pss:ecdsa:tls-version-min=tls1.0:dtls-version-min=dtls1.0:DH-MIN=1023:DSA-MIN=2048:RSA-MIN=2048 NSS-POLICY-INFO.*LOADED-SUCCESSFULLY Standard policy
|
||||
+0 disallow=ALL_allow=HMAC-SHA1:HMAC-SHA256:HMAC-SHA384:HMAC-SHA512:SECP256R1:SECP384R1:SECP521R1:aes256-gcm:chacha20-poly1305:aes256-cbc:camellia256-cbc:aes128-gcm:aes128-cbc:camellia128-cbc:des-ede3-cbc:rc4:SHA256:SHA384:SHA512:SHA1:ECDHE-RSA:ECDHE-ECDSA:RSA:DHE-RSA:DHE-DSS:rsa-pkcs:rsa-pss:ecdsa:tls-version-min=tls1.0:dtls-version-min=tls1.0:DH-MIN=1023:DSA-MIN=1023:RSA-MIN=1023 NSS-POLICY-INFO.*LOADED-SUCCESSFULLY Legacy policy
|
||||
+0 disallow=ALL_allow=HMAC-SHA256:HMAC-SHA384:HMAC-SHA512:SECP384R1:SECP521R1:aes256-gcm:chacha20-poly1305:SHA384:SHA512:ECDHE-RSA:ECDHE-ECDSA:RSA:DHE-RSA:rsa-pkcs:rsa-pss:ecdsa:tls-version-min=tls1.2:dtls-version-min=dtls1.2:DH-MIN=3072:DSA-MIN=3072:RSA-MIN=3072 NSS-POLICY-INFO.*LOADED-SUCCESSFULLY Reduced policy
|
||||
2 disallow=ALL_allow=dtls-version-min=:dtls-version-max= NSS-POLICY-FAIL Missing value
|
||||
2 disallow=ALL_allow=RSA-MIN=whatever NSS-POLICY-FAIL Invalid value
|
||||
2 disallow=ALL_allow=flower NSS-POLICY-FAIL Invalid identifier
|
||||
1 disallow=all NSS-POLICY-WARN.*NUMBER-OF-CERT-SIG disallow all
|
||||
-1 disallow=ALL_allow=HMAC-SHA256:HMAC-SHA384:HMAC-SHA512:SECP384R1:SECP521R1:aes256-gcm:chacha20-poly1305:ECDHE-RSA:ECDHE-ECDSA:RSA:DHE-RSA:tls-version-min=tls1.2:dtls-version-min=dtls1.2:DH-MIN=3072:DSA-MIN=3072:RSA-MIN=3072 NSS-POLICY-WARN.*NUMBER-OF-HASH No Hashes
|
||||
+1 disallow=all/signature NSS-POLICY-WARN.*NUMBER-OF-CERT-SIG disallow all signatures
|
||||
+1 disallow=ALL_allow=HMAC-SHA256:HMAC-SHA384:HMAC-SHA512:SECP384R1:SECP521R1:aes256-gcm:chacha20-poly1305:ECDHE-RSA:ECDHE-ECDSA:RSA:DHE-RSA:rsa-pkcs:tls-version-min=tls1.2:dtls-version-min=dtls1.2:DH-MIN=3072:DSA-MIN=3072:RSA-MIN=3072 NSS-POLICY-WARN.*NUMBER-OF-HASH No Hashes
|
||||
1 disallow=ALL_allow=tls-version-min=0:tls-version-max=0 NSS-POLICY-WARN.*NUMBER-OF-TLS-VERSIONS All TLS versions disabled
|
||||
1 disallow=ALL_allow=dtls-version-min=0:dtls-version-max=0 NSS-POLICY-WARN.*NUMBER-OF-DTLS-VERSIONS All DTLS versions disabled
|
||||
1 disallow=ALL_allow=tls-version-min=tls1.2:tls-version-max=tls1.1 NSS-POLICY-WARN.*NUMBER-OF-TLS-VERSIONS Invalid range of TLS versions
|
||||
diff -up ./tests/policy/policy.sh.orig ./tests/policy/policy.sh
|
||||
--- ./tests/policy/policy.sh.orig 2020-06-16 15:50:59.000000000 -0700
|
||||
+++ ./tests/policy/policy.sh 2020-10-29 13:17:16.391664228 -0700
|
||||
@@ -12,6 +12,28 @@
|
||||
#
|
||||
########################################################################
|
||||
|
||||
+policy_init()
|
||||
+{
|
||||
+ SCRIPTNAME=policy.sh # sourced - $0 would point to all.sh
|
||||
+
|
||||
+ if [ -z "${CLEANUP}" ] ; then # if nobody else is responsible for
|
||||
+ CLEANUP="${SCRIPTNAME}" # cleaning this script will do it
|
||||
+ fi
|
||||
+
|
||||
+ if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then
|
||||
+ cd ../common
|
||||
+ . ./init.sh
|
||||
+ fi
|
||||
+ SCRIPTNAME=policy.sh
|
||||
+
|
||||
+}
|
||||
+
|
||||
+policy_cleanup()
|
||||
+{
|
||||
+ cd ${QADIR}
|
||||
+ . common/cleanup.sh
|
||||
+}
|
||||
+
|
||||
ignore_blank_lines()
|
||||
{
|
||||
LC_ALL=C egrep -v '^[[:space:]]*(#|$)' "$1"
|
||||
@@ -53,6 +75,9 @@ NSS=flags=policyOnly,moduleDB
|
||||
html_msg $ret 0 "\"${testname}\" output is expected to match \"${match}\""
|
||||
|
||||
done
|
||||
+ html "</TABLE><BR>"
|
||||
}
|
||||
|
||||
+policy_init
|
||||
policy_run_tests
|
||||
+policy_cleanup
|
||||
diff -up ./tests/ssl/sslpolicy.txt.orig ./tests/ssl/sslpolicy.txt
|
||||
--- ./tests/ssl/sslpolicy.txt.orig 2020-06-16 15:50:59.000000000 -0700
|
||||
+++ ./tests/ssl/sslpolicy.txt 2020-10-29 13:17:16.391664228 -0700
|
||||
@@ -7,8 +7,14 @@
|
||||
# The policy string is set to the config= line in the pkcs11.txt
|
||||
# it currently has 2 keywords:
|
||||
#
|
||||
-# disallow= turn off the use of this algorithm by policy.
|
||||
+# disallow= turn off the use of this algorithm by policy. (implies disable)
|
||||
# allow= allow this algorithm to by used if selected by policy.
|
||||
+# disable= turn off the use of this algorithm even if allowed by policy
|
||||
+# (application can override)
|
||||
+# enable= turn off this algorithm by default (implies allow)
|
||||
+# flags= policy-lock: can't change policy with NSS_SetAlgorithmPolicy,
|
||||
+# NSS_SetOption, or SSL_SetCipherPolicy
|
||||
+# ssl-lock: can't change the cipher suite settings with the application.
|
||||
#
|
||||
# The syntax is disallow=algorithm{/uses}:algorithm{/uses}
|
||||
# where {} signifies an optional element
|
||||
@@ -76,6 +82,9 @@
|
||||
# SECT571R1
|
||||
# Signatures:
|
||||
# DSA
|
||||
+# RSA-PKCS
|
||||
+# RSA-PSS
|
||||
+# ECDSA
|
||||
# Hashes:
|
||||
# MD2
|
||||
# MD4
|
||||
@@ -137,7 +146,8 @@
|
||||
# ssl-key-exchange
|
||||
# key-exchange (includes ssl-key-exchange)
|
||||
# cert-signature
|
||||
-# signature (includes cert-signature)
|
||||
+# all-signature (includes cert-signature)
|
||||
+# signature (all signatures off, some signature allowed based on other option)
|
||||
# all (includes all of the above)
|
||||
#-----------------------------------------------
|
||||
# In addition there are the following options:
|
||||
@@ -147,31 +157,48 @@
|
||||
# they have the following syntax:
|
||||
# allow=min-rsa=512:min-dh=1024
|
||||
#
|
||||
+# in the following tests, we use the cipher suite 'd':
|
||||
+# d SSL3 RSA WITH 3DES EDE CBC SHA (=:000a).
|
||||
+# NOTE: the certificates used in validation are rsa-pkcs1/sha256 signed.
|
||||
+#
|
||||
# Exp Enable Enable Cipher Config Policy Test Name
|
||||
# Ret EC TLS
|
||||
# turn on single cipher
|
||||
- 0 noECC SSL3 d disallow=all_allow=hmac-sha1:sha256:rsa:des-ede3-cbc:tls-version-min=ssl3.0:tls-version-max=ssl3.0 Allowed by Narrow Policy
|
||||
- 0 noECC SSL3 d disallow=all_allow=hmac-sha1/ssl,ssl-key-exchange:sha256/cert-signature:rsa/ssl-key-exchange:des-ede3-cbc:tls-version-min=ssl3.0:tls-version-max=ssl3.0 Allowed by Strict Policy
|
||||
- 0 noECC SSL3 d disallow=all_allow=md2/all:md4/all:md5/all:sha1/all:sha256/all:sha384/all:sha512/all:hmac-sha1/all:hmac-sha224/all:hmac-sha256/all:hmac-sha384/all:hmac-sha512/all:hmac-md5/all:camellia128-cbc/all:camellia192-cbc/all:camellia256-cbc/all:seed-cbc/all:des-ede3-cbc/all:des-40-cbc/all:des-cbc/all:null-cipher/all:rc2/all:rc4/all:idea/all:rsa/all:rsa-export/all:dhe-rsa/all:dhe-dss/all:ecdhe-ecdsa/all:ecdhe-rsa/all:ecdh-ecdsa/all:ecdh-rsa/all:tls-version-min=ssl2.0:tls-version-max=tls1.2 Allow All Explicitly
|
||||
- 1 noECC SSL3 d disallow=all Disallow All Explicitly.
|
||||
+ 0 noECC SSL3 d disallow=all_allow=hmac-sha1:sha256:rsa-pkcs:rsa:des-ede3-cbc:tls-version-min=ssl3.0:tls-version-max=ssl3.0 Allowed by Narrow Policy
|
||||
+ 0 noECC SSL3 d disallow=all_allow=hmac-sha1/ssl,ssl-key-exchange:sha256/all-signature:rsa-pkcs/all-signature:rsa/ssl-key-exchange:des-ede3-cbc:tls-version-min=ssl3.0:tls-version-max=ssl3.0 Allowed by Strict Policy
|
||||
+ 0 noECC SSL3 d disallow=all_allow=md2/all:md4/all:md5/all:sha1/all:sha256/all:sha384/all:sha512/all:rsa-pkcs/all:dsa/all:rsa-pss/all:ecdsa/all:hmac-sha1/all:hmac-sha224/all:hmac-sha256/all:hmac-sha384/all:hmac-sha512/all:hmac-md5/all:camellia128-cbc/all:camellia192-cbc/all:camellia256-cbc/all:seed-cbc/all:des-ede3-cbc/all:des-40-cbc/all:des-cbc/all:null-cipher/all:rc2/all:rc4/all:idea/all:rsa/all:rsa-export/all:dhe-rsa/all:dhe-dss/all:ecdhe-ecdsa/all:ecdhe-rsa/all:ecdh-ecdsa/all:ecdh-rsa/all:tls-version-min=ssl2.0:tls-version-max=tls1.2 Allow All Explicitly
|
||||
+ 1 noECC SSL3 d disallow=all Disallow All Explicitly
|
||||
# turn off signature only
|
||||
- 1 noECC SSL3 d disallow=sha256 Disallow SHA256 Signatures Explicitly.
|
||||
- 1 noECC SSL3 d disallow=all_allow=hmac-sha1:rsa/ssl-key-exchange:des-ede3-cbc:tls-version-min=ssl3.0:tls-version-max=ssl3.0 Disallow SHA256 Signatures Implicitly Narrow.
|
||||
- 1 noECC SSL3 d disallow=all_allow=md2/all:md4/all:md5/all:sha1/all:sha384/all:sha512/all:hmac-sha1/all:hmac-sha224/all:hmac-sha256/all:hmac-sha384/all:hmac-sha512/all:hmac-md5/all:camellia128-cbc/all:camellia192-cbc/all:camellia256-cbc/all:seed-cbc/all:des-ede3-cbc/all:des-40-cbc/all:des-cbc/all:null-cipher/all:rc2/all:rc4/all:idea/all:rsa/all:rsa-export/all:dhe-rsa/all:dhe-dss/all:ecdhe-ecdsa/all:ecdhe-rsa/all:ecdh-ecdsa/all:ecdh-rsa/all:tls-version-min=ssl2.0:tls-version-max=tls1.2 Disallow SHA256 Signatures Implicitly.
|
||||
+ 0 noECC SSL3 d disallow=all/signature Disallow all signatures with Explicitly
|
||||
+ 1 noECC SSL3 d disallow=sha256 Disallow SHA256 Explicitly
|
||||
+ 1 noECC SSL3 d disallow=sha256/cert-signature Disallow SHA256 Certificate signature Explicitly
|
||||
+ 0 noECC SSL3 d disallow=sha256/signature Disallow All SHA256 signatures Explicitly
|
||||
+ 1 noECC SSL3 d disallow=sha256/all-signature Disallow Any SHA256 signature Explicitly
|
||||
+ 1 noECC SSL3 d disallow=all_allow=hmac-sha1:rsa/ssl-key-exchange:des-ede3-cbc:tls-version-min=ssl3.0:tls-version-max=ssl3.0 Disallow SHA256 Signatures Implicitly Narrow
|
||||
+ 1 noECC SSL3 d disallow=all_allow=md2/all:md4/all:md5/all:sha1/all:sha384/all:sha512/all:rsa-pkcs/all:rsa-pss/all:dsa/all:ecdsa/all:hmac-sha1/all:hmac-sha224/all:hmac-sha256/all:hmac-sha384/all:hmac-sha512/all:hmac-md5/all:camellia128-cbc/all:camellia192-cbc/all:camellia256-cbc/all:seed-cbc/all:des-ede3-cbc/all:des-40-cbc/all:des-cbc/all:null-cipher/all:rc2/all:rc4/all:idea/all:rsa/all:rsa-export/all:dhe-rsa/all:dhe-dss/all:ecdhe-ecdsa/all:ecdhe-rsa/all:ecdh-ecdsa/all:ecdh-rsa/all:tls-version-min=ssl2.0:tls-version-max=tls1.2 Disallow SHA256 Signatures Implicitly
|
||||
# turn off single cipher
|
||||
1 noECC SSL3 d disallow=des-ede3-cbc Disallow Cipher Explicitly
|
||||
- 1 noECC SSL3 d disallow=all_allow=hmac-sha1:sha256:rsa:des-cbc:tls-version-min=ssl3.0:tls-version-max=ssl3.0 Disallow Cipher Implicitly Narrow.
|
||||
- 1 noECC SSL3 d disallow=all_allow=md2/all:md4/all:md5/all:sha1/all:sha256/all:sha384/all:sha512/all:hmac-sha1/all:hmac-sha224/all:hmac-sha256/all:hmac-sha384/all:hmac-sha512/all:hmac-md5/all:camellia128-cbc/all:camellia192-cbc/all:camellia256-cbc/all:seed-cbc/all:des-40-cbc/all:des-cbc/all:null-cipher/all:rc2/all:rc4/all:idea/all:rsa/all:rsa-export/all:dhe-rsa/all:dhe-dss/all:ecdhe-ecdsa/all:ecdhe-rsa/all:ecdh-ecdsa/all:ecdh-rsa/all:tls-version-min=ssl2.0:tls-verion-max=tls1.2 Disallow Cipher Implicitly.
|
||||
+ 1 noECC SSL3 d disallow=all_allow=hmac-sha1:sha256:rsa-pkcs:rsa:des-cbc:tls-version-min=ssl3.0:tls-version-max=ssl3.0 Disallow Cipher Implicitly Narrow
|
||||
+ 1 noECC SSL3 d disallow=all_allow=md2/all:md4/all:md5/all:sha1/all:sha256/all:sha384/all:sha512/all:rsa-pkcs/all:rsa-pss/all:ecdsa/all:dsa/all:hmac-sha1/all:hmac-sha224/all:hmac-sha256/all:hmac-sha384/all:hmac-sha512/all:hmac-md5/all:camellia128-cbc/all:camellia192-cbc/all:camellia256-cbc/all:seed-cbc/all:des-40-cbc/all:des-cbc/all:null-cipher/all:rc2/all:rc4/all:idea/all:rsa/all:rsa-export/all:dhe-rsa/all:dhe-dss/all:ecdhe-ecdsa/all:ecdhe-rsa/all:ecdh-ecdsa/all:ecdh-rsa/all:tls-version-min=ssl2.0:tls-verion-max=tls1.2 Disallow Cipher Implicitly
|
||||
# turn off H-Mac
|
||||
1 noECC SSL3 d disallow=hmac-sha1 Disallow HMAC Explicitly
|
||||
- 1 noECC SSL3 d disallow=all_allow=md5:sha256:rsa:des-ede3-cbc:tls-version-min=ssl3.0:tls-version-max=ssl3.0 Disallow HMAC Implicitly Narrow.
|
||||
- 1 noECC SSL3 d disallow=all_allow=md2/all:md4/all:md5/all:sha1/all:sha256/all:sha384/all:sha512/all:hmac-sha224/all:hmac-sha256/all:hmac-sha384/all:hmac-sha512/all:hmac-md5/all:camellia128-cbc/all:camellia192-cbc/all:camellia256-cbc/all:seed-cbc/all:des-ede3-cbc/all:des-40-cbc/all:des-cbc/all:null-cipher/all:rc2/all:rc4/all:idea/all:rsa/all:rsa-export/all:dhe-rsa/all:dhe-dss/all:ecdhe-ecdsa/all:ecdhe-rsa/all:ecdh-ecdsa/all:ecdh-rsa/all:tls-version-min=ssl2.0:tls-version-max=tls1.2 Disallow HMAC Signatures Implicitly.
|
||||
+ 1 noECC SSL3 d disallow=all_allow=md5:sha256:rsa:des-ede3-cbc:tls-version-min=ssl3.0:tls-version-max=ssl3.0 Disallow HMAC Implicitly Narrow
|
||||
+ 1 noECC SSL3 d disallow=all_allow=md2/all:md4/all:md5/all:sha1/all:sha256/all:sha384/all:sha512/all:hmac-sha224/all:hmac-sha256/all:hmac-sha384/all:hmac-sha512/all:hmac-md5/all:camellia128-cbc/all:camellia192-cbc/all:camellia256-cbc/all:seed-cbc/all:des-ede3-cbc/all:des-40-cbc/all:des-cbc/all:null-cipher/all:rc2/all:rc4/all:idea/all:rsa/all:rsa-export/all:dhe-rsa/all:dhe-dss/all:ecdhe-ecdsa/all:ecdhe-rsa/all:ecdh-ecdsa/all:ecdh-rsa/all:tls-version-min=ssl2.0:tls-version-max=tls1.2 Disallow HMAC Signatures Implicitly
|
||||
# turn off key exchange
|
||||
- 1 noECC SSL3 d disallow=rsa/ssl-key-exchange Disallow Key Exchange Explicitly.
|
||||
- 1 noECC SSL3 d disallow=all_allow=hmac-sha1:sha256:dh-dss:des-ede3-cbc:tls-version-min=ssl3.0:tls-version-max=ssl3.0 Disallow Key Exchange Implicitly Narrow.
|
||||
- 1 noECC SSL3 d disallow=all_allow=md2/all:md4/all:md5/all:sha1/all:sha256/all:sha384/all:sha512/all:hmac-sha1/all:hmac-sha224/all:hmac-sha256/all:hmac-sha384/all:hmac-sha512/all:hmac-md5/all:camellia128-cbc/all:camellia192-cbc/all:camellia256-cbc/all:seed-cbc/all:des-ede3-cbc/all:des-40-cbc/all:des-cbc/all:null-cipher/all:rc2/all:rc4/all:idea/all:rsa-export/all:dhe-rsa/all:dhe-dss/all:ecdhe-ecdsa/all:ecdhe-rsa/all:ecdh-ecdsa/all:ecdh-rsa/all:tls-version-min=ssl2.0:tls-version-max=tls1.2 Disallow Key Exchnage Signatures Implicitly.
|
||||
+ 1 noECC SSL3 d disallow=rsa/ssl-key-exchange Disallow Key Exchange Explicitly
|
||||
+ 1 noECC SSL3 d disallow=all_allow=hmac-sha1:sha256:rsa-pkcs:dh-dss:des-ede3-cbc:tls-version-min=ssl3.0:tls-version-max=ssl3.0 Disallow Key Exchange Implicitly Narrow
|
||||
+ 1 noECC SSL3 d disallow=all_allow=md2/all:md4/all:md5/all:sha1/all:sha256/all:sha384/all:sha512/all:rsa-pkcs/all:rsa-pss/all:ecdsa/all:dsa/all:hmac-sha1/all:hmac-sha224/all:hmac-sha256/all:hmac-sha384/all:hmac-sha512/all:hmac-md5/all:camellia128-cbc/all:camellia192-cbc/all:camellia256-cbc/all:seed-cbc/all:des-ede3-cbc/all:des-40-cbc/all:des-cbc/all:null-cipher/all:rc2/all:rc4/all:idea/all:rsa-export/all:dhe-rsa/all:dhe-dss/all:ecdhe-ecdsa/all:ecdhe-rsa/all:ecdh-ecdsa/all:ecdh-rsa/all:tls-version-min=ssl2.0:tls-version-max=tls1.2 Disallow Key Exchange Signatures Implicitly
|
||||
# turn off version
|
||||
1 noECC SSL3 d allow=tls-version-min=tls1.0:tls-version-max=tls1.2 Disallow Version Exlicitly
|
||||
- 1 noECC SSL3 d disallow=all_allow=hmac-sha1:sha256:rsa:des-ede3-cbc:tls-version-min=tls1.0:tls-version-max=tls1.2 Disallow Version Implicitly Narrow.
|
||||
- 1 noECC SSL3 d disallow=all_allow=md2/all:md4/all:md5/all:sha1/all:sha256/all:sha384/all:sha512/all:hmac-sha1/all:hmac-sha224/all:hmac-sha256/all:hmac-sha384/all:hmac-sha512/all:hmac-md5/all:camellia128-cbc/all:camellia192-cbc/all:camellia256-cbc/all:seed-cbc/all:des-ede3-cbc/all:des-40-cbc/all:des-cbc/all:null-cipher/all:rc2/all:rc4/all:idea/all:rsa/all:rsa-export/all:dhe-rsa/all:dhe-dss/all:ecdhe-ecdsa/all:ecdhe-rsa/all:ecdh-ecdsa/all:ecdh-rsa/all:tls-version-min=tls1.0:tls-version-max=tls1.2 Disallow Version Implicitly.
|
||||
- 0 noECC SSL3 d disallow=dsa Disallow DSA Signatures Explicitly.
|
||||
+ 1 noECC SSL3 d disallow=all_allow=hmac-sha1:sha256:rsa-pkcs:rsa:des-ede3-cbc:tls-version-min=tls1.0:tls-version-max=tls1.2 Disallow Version Implicitly Narrow
|
||||
+ 1 noECC SSL3 d disallow=all_allow=md2/all:md4/all:md5/all:sha1/all:sha256/all:sha384/all:sha512/all:rsa-pkcs/all:rsa-pss/all:ecdsa/all:dsa/all:hmac-sha1/all:hmac-sha224/all:hmac-sha256/all:hmac-sha384/all:hmac-sha512/all:hmac-md5/all:camellia128-cbc/all:camellia192-cbc/all:camellia256-cbc/all:seed-cbc/all:des-ede3-cbc/all:des-40-cbc/all:des-cbc/all:null-cipher/all:rc2/all:rc4/all:idea/all:rsa/all:rsa-export/all:dhe-rsa/all:dhe-dss/all:ecdhe-ecdsa/all:ecdhe-rsa/all:ecdh-ecdsa/all:ecdh-rsa/all:tls-version-min=tls1.0:tls-version-max=tls1.2 Disallow Version Implicitly
|
||||
+ 0 noECC SSL3 d disallow=dsa Disallow DSA Signatures Explicitly
|
||||
+ 1 noECC SSL3 d disallow=rsa-pkcs Disallow RSA PKCS 1 Signatures Explicitly
|
||||
+# test default settings
|
||||
+# NOTE: tstclient will attempt to overide the defaults, so we detect we
|
||||
+# were successful by locking in our settings
|
||||
+ 0 noECC SSL3 d allow=all_disable=all Disable all by default, application override
|
||||
+ 1 noECC SSL3 d allow=all_disable=all_flags=ssl-lock,policy-lock Disable all by default, prevent application from enabling
|
||||
+ 0 noECC SSL3 d allow=all_disable=all_flags=policy-lock Disable all by default, lock policy (application can still change the ciphers)
|
||||
+# explicitly enable :002f RSA_AES_128_CBC_SHA1 and lock it in
|
||||
+ 0 noECC SSL3 d allow=all_disable=all_enable=hmac-sha1:sha256:rsa-pkcs:rsa:aes128-cbc:tls-version-min=ssl3.0:tls-version-max=ssl3.0_flags=ssl-lock Lock in a different ciphersuite that the one the application asks for
|
||||
diff -up ./tests/ssl/ssl.sh.orig ./tests/ssl/ssl.sh
|
||||
--- ./tests/ssl/ssl.sh.orig 2020-06-16 15:50:59.000000000 -0700
|
||||
+++ ./tests/ssl/ssl.sh 2020-10-29 13:17:16.391664228 -0700
|
||||
@@ -886,6 +886,7 @@ ssl_policy_listsuites()
|
||||
cp ${P_R_CLIENTDIR}/pkcs11.txt ${P_R_CLIENTDIR}/pkcs11.txt.sav
|
||||
|
||||
# Disallow all explicitly
|
||||
+ testname="listsuites with all cipher disallowed by policy"
|
||||
setup_policy "disallow=all" ${P_R_CLIENTDIR}
|
||||
RET_EXP=1
|
||||
list_enabled_suites | grep '^TLS_'
|
||||
@@ -894,6 +895,7 @@ ssl_policy_listsuites()
|
||||
"produced a returncode of $RET, expected is $RET_EXP"
|
||||
|
||||
# Disallow RSA in key exchange explicitly
|
||||
+ testname="listsuites with rsa cipher disallowed by policy"
|
||||
setup_policy "disallow=rsa/ssl-key-exchange" ${P_R_CLIENTDIR}
|
||||
RET_EXP=1
|
||||
list_enabled_suites | grep '^TLS_RSA_'
|
||||
@@ -901,6 +903,34 @@ ssl_policy_listsuites()
|
||||
html_msg $RET $RET_EXP "${testname}" \
|
||||
"produced a returncode of $RET, expected is $RET_EXP"
|
||||
|
||||
+ # allow by policy, but disable by default
|
||||
+ testname="listsuites with all ciphers enabled by policy but disabled by default"
|
||||
+ setup_policy "allow=all disable=all" ${P_R_CLIENTDIR}
|
||||
+ RET_EXP=1
|
||||
+ list_enabled_suites | grep '^TLS_'
|
||||
+ RET=$?
|
||||
+ html_msg $RET $RET_EXP "${testname}" \
|
||||
+ "produced a returncode of $RET, expected is $RET_EXP"
|
||||
+
|
||||
+ # allow by policy, but disable by default just rsa-kea
|
||||
+ testname="listsuites with all ciphers enabled by policy but rsa disabled by default"
|
||||
+ setup_policy "allow=all disable=rsa/ssl-key-exchange" ${P_R_CLIENTDIR}
|
||||
+ RET_EXP=1
|
||||
+ list_enabled_suites | grep '^TLS_RSA_'
|
||||
+ RET=$?
|
||||
+ html_msg $RET $RET_EXP "${testname}" \
|
||||
+ "produced a returncode of $RET, expected is $RET_EXP"
|
||||
+
|
||||
+ # list_enabled_suites tries to set a policy value explicitly, This will
|
||||
+ # cause list_enabled_suites to fail if we lock the policy
|
||||
+ testname="listsuites with policy locked"
|
||||
+ setup_policy "allow=all flags=policy-lock" ${P_R_CLIENTDIR}
|
||||
+ RET_EXP=1
|
||||
+ SSL_DIR="${P_R_CLIENTDIR}" ${BINDIR}/listsuites
|
||||
+ RET=$?
|
||||
+ html_msg $RET $RET_EXP "${testname}" \
|
||||
+ "produced a returncode of $RET, expected is $RET_EXP"
|
||||
+
|
||||
cp ${P_R_CLIENTDIR}/pkcs11.txt.sav ${P_R_CLIENTDIR}/pkcs11.txt
|
||||
|
||||
html "</TABLE><BR>"
|
||||
@@ -925,6 +955,7 @@ ssl_policy_selfserv()
|
||||
cp ${P_R_SERVERDIR}/pkcs11.txt ${P_R_SERVERDIR}/pkcs11.txt.sav
|
||||
|
||||
# Disallow RSA in key exchange explicitly
|
||||
+ testname="Disallow RSA key exchange explicitly"
|
||||
setup_policy "disallow=rsa/ssl-key-exchange" ${P_R_SERVERDIR}
|
||||
|
||||
SAVE_SERVER_OPTIONS=${SERVER_OPTIONS}
|
||||
|
@ -1,417 +0,0 @@
|
||||
diff -up ./gtests/common/testvectors_base/test-structs.h.orig ./gtests/common/testvectors_base/test-structs.h
|
||||
--- ./gtests/common/testvectors_base/test-structs.h.orig 2020-06-16 15:50:59.000000000 -0700
|
||||
+++ ./gtests/common/testvectors_base/test-structs.h 2020-12-05 10:54:36.648849921 -0800
|
||||
@@ -66,6 +66,31 @@ typedef struct EcdhTestVectorStr {
|
||||
bool valid;
|
||||
} EcdhTestVector;
|
||||
|
||||
+enum class IkeTestType {
|
||||
+ ikeGxy, /* CKM_NSS_IKE_PRF_DERIVE case 1 */
|
||||
+ ikeV1Psk, /* CKM_NSS_IKE_PRF_DERIVE case 2 */
|
||||
+ ikeV2Rekey, /* CKM_NSS_IKE_PRF_DERIVE case 3 */
|
||||
+ ikeV1, /* CKM_NSS_IKE1_PRF_DERIVE */
|
||||
+ ikeV1AppB, /* CKM_NSS_IKE1_PRF_APP_B_DERIVE base mode */
|
||||
+ ikeV1AppBQuick, /* CKM_NSS_IKE1_PRF_APP_B_DERIVE quick mode */
|
||||
+ ikePlus /* CKM_NSS_IKE_PRF_DERIVE */
|
||||
+};
|
||||
+
|
||||
+typedef struct IkeTestVectorStr {
|
||||
+ uint32_t id;
|
||||
+ IkeTestType test_type;
|
||||
+ std::string ikm;
|
||||
+ std::string gxykm;
|
||||
+ std::string prevkm;
|
||||
+ std::string okm;
|
||||
+ std::string Ni;
|
||||
+ std::string Nr;
|
||||
+ std::string seed_data;
|
||||
+ uint8_t key_number;
|
||||
+ uint32_t size;
|
||||
+ bool valid;
|
||||
+} IkeTestVector;
|
||||
+
|
||||
typedef struct RsaSignatureTestVectorStr {
|
||||
SECOidTag hash_oid;
|
||||
uint32_t id;
|
||||
diff -up ./gtests/common/testvectors/ike-sha1-vectors.h.orig ./gtests/common/testvectors/ike-sha1-vectors.h
|
||||
--- ./gtests/common/testvectors/ike-sha1-vectors.h.orig 2020-12-05 10:54:36.649849926 -0800
|
||||
+++ ./gtests/common/testvectors/ike-sha1-vectors.h 2020-12-05 11:01:09.170017713 -0800
|
||||
@@ -0,0 +1,114 @@
|
||||
+/* vim: set ts=2 et sw=2 tw=80: */
|
||||
+/* This Source Code Form is subject to the terms of the Mozilla Public
|
||||
+ * License, v. 2.0. If a copy of the MPL was not distributed with this file,
|
||||
+ * You can obtain one at http://mozilla.org/MPL/2.0/. */
|
||||
+
|
||||
+/* This file is generated from sources in nss/gtests/common/wycheproof
|
||||
+ * automatically and should not be touched manually.
|
||||
+ * Generation is trigged by calling python3 genTestVectors.py */
|
||||
+
|
||||
+#ifndef ike_sha1_vectors_h__
|
||||
+#define ike_sha1_vectors_h__
|
||||
+
|
||||
+#include "testvectors_base/test-structs.h"
|
||||
+
|
||||
+const IkeTestVector kIkeSha1ProofVectors[] = {
|
||||
+ // these vectors are from this NIST samples
|
||||
+ {1, IkeTestType::ikeGxy,
|
||||
+ "8ba4cbc73c0187301dc19a975823854dbd641c597f637f8d053a83b9514673eb",
|
||||
+ "", "", "707197817fb2d90cf54d1842606bdea59b9f4823",
|
||||
+ "69a62284195f1680", "80c94ba25c8abda5",
|
||||
+ "", 0, 0, true },
|
||||
+ {2, IkeTestType::ikeV1,
|
||||
+ "707197817fb2d90cf54d1842606bdea59b9f4823",
|
||||
+ "8ba4cbc73c0187301dc19a975823854dbd641c597f637f8d053a83b9514673eb",
|
||||
+ "", "384be709a8a5e63c3ed160cfe3921c4b37d5b32d",
|
||||
+ "8c3bcd3a69831d7f", "d2d9a7ff4fbe95a7",
|
||||
+ "", 0, 0, true },
|
||||
+ {3, IkeTestType::ikeV1,
|
||||
+ "707197817fb2d90cf54d1842606bdea59b9f4823",
|
||||
+ "8ba4cbc73c0187301dc19a975823854dbd641c597f637f8d053a83b9514673eb",
|
||||
+ "384be709a8a5e63c3ed160cfe3921c4b37d5b32d",
|
||||
+ "48b327575abe3adba0f279849e289022a13e2b47",
|
||||
+ "8c3bcd3a69831d7f", "d2d9a7ff4fbe95a7",
|
||||
+ "", 1, 0, true },
|
||||
+ {4, IkeTestType::ikeV1,
|
||||
+ "707197817fb2d90cf54d1842606bdea59b9f4823",
|
||||
+ "8ba4cbc73c0187301dc19a975823854dbd641c597f637f8d053a83b9514673eb",
|
||||
+ "48b327575abe3adba0f279849e289022a13e2b47",
|
||||
+ "a4a415c8e0c38c0da847c356cc61c24df8025560",
|
||||
+ "8c3bcd3a69831d7f", "d2d9a7ff4fbe95a7",
|
||||
+ "", 2, 0, true },
|
||||
+ {5, IkeTestType::ikeV1Psk, "c0", "", "",
|
||||
+ "ab3be41bc62f2ef0c41a3076d58768be77fadd2e",
|
||||
+ "03a6f25a83c8c2a3", "9d958a6618f77e7f",
|
||||
+ "", 0, 0, true },
|
||||
+ {6, IkeTestType::ikeGxy,
|
||||
+ "4b2c1f971981a8ad8d0abeafabf38cf75fc8349c148142465ed9c8b516b8be52",
|
||||
+ "", "", "a9a7b222b59f8f48645f28a1db5b5f5d7479cba7",
|
||||
+ "32b50d5f4a3763f3", "9206a04b26564cb1",
|
||||
+ "", 0, 0, true },
|
||||
+ {7, IkeTestType::ikeV2Rekey,
|
||||
+ "a14293677cc80ff8f9cc0eee30d895da9d8f4056",
|
||||
+ "863f3c9d06efd39d2b907b97f8699e5dd5251ef64a2a176f36ee40c87d4f9330",
|
||||
+ "", "63e81194946ebd05df7df5ebf5d8750056bf1f1d",
|
||||
+ "32b50d5f4a3763f3", "9206a04b26564cb1",
|
||||
+ "", 0, 0, true },
|
||||
+ {8, IkeTestType::ikePlus,
|
||||
+ "a9a7b222b59f8f48645f28a1db5b5f5d7479cba7", "", "",
|
||||
+ "a14293677cc80ff8f9cc0eee30d895da9d8f405666e30ef0dfcb63c634a46002a2a63080e514a062768b76606f9fa5e992204fc5a670bde3f10d6b027113936a5c55b648a194ae587b0088d52204b702c979fa280870d2ed41efa9c549fd11198af1670b143d384bd275c5f594cf266b05ebadca855e4249520a441a81157435a7a56cc4", "", "",
|
||||
+ // seed_data is Ni || Nr || SPIi || SPIr
|
||||
+ // NOTE: there is no comma so the strings are concatenated together.
|
||||
+ "32b50d5f4a3763f3" // Ni
|
||||
+ "9206a04b26564cb1" // Nr
|
||||
+ "34c9e7c188868785" // SPIi
|
||||
+ "3ff77d760d2b2199", // SPIr
|
||||
+ 0, 132, true },
|
||||
+ {9, IkeTestType::ikePlus,
|
||||
+ "a9a7b222b59f8f48645f28a1db5b5f5d7479cba7", "", "",
|
||||
+ "a14293677cc80ff8f9cc0eee30d895da9d8f405666e30ef0dfcb63c634a46002a2a63080e514a062", "", "",
|
||||
+ // seed_data is Ni || Nr || SPIi || SPIr
|
||||
+ // NOTE: there is no comma so the strings are concatenated together.
|
||||
+ "32b50d5f4a3763f3" // Ni
|
||||
+ "9206a04b26564cb1" // Nr
|
||||
+ "34c9e7c188868785" // SPIi
|
||||
+ "3ff77d760d2b2199", // SPIr
|
||||
+ 0, 40, true },
|
||||
+ {10, IkeTestType::ikePlus,
|
||||
+ "a9a7b222b59f8f48645f28a1db5b5f5d7479cba7", "", "",
|
||||
+ "a14293677cc80ff8f9cc0eee30d895", "", "",
|
||||
+ // seed_data is Ni || Nr || SPIi || SPIr
|
||||
+ // NOTE: there is no comma so the strings are concatenated together.
|
||||
+ "32b50d5f4a3763f3" // Ni
|
||||
+ "9206a04b26564cb1" // Nr
|
||||
+ "34c9e7c188868785" // SPIi
|
||||
+ "3ff77d760d2b2199", // SPIr
|
||||
+ 0, 15, true },
|
||||
+ // these vectors are self-generated
|
||||
+ {11, IkeTestType::ikeV1AppB,
|
||||
+ "63e81194946ebd05df7df5ebf5d8750056bf1f1d", "", "",
|
||||
+ "933347a07de5782247dd36d1562ffe0eecade1eb4134165257e3af1000af8ae3f165063828cbb60d910b7db38fa3c7f62c4afaaf3203da065c841729853edb23e9e7ac8286ae65c8cb6c667d79268c0bd6705abb9131698eb822b1c1f9dd142fc7be2c1010ee0152e10195add98999c6b6d42c8fe9c1b134d56ad5f2c6f20e815bd25c52",
|
||||
+ "", "", "", 0, 132, true },
|
||||
+ {12, IkeTestType::ikeV1AppB,
|
||||
+ "63e81194946ebd05df7df5ebf5d8750056bf1f1d", "", "",
|
||||
+ "933347a07de5782247dd36d1562ffe0eecade1eb4134165257e3af1000af8ae3f165063828cbb60d",
|
||||
+ "", "", "", 0, 40, true },
|
||||
+ {13, IkeTestType::ikeV1AppB,
|
||||
+ "63e81194946ebd05df7df5ebf5d8750056bf1f1d", "", "",
|
||||
+ "63e81194946ebd05df7df5ebf5d875",
|
||||
+ "", "", "", 0, 15, true },
|
||||
+ {14, IkeTestType::ikeV1AppBQuick,
|
||||
+ "63e81194946ebd05df7df5ebf5d8750056bf1f1d", "", "",
|
||||
+ "933347a07de5782247dd36d1562ffe0eecade1ebaeaa476a5f578c34a9b2b7101a621202f61db924c5ef9efa3bb2698095841603b7ac8a880329a927ecd4ad53a944b607a5ac2f3d154e2748c188d7370d76be83fc204fdacf0f66b99dd760ba619ffac65eda1420c8a936dac5a599afaf4043b29ef2b65dc042724355b550875316c6fd",
|
||||
+ "", "", "0", 0, 132, true },
|
||||
+ {15, IkeTestType::ikeV1AppBQuick,
|
||||
+ "63e81194946ebd05df7df5ebf5d8750056bf1f1d", "", "",
|
||||
+ "933347a07de5782247dd36d1562ffe0eecade1ebaeaa476a5f578c34a9b2b7101a621202f61db924",
|
||||
+ "", "", "0", 0, 40, true },
|
||||
+ {16, IkeTestType::ikeV1AppBQuick,
|
||||
+ "63e81194946ebd05df7df5ebf5d8750056bf1f1d", "", "",
|
||||
+ "933347a07de5782247dd36d1562ffe",
|
||||
+ "", "", "0", 0, 15, true },
|
||||
+ };
|
||||
+
|
||||
+#endif // ike_sha1_vectors_h__
|
||||
diff -up ./gtests/pk11_gtest/manifest.mn.orig ./gtests/pk11_gtest/manifest.mn
|
||||
--- ./gtests/pk11_gtest/manifest.mn.orig 2020-12-05 10:53:12.529385354 -0800
|
||||
+++ ./gtests/pk11_gtest/manifest.mn 2020-12-05 10:54:36.649849926 -0800
|
||||
@@ -22,6 +22,7 @@ CPPSRCS = \
|
||||
pk11_export_unittest.cc \
|
||||
pk11_find_certs_unittest.cc \
|
||||
pk11_hkdf_unittest.cc \
|
||||
+ pk11_ike_unittest.cc \
|
||||
pk11_import_unittest.cc \
|
||||
pk11_kdf_unittest.cc \
|
||||
pk11_kbkdf.cc \
|
||||
diff -up ./gtests/pk11_gtest/pk11_gtest.gyp.orig ./gtests/pk11_gtest/pk11_gtest.gyp
|
||||
--- ./gtests/pk11_gtest/pk11_gtest.gyp.orig 2020-06-16 15:50:59.000000000 -0700
|
||||
+++ ./gtests/pk11_gtest/pk11_gtest.gyp 2020-12-05 10:54:36.649849926 -0800
|
||||
@@ -27,6 +27,7 @@
|
||||
'pk11_encrypt_derive_unittest.cc',
|
||||
'pk11_find_certs_unittest.cc',
|
||||
'pk11_hkdf_unittest.cc',
|
||||
+ 'pk11_ike_unittest.cc',
|
||||
'pk11_import_unittest.cc',
|
||||
'pk11_kbkdf.cc',
|
||||
'pk11_keygen.cc',
|
||||
diff -up ./gtests/pk11_gtest/pk11_ike_unittest.cc.orig ./gtests/pk11_gtest/pk11_ike_unittest.cc
|
||||
--- ./gtests/pk11_gtest/pk11_ike_unittest.cc.orig 2020-12-05 10:54:36.649849926 -0800
|
||||
+++ ./gtests/pk11_gtest/pk11_ike_unittest.cc 2020-12-05 10:54:36.649849926 -0800
|
||||
@@ -0,0 +1,197 @@
|
||||
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
|
||||
+/* vim: set ts=2 et sw=2 tw=80: */
|
||||
+/* This Source Code Form is subject to the terms of the Mozilla Public
|
||||
+ * License, v. 2.0. If a copy of the MPL was not distributed with this file,
|
||||
+ * You can obtain one at http://mozilla.org/MPL/2.0/. */
|
||||
+
|
||||
+#include <memory>
|
||||
+#include "blapi.h"
|
||||
+#include "gtest/gtest.h"
|
||||
+#include "nss.h"
|
||||
+#include "nss_scoped_ptrs.h"
|
||||
+#include "pk11pub.h"
|
||||
+#include "secerr.h"
|
||||
+#include "sechash.h"
|
||||
+#include "util.h"
|
||||
+
|
||||
+#include "testvectors/ike-sha1-vectors.h"
|
||||
+#ifdef notdef
|
||||
+#include "testvectors/ike-sha256-vectors.h"
|
||||
+#include "testvectors/ike-aesxcbc-vectors.h"
|
||||
+#endif
|
||||
+
|
||||
+namespace nss_test {
|
||||
+
|
||||
+class Pkcs11IkeTest
|
||||
+ : public ::testing::TestWithParam<
|
||||
+ std::tuple<IkeTestVector, CK_MECHANISM_TYPE>> {
|
||||
+ protected:
|
||||
+ void dump_item(const char *label, SECItem *item) {
|
||||
+ printf("%s: %d bytes { \"",label, item->len);
|
||||
+ unsigned int i;
|
||||
+ for (i=0; i < item->len; i++) {
|
||||
+ printf("%02x",item->data[i]);
|
||||
+ }
|
||||
+ printf("\"\n");
|
||||
+ }
|
||||
+
|
||||
+ ScopedPK11SymKey ImportKey(SECItem &ikm_item) {
|
||||
+ ScopedPK11SlotInfo slot(PK11_GetInternalSlot());
|
||||
+ if (!slot) {
|
||||
+ ADD_FAILURE() << "Can't get slot";
|
||||
+ return nullptr;
|
||||
+ }
|
||||
+ ScopedPK11SymKey ikm(PK11_ImportSymKey(slot.get(),
|
||||
+ CKM_GENERIC_SECRET_KEY_GEN,
|
||||
+ PK11_OriginUnwrap, CKA_DERIVE, &ikm_item,
|
||||
+ nullptr));
|
||||
+ return ikm;
|
||||
+ }
|
||||
+
|
||||
+ void RunVectorTest(const IkeTestVector &vec, CK_MECHANISM_TYPE prf_mech) {
|
||||
+ std::string msg = "Test #" + std::to_string(vec.id) + " failed";
|
||||
+ std::vector<uint8_t> vec_ikm = hex_string_to_bytes(vec.ikm);
|
||||
+ std::vector<uint8_t> vec_okm = hex_string_to_bytes(vec.okm);
|
||||
+ std::vector<uint8_t> vec_gxykm = hex_string_to_bytes(vec.gxykm);
|
||||
+ std::vector<uint8_t> vec_prevkm = hex_string_to_bytes(vec.prevkm);
|
||||
+ std::vector<uint8_t> vec_Ni = hex_string_to_bytes(vec.Ni);
|
||||
+ std::vector<uint8_t> vec_Nr = hex_string_to_bytes(vec.Nr);
|
||||
+ std::vector<uint8_t> vec_seed_data = hex_string_to_bytes(vec.seed_data);
|
||||
+ SECItem ikm_item = {siBuffer, vec_ikm.data(),
|
||||
+ static_cast<unsigned int>(vec_ikm.size())};
|
||||
+ SECItem okm_item = {siBuffer, vec_okm.data(),
|
||||
+ static_cast<unsigned int>(vec_okm.size())};
|
||||
+ SECItem prevkm_item = {siBuffer, vec_prevkm.data(),
|
||||
+ static_cast<unsigned int>(vec_prevkm.size())};
|
||||
+ SECItem gxykm_item = {siBuffer, vec_gxykm.data(),
|
||||
+ static_cast<unsigned int>(vec_gxykm.size())};
|
||||
+ CK_MECHANISM_TYPE derive_mech = CKM_NSS_IKE_PRF_DERIVE;
|
||||
+ ScopedPK11SymKey gxy_key= nullptr;
|
||||
+ ScopedPK11SymKey prev_key= nullptr;
|
||||
+ ScopedPK11SymKey ikm = ImportKey(ikm_item);
|
||||
+
|
||||
+ // IKE_PRF structure (used in cases 1, 2 and 3)
|
||||
+ CK_NSS_IKE_PRF_DERIVE_PARAMS nss_ike_prf_params = {
|
||||
+ prf_mech, false, false,
|
||||
+ vec_Ni.data(), static_cast<CK_ULONG>(vec_Ni.size()),
|
||||
+ vec_Nr.data(), static_cast<CK_ULONG>(vec_Nr.size()),
|
||||
+ CK_INVALID_HANDLE
|
||||
+ };
|
||||
+
|
||||
+ // IKE_V1_PRF, used to derive session keys.
|
||||
+ CK_NSS_IKE1_PRF_DERIVE_PARAMS nss_ike_v1_prf_params = {
|
||||
+ prf_mech, false, CK_INVALID_HANDLE, CK_INVALID_HANDLE,
|
||||
+ vec_Ni.data(), static_cast<CK_ULONG>(vec_Ni.size()),
|
||||
+ vec_Nr.data(), static_cast<CK_ULONG>(vec_Nr.size()),
|
||||
+ vec.key_number
|
||||
+ };
|
||||
+
|
||||
+ // IKE_V1_APP_B, do quick mode (all session keys in one call).
|
||||
+ CK_NSS_IKE1_APP_B_PRF_DERIVE_PARAMS nss_ike_app_b_prf_params_quick = {
|
||||
+ prf_mech, false, CK_INVALID_HANDLE,
|
||||
+ vec_seed_data.data(), static_cast<CK_ULONG>(vec_seed_data.size())
|
||||
+ };
|
||||
+
|
||||
+ // IKE_V1_APP_B, used for long session keys in ike_v1
|
||||
+ CK_MECHANISM_TYPE nss_ike_app_b_prf_params = prf_mech;
|
||||
+
|
||||
+ // IKE_PRF_PLUS, used to generate session keys in ike v2
|
||||
+ CK_NSS_IKE_PRF_PLUS_DERIVE_PARAMS nss_ike_prf_plus_params = {
|
||||
+ prf_mech, false, CK_INVALID_HANDLE,
|
||||
+ vec_seed_data.data(), static_cast<CK_ULONG>(vec_seed_data.size())
|
||||
+ };
|
||||
+
|
||||
+
|
||||
+ SECItem params_item = {siBuffer, (unsigned char *)&nss_ike_prf_params,
|
||||
+ sizeof(nss_ike_prf_params)};
|
||||
+
|
||||
+ switch (vec.test_type) {
|
||||
+ case IkeTestType::ikeGxy:
|
||||
+ nss_ike_prf_params.bDataAsKey = true;
|
||||
+ break;
|
||||
+ case IkeTestType::ikeV1Psk:
|
||||
+ break;
|
||||
+ case IkeTestType::ikeV2Rekey:
|
||||
+ nss_ike_prf_params.bRekey = true;
|
||||
+ gxy_key = ImportKey(gxykm_item);
|
||||
+ nss_ike_prf_params.hNewKey = PK11_GetSymKeyHandle(gxy_key.get());
|
||||
+ break;
|
||||
+ case IkeTestType::ikeV1:
|
||||
+ derive_mech = CKM_NSS_IKE1_PRF_DERIVE;
|
||||
+ params_item.data = (unsigned char *) &nss_ike_v1_prf_params;
|
||||
+ params_item.len = sizeof(nss_ike_v1_prf_params);
|
||||
+ gxy_key = ImportKey(gxykm_item);
|
||||
+ nss_ike_v1_prf_params.hKeygxy = PK11_GetSymKeyHandle(gxy_key.get());
|
||||
+ if (prevkm_item.len != 0) {
|
||||
+ prev_key = ImportKey(prevkm_item);
|
||||
+ nss_ike_v1_prf_params.bHasPrevKey = true;
|
||||
+ nss_ike_v1_prf_params.hPrevKey = PK11_GetSymKeyHandle(prev_key.get());
|
||||
+ }
|
||||
+ break;
|
||||
+ case IkeTestType::ikeV1AppB:
|
||||
+ derive_mech = CKM_NSS_IKE1_APP_B_PRF_DERIVE;
|
||||
+ params_item.data = (unsigned char *) &nss_ike_app_b_prf_params;
|
||||
+ params_item.len = sizeof(nss_ike_app_b_prf_params);
|
||||
+ break;
|
||||
+ case IkeTestType::ikeV1AppBQuick:
|
||||
+ derive_mech = CKM_NSS_IKE1_APP_B_PRF_DERIVE;
|
||||
+ params_item.data = (unsigned char *) &nss_ike_app_b_prf_params_quick;
|
||||
+ params_item.len = sizeof(nss_ike_app_b_prf_params_quick);
|
||||
+ if (gxykm_item.len != 0) {
|
||||
+ gxy_key = ImportKey(gxykm_item);
|
||||
+ nss_ike_app_b_prf_params_quick.bHasKeygxy = true;
|
||||
+ nss_ike_app_b_prf_params_quick.hKeygxy =
|
||||
+ PK11_GetSymKeyHandle(gxy_key.get());
|
||||
+ }
|
||||
+ break;
|
||||
+ case IkeTestType::ikePlus:
|
||||
+ derive_mech = CKM_NSS_IKE_PRF_PLUS_DERIVE;
|
||||
+ params_item.data = (unsigned char *) &nss_ike_prf_plus_params;
|
||||
+ params_item.len = sizeof(nss_ike_prf_plus_params);
|
||||
+ break;
|
||||
+ default:
|
||||
+ ADD_FAILURE() << msg;
|
||||
+ return;
|
||||
+ }
|
||||
+ ASSERT_NE(nullptr, ikm) << msg;
|
||||
+
|
||||
+ ScopedPK11SymKey okm = ScopedPK11SymKey(
|
||||
+ PK11_Derive(ikm.get(), derive_mech, ¶ms_item,
|
||||
+ CKM_GENERIC_SECRET_KEY_GEN, CKA_DERIVE, vec.size));
|
||||
+ if (vec.valid) {
|
||||
+ ASSERT_NE(nullptr, okm.get()) << msg;
|
||||
+ ASSERT_EQ(SECSuccess, PK11_ExtractKeyValue(okm.get())) << msg;
|
||||
+ SECItem *outItem = PK11_GetKeyData(okm.get());
|
||||
+ if (SECITEM_CompareItem(&okm_item, outItem) != 0) {
|
||||
+ dump_item("expected key:", &okm_item);
|
||||
+ dump_item("calculated key:", outItem);
|
||||
+ }
|
||||
+ ASSERT_EQ(0, SECITEM_CompareItem(&okm_item, PK11_GetKeyData(okm.get())))
|
||||
+ << msg;
|
||||
+ } else {
|
||||
+ ASSERT_EQ(nullptr, okm.get()) << msg;
|
||||
+ }
|
||||
+ }
|
||||
+};
|
||||
+
|
||||
+TEST_P(Pkcs11IkeTest, IkeproofVectors) {
|
||||
+ RunVectorTest(std::get<0>(GetParam()), std::get<1>(GetParam()));
|
||||
+}
|
||||
+
|
||||
+INSTANTIATE_TEST_CASE_P(
|
||||
+ IkeSha1, Pkcs11IkeTest,
|
||||
+ ::testing::Combine(::testing::ValuesIn(kIkeSha1ProofVectors),
|
||||
+ ::testing::Values(CKM_SHA_1_HMAC)));
|
||||
+#ifdef notdef
|
||||
+INSTANTIATE_TEST_CASE_P(
|
||||
+ IkeSha256, Pkcs11IkeTest,
|
||||
+ ::testing::Combine(::testing::ValuesIn(kIkeSha256ProofVectors),
|
||||
+ ::testing::Values(CKM_SHA256_HMAC)));
|
||||
+
|
||||
+INSTANTIATE_TEST_CASE_P(
|
||||
+ IkeAESXCBC, Pkcs11IkeTest,
|
||||
+ ::testing::Combine(::testing::ValuesIn(kIkeAesXcbcProofVectors),
|
||||
+ ::testing::Values(CKM_AES_XCBC_MAC)));
|
||||
+#endif
|
||||
+
|
||||
+} // namespace nss_test
|
||||
diff -up ./lib/softoken/sftkike.c.orig ./lib/softoken/sftkike.c
|
||||
--- ./lib/softoken/sftkike.c.orig 2020-12-05 10:53:12.629385906 -0800
|
||||
+++ ./lib/softoken/sftkike.c 2020-12-05 10:59:16.073393113 -0800
|
||||
@@ -720,6 +720,7 @@ sftk_ike1_appendix_b_prf(CK_SESSION_HAND
|
||||
unsigned int macSize;
|
||||
unsigned int outKeySize;
|
||||
unsigned int genKeySize;
|
||||
+ PRBool quickMode = PR_FALSE;
|
||||
CK_RV crv;
|
||||
prfContext context;
|
||||
|
||||
@@ -748,6 +749,11 @@ sftk_ike1_appendix_b_prf(CK_SESSION_HAND
|
||||
crv = CKR_KEY_HANDLE_INVALID;
|
||||
goto fail;
|
||||
}
|
||||
+ quickMode = PR_TRUE;
|
||||
+ }
|
||||
+
|
||||
+ if (params->ulExtraDataLen !=0) {
|
||||
+ quickMode = PR_TRUE;
|
||||
}
|
||||
|
||||
macSize = prf_length(&context);
|
||||
@@ -756,10 +762,16 @@ sftk_ike1_appendix_b_prf(CK_SESSION_HAND
|
||||
keySize = macSize;
|
||||
}
|
||||
|
||||
- if (keySize <= inKey->attrib.ulValueLen) {
|
||||
+ /* In appendix B, we are just expanding or contracting a single key.
|
||||
+ * If the input key is less than equal the the key size we want, just
|
||||
+ * subset the original key. In quick mode we are actually getting new
|
||||
+ * keys (salted with our seed data and our gxy key), so we want to run
|
||||
+ * through our algorithm */
|
||||
+ if ((!quickMode) && (keySize <= inKey->attrib.ulValueLen)) {
|
||||
return sftk_forceAttribute(outKey, CKA_VALUE,
|
||||
inKey->attrib.pValue, keySize);
|
||||
}
|
||||
+
|
||||
outKeySize = PR_ROUNDUP(keySize, macSize);
|
||||
outKeyData = PORT_Alloc(outKeySize);
|
||||
if (outKeyData == NULL) {
|
@ -1,21 +0,0 @@
|
||||
diff -up ./gtests/softoken_gtest/softoken_dh_vectors.h.no-small-primes ./gtests/softoken_gtest/softoken_dh_vectors.h
|
||||
--- ./gtests/softoken_gtest/softoken_dh_vectors.h.no-small-primes 2020-10-04 00:52:25.008998541 +0300
|
||||
+++ ./gtests/softoken_gtest/softoken_dh_vectors.h 2020-10-04 00:54:50.095503256 +0300
|
||||
@@ -2869,7 +2869,7 @@ static const DhTestVector DH_TEST_VECTOR
|
||||
{siBuffer, (unsigned char *)g2, sizeof(g2)},
|
||||
{siBuffer, NULL, 0},
|
||||
{siBuffer, NULL, 0},
|
||||
- IKE_APPROVED,
|
||||
+ SAFE_PRIME,
|
||||
CLASS_1536},
|
||||
{"IKE 2048",
|
||||
{siBuffer, (unsigned char *)prime_ike_2048, sizeof(prime_ike_2048)},
|
||||
@@ -2949,7 +2949,7 @@ static const DhTestVector DH_TEST_VECTOR
|
||||
{siBuffer, (unsigned char *)sub2_prime_ike_1536,
|
||||
sizeof(sub2_prime_ike_1536)},
|
||||
{siBuffer, NULL, 0},
|
||||
- IKE_APPROVED,
|
||||
+ SAFE_PRIME,
|
||||
CLASS_1536},
|
||||
{"IKE 2048 with subprime",
|
||||
{siBuffer, (unsigned char *)prime_ike_2048, sizeof(prime_ike_2048)},
|
@ -1,53 +0,0 @@
|
||||
diff -up ./lib/softoken/pkcs11c.c.orig ./lib/softoken/pkcs11c.c
|
||||
--- ./lib/softoken/pkcs11c.c.orig 2020-10-15 16:06:47.380122702 -0700
|
||||
+++ ./lib/softoken/pkcs11c.c 2020-10-15 16:07:56.891482521 -0700
|
||||
@@ -5101,7 +5101,7 @@ sftk_PairwiseConsistencyCheck(CK_SESSION
|
||||
/* subprime not supplied, In this case look it up.
|
||||
* This only works with approved primes, but in FIPS mode
|
||||
* that's the only kine of prime that will get here */
|
||||
- subPrimePtr = sftk_VerifyDH_Prime(&prime);
|
||||
+ subPrimePtr = sftk_VerifyDH_Prime(&prime,isFIPS);
|
||||
if (subPrimePtr == NULL) {
|
||||
crv = CKR_GENERAL_ERROR;
|
||||
goto done;
|
||||
@@ -8293,7 +8293,7 @@ NSC_DeriveKey(CK_SESSION_HANDLE hSession
|
||||
|
||||
/* if the prime is an approved prime, we can skip all the other
|
||||
* checks. */
|
||||
- subPrime = sftk_VerifyDH_Prime(&dhPrime);
|
||||
+ subPrime = sftk_VerifyDH_Prime(&dhPrime,isFIPS);
|
||||
if (subPrime == NULL) {
|
||||
SECItem dhSubPrime;
|
||||
/* In FIPS mode we only accept approved primes */
|
||||
diff -up ./lib/softoken/pkcs11i.h.orig ./lib/softoken/pkcs11i.h
|
||||
--- ./lib/softoken/pkcs11i.h.orig 2020-10-15 16:06:47.380122702 -0700
|
||||
+++ ./lib/softoken/pkcs11i.h 2020-10-15 16:07:56.892482526 -0700
|
||||
@@ -926,7 +926,7 @@ char **NSC_ModuleDBFunc(unsigned long fu
|
||||
/* dh verify functions */
|
||||
/* verify that dhPrime matches one of our known primes, and if so return
|
||||
* it's subprime value */
|
||||
-const SECItem *sftk_VerifyDH_Prime(SECItem *dhPrime);
|
||||
+const SECItem *sftk_VerifyDH_Prime(SECItem *dhPrime, PRBool isFIPS);
|
||||
/* check if dhSubPrime claims dhPrime is a safe prime. */
|
||||
SECStatus sftk_IsSafePrime(SECItem *dhPrime, SECItem *dhSubPrime, PRBool *isSafe);
|
||||
|
||||
diff -up ./lib/softoken/sftkdhverify.c.orig ./lib/softoken/sftkdhverify.c
|
||||
--- ./lib/softoken/sftkdhverify.c.orig 2020-10-15 16:06:47.370122650 -0700
|
||||
+++ ./lib/softoken/sftkdhverify.c 2020-10-15 16:07:56.893482531 -0700
|
||||
@@ -1171,11 +1171,15 @@ static const SECItem subprime_tls_8192=
|
||||
* verify that dhPrime matches one of our known primes
|
||||
*/
|
||||
const SECItem *
|
||||
-sftk_VerifyDH_Prime(SECItem *dhPrime)
|
||||
+sftk_VerifyDH_Prime(SECItem *dhPrime, PRBool isFIPS)
|
||||
{
|
||||
/* use the length to decide which primes to check */
|
||||
switch (dhPrime->len) {
|
||||
case 1536 / PR_BITS_PER_BYTE:
|
||||
+ /* don't accept 1536 bit primes in FIPS mode */
|
||||
+ if (isFIPS) {
|
||||
+ break;
|
||||
+ }
|
||||
if (PORT_Memcmp(dhPrime->data, prime_ike_1536,
|
||||
sizeof(prime_ike_1536)) == 0) {
|
||||
return &subprime_ike_1536;
|
@ -1,305 +0,0 @@
|
||||
|
||||
# HG changeset patch
|
||||
# User Robert Relyea <rrelyea@redhat.com>
|
||||
# Date 1603492441 25200
|
||||
# Node ID 33f920fcd1753d2b8f4a5e4f31e317c102d8cbfe
|
||||
# Parent e3bd9c2f925932b301440fb07ea1228f2d4e39ac
|
||||
Bug 1666891 - Add PK11_Pub{Wrap,Unwrap}SymKeyWithMechanism r=mt,rrelyea
|
||||
|
||||
Summary
|
||||
|
||||
This is useful for RSA-OAEP support.
|
||||
|
||||
The CKM_RSA_PKCS_OAEP mechanism requires a CK_RSA_PKCS_OAEP_PARAMS
|
||||
be present for PKCS#11 calls. This provides required context for OAEP.
|
||||
However, PK11_PubWrapSymKey lacks a way of providing this context and
|
||||
historically silently converted CKM_RSA_PKCS_OAEP to CKM_RSA_PKCS when
|
||||
a RSA key is provided. Introducing a new call will let us indicate
|
||||
parameters and potentially support other mechanisms in the future.
|
||||
This call mirrors the earlier calls introduced for RSA-PSS:
|
||||
PK11_SignWithMechanism and PK11_VerifyWithMechanism.
|
||||
|
||||
The CKM_RSA_PKCS_OAEP mechanism requires a CK_RSA_PKCS_OAEP_PARAMS
|
||||
be present for PKCS#11 calls. This provides required context for OAEP.
|
||||
However, PK11_PubUnwrapSymKey lacks a way of providing this context,
|
||||
and additionally lacked a way of indicating which mechanism type to use
|
||||
for the unwrap operation (instead detecting it by key type). Introducing
|
||||
a new call will let us indicate parameters and potentially support other
|
||||
mechanisms in the future.
|
||||
|
||||
Signed-off-by: Alexander Scheel <ascheel@redhat.com>
|
||||
|
||||
Differential Revision: https://phabricator.services.mozilla.com/D93424
|
||||
|
||||
diff --git a/gtests/pk11_gtest/pk11_rsaoaep_unittest.cc b/gtests/pk11_gtest/pk11_rsaoaep_unittest.cc
|
||||
--- a/gtests/pk11_gtest/pk11_rsaoaep_unittest.cc
|
||||
+++ b/gtests/pk11_gtest/pk11_rsaoaep_unittest.cc
|
||||
@@ -111,9 +111,76 @@ INSTANTIATE_TEST_CASE_P(
|
||||
|
||||
INSTANTIATE_TEST_CASE_P(
|
||||
WycheproofOaep2048Sha512Sha1Test, RsaOaepWycheproofTest,
|
||||
::testing::ValuesIn(kRsaOaep2048Sha512Mgf1Sha1WycheproofVectors));
|
||||
|
||||
INSTANTIATE_TEST_CASE_P(
|
||||
WycheproofOaep2048Sha512Sha512Test, RsaOaepWycheproofTest,
|
||||
::testing::ValuesIn(kRsaOaep2048Sha512Mgf1Sha512WycheproofVectors));
|
||||
+
|
||||
+TEST(Pkcs11RsaOaepTest, TestOaepWrapUnwrap) {
|
||||
+ const size_t kRsaKeyBits = 2048;
|
||||
+ const size_t kwrappedBufLen = 4096;
|
||||
+
|
||||
+ SECStatus rv = SECFailure;
|
||||
+
|
||||
+ ScopedSECKEYPrivateKey priv;
|
||||
+ ScopedSECKEYPublicKey pub;
|
||||
+ PK11RSAGenParams rsa_params;
|
||||
+ rsa_params.keySizeInBits = kRsaKeyBits;
|
||||
+ rsa_params.pe = 65537;
|
||||
+
|
||||
+ ScopedPK11SlotInfo slot(PK11_GetInternalSlot());
|
||||
+ ASSERT_NE(slot, nullptr);
|
||||
+
|
||||
+ SECKEYPublicKey* p_pub_tmp = nullptr;
|
||||
+ priv.reset(PK11_GenerateKeyPair(slot.get(), CKM_RSA_PKCS_KEY_PAIR_GEN,
|
||||
+ &rsa_params, &p_pub_tmp, false, false,
|
||||
+ nullptr));
|
||||
+ pub.reset(p_pub_tmp);
|
||||
+
|
||||
+ ASSERT_NE(priv.get(), nullptr);
|
||||
+ ASSERT_NE(pub.get(), nullptr);
|
||||
+
|
||||
+ ScopedPK11SymKey to_wrap(
|
||||
+ PK11_KeyGen(slot.get(), CKM_AES_CBC, nullptr, 16, nullptr));
|
||||
+
|
||||
+ CK_RSA_PKCS_OAEP_PARAMS oaep_params = {CKM_SHA256, CKG_MGF1_SHA256,
|
||||
+ CKZ_DATA_SPECIFIED, NULL, 0};
|
||||
+
|
||||
+ SECItem param = {siBuffer, (unsigned char*)&oaep_params, sizeof(oaep_params)};
|
||||
+
|
||||
+ ScopedSECItem wrapped(SECITEM_AllocItem(nullptr, nullptr, kwrappedBufLen));
|
||||
+ rv = PK11_PubWrapSymKeyWithMechanism(pub.get(), CKM_RSA_PKCS_OAEP, ¶m,
|
||||
+ to_wrap.get(), wrapped.get());
|
||||
+ ASSERT_EQ(rv, SECSuccess);
|
||||
+
|
||||
+ PK11SymKey* p_unwrapped_tmp = nullptr;
|
||||
+
|
||||
+ // This fails because this method is broken and assumes CKM_RSA_PKCS and
|
||||
+ // doesn't understand OAEP.
|
||||
+ p_unwrapped_tmp = PK11_PubUnwrapSymKey(priv.get(), wrapped.get(), CKM_AES_CBC,
|
||||
+ CKA_DECRYPT, 16);
|
||||
+ ASSERT_EQ(p_unwrapped_tmp, nullptr);
|
||||
+
|
||||
+ ScopedPK11SymKey unwrapped;
|
||||
+ p_unwrapped_tmp = PK11_PubUnwrapSymKeyWithMechanism(
|
||||
+ priv.get(), CKM_RSA_PKCS_OAEP, ¶m, wrapped.get(), CKM_AES_CBC,
|
||||
+ CKA_DECRYPT, 16);
|
||||
+ ASSERT_NE(p_unwrapped_tmp, nullptr);
|
||||
+
|
||||
+ unwrapped.reset(p_unwrapped_tmp);
|
||||
+
|
||||
+ // Extract key's value in order to validate decryption worked.
|
||||
+ rv = PK11_ExtractKeyValue(to_wrap.get());
|
||||
+ ASSERT_EQ(rv, SECSuccess);
|
||||
+
|
||||
+ rv = PK11_ExtractKeyValue(unwrapped.get());
|
||||
+ ASSERT_EQ(rv, SECSuccess);
|
||||
+
|
||||
+ // References owned by PKCS#11 layer; no need to scope and free.
|
||||
+ SECItem* expectedItem = PK11_GetKeyData(to_wrap.get());
|
||||
+ SECItem* actualItem = PK11_GetKeyData(unwrapped.get());
|
||||
+
|
||||
+ ASSERT_EQ(SECITEM_CompareItem(actualItem, expectedItem), 0);
|
||||
+}
|
||||
} // namespace nss_test
|
||||
diff --git a/lib/nss/nss.def b/lib/nss/nss.def
|
||||
--- a/lib/nss/nss.def
|
||||
+++ b/lib/nss/nss.def
|
||||
@@ -1181,3 +1181,10 @@ SECMOD_GetSystemFIPSEnabled;
|
||||
;+ local:
|
||||
;+ *;
|
||||
;+};
|
||||
+;+NSS_3.59 { # NSS 3.59 release
|
||||
+;+ global:
|
||||
+PK11_PubWrapSymKeyWithMechanism;
|
||||
+PK11_PubUnwrapSymKeyWithMechanism;
|
||||
+;+ local:
|
||||
+;+ *;
|
||||
+;+};
|
||||
diff --git a/lib/pk11wrap/pk11pub.h b/lib/pk11wrap/pk11pub.h
|
||||
--- a/lib/pk11wrap/pk11pub.h
|
||||
+++ b/lib/pk11wrap/pk11pub.h
|
||||
@@ -352,16 +352,21 @@ void PK11_SetSymKeyUserData(PK11SymKey *
|
||||
* will return NULL. Returned data is still owned and managed by the SymKey,
|
||||
* the caller should not free the data.
|
||||
*
|
||||
*/
|
||||
void *PK11_GetSymKeyUserData(PK11SymKey *symKey);
|
||||
|
||||
SECStatus PK11_PubWrapSymKey(CK_MECHANISM_TYPE type, SECKEYPublicKey *pubKey,
|
||||
PK11SymKey *symKey, SECItem *wrappedKey);
|
||||
+SECStatus PK11_PubWrapSymKeyWithMechanism(SECKEYPublicKey *pubKey,
|
||||
+ CK_MECHANISM_TYPE mechType,
|
||||
+ SECItem *param,
|
||||
+ PK11SymKey *symKey,
|
||||
+ SECItem *wrappedKey);
|
||||
SECStatus PK11_WrapSymKey(CK_MECHANISM_TYPE type, SECItem *params,
|
||||
PK11SymKey *wrappingKey, PK11SymKey *symKey, SECItem *wrappedKey);
|
||||
/* move a key to 'slot' optionally set the key attributes according to either
|
||||
* operation or the flags and making the key permanent at the same time.
|
||||
* If the key is moved to the same slot, operation and flags values are
|
||||
* currently ignored */
|
||||
PK11SymKey *PK11_MoveSymKey(PK11SlotInfo *slot, CK_ATTRIBUTE_TYPE operation,
|
||||
CK_FLAGS flags, PRBool perm, PK11SymKey *symKey);
|
||||
@@ -446,16 +451,23 @@ PK11SymKey *PK11_UnwrapSymKeyWithFlagsPe
|
||||
* PK11_PubUnwrap returns a key which can do exactly one operation, and is
|
||||
* ephemeral (session key).
|
||||
* PK11_PubUnwrapWithFlagsPerm is the same as PK11_PubUnwrap except you can
|
||||
* use * CKF_ flags to enable more than one operation, and optionally make
|
||||
* the key permanent (token key).
|
||||
*/
|
||||
PK11SymKey *PK11_PubUnwrapSymKey(SECKEYPrivateKey *key, SECItem *wrapppedKey,
|
||||
CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation, int keySize);
|
||||
+PK11SymKey *PK11_PubUnwrapSymKeyWithMechanism(SECKEYPrivateKey *key,
|
||||
+ CK_MECHANISM_TYPE mechType,
|
||||
+ SECItem *param,
|
||||
+ SECItem *wrapppedKey,
|
||||
+ CK_MECHANISM_TYPE target,
|
||||
+ CK_ATTRIBUTE_TYPE operation,
|
||||
+ int keySize);
|
||||
PK11SymKey *PK11_PubUnwrapSymKeyWithFlagsPerm(SECKEYPrivateKey *wrappingKey,
|
||||
SECItem *wrappedKey, CK_MECHANISM_TYPE target,
|
||||
CK_ATTRIBUTE_TYPE operation, int keySize,
|
||||
CK_FLAGS flags, PRBool isPerm);
|
||||
PK11SymKey *PK11_FindFixedKey(PK11SlotInfo *slot, CK_MECHANISM_TYPE type,
|
||||
SECItem *keyID, void *wincx);
|
||||
SECStatus PK11_DeleteTokenPrivateKey(SECKEYPrivateKey *privKey, PRBool force);
|
||||
SECStatus PK11_DeleteTokenPublicKey(SECKEYPublicKey *pubKey);
|
||||
diff --git a/lib/pk11wrap/pk11skey.c b/lib/pk11wrap/pk11skey.c
|
||||
--- a/lib/pk11wrap/pk11skey.c
|
||||
+++ b/lib/pk11wrap/pk11skey.c
|
||||
@@ -1270,53 +1270,69 @@ PK11_ConvertSessionSymKeyToTokenSymKey(P
|
||||
PORT_SetError(PK11_MapError(crv));
|
||||
return NULL;
|
||||
}
|
||||
|
||||
return PK11_SymKeyFromHandle(slot, NULL /*parent*/, symk->origin,
|
||||
symk->type, newKeyID, PR_FALSE /*owner*/, NULL /*wincx*/);
|
||||
}
|
||||
|
||||
-/*
|
||||
- * This function does a straight public key wrap (which only RSA can do).
|
||||
- * Use PK11_PubGenKey and PK11_WrapSymKey to implement the FORTEZZA and
|
||||
- * Diffie-Hellman Ciphers. */
|
||||
+/* This function does a straight public key wrap with the CKM_RSA_PKCS
|
||||
+ * mechanism. */
|
||||
SECStatus
|
||||
PK11_PubWrapSymKey(CK_MECHANISM_TYPE type, SECKEYPublicKey *pubKey,
|
||||
PK11SymKey *symKey, SECItem *wrappedKey)
|
||||
{
|
||||
+ CK_MECHANISM_TYPE inferred = pk11_mapWrapKeyType(pubKey->keyType);
|
||||
+ return PK11_PubWrapSymKeyWithMechanism(pubKey, inferred, NULL, symKey,
|
||||
+ wrappedKey);
|
||||
+}
|
||||
+
|
||||
+/* This function wraps a symmetric key with a public key, such as with the
|
||||
+ * CKM_RSA_PKCS and CKM_RSA_PKCS_OAEP mechanisms. */
|
||||
+SECStatus
|
||||
+PK11_PubWrapSymKeyWithMechanism(SECKEYPublicKey *pubKey,
|
||||
+ CK_MECHANISM_TYPE mechType, SECItem *param,
|
||||
+ PK11SymKey *symKey, SECItem *wrappedKey)
|
||||
+{
|
||||
PK11SlotInfo *slot;
|
||||
CK_ULONG len = wrappedKey->len;
|
||||
PK11SymKey *newKey = NULL;
|
||||
CK_OBJECT_HANDLE id;
|
||||
CK_MECHANISM mechanism;
|
||||
PRBool owner = PR_TRUE;
|
||||
CK_SESSION_HANDLE session;
|
||||
CK_RV crv;
|
||||
|
||||
if (symKey == NULL) {
|
||||
PORT_SetError(SEC_ERROR_INVALID_ARGS);
|
||||
return SECFailure;
|
||||
}
|
||||
|
||||
/* if this slot doesn't support the mechanism, go to a slot that does */
|
||||
- newKey = pk11_ForceSlot(symKey, type, CKA_ENCRYPT);
|
||||
+ newKey = pk11_ForceSlot(symKey, mechType, CKA_ENCRYPT);
|
||||
if (newKey != NULL) {
|
||||
symKey = newKey;
|
||||
}
|
||||
|
||||
if (symKey->slot == NULL) {
|
||||
PORT_SetError(SEC_ERROR_NO_MODULE);
|
||||
return SECFailure;
|
||||
}
|
||||
|
||||
slot = symKey->slot;
|
||||
- mechanism.mechanism = pk11_mapWrapKeyType(pubKey->keyType);
|
||||
- mechanism.pParameter = NULL;
|
||||
- mechanism.ulParameterLen = 0;
|
||||
+
|
||||
+ mechanism.mechanism = mechType;
|
||||
+ if (param == NULL) {
|
||||
+ mechanism.pParameter = NULL;
|
||||
+ mechanism.ulParameterLen = 0;
|
||||
+ } else {
|
||||
+ mechanism.pParameter = param->data;
|
||||
+ mechanism.ulParameterLen = param->len;
|
||||
+ }
|
||||
|
||||
id = PK11_ImportPublicKey(slot, pubKey, PR_FALSE);
|
||||
if (id == CK_INVALID_HANDLE) {
|
||||
if (newKey) {
|
||||
PK11_FreeSymKey(newKey);
|
||||
}
|
||||
return SECFailure; /* Error code has been set. */
|
||||
}
|
||||
@@ -2878,30 +2894,43 @@ PK11_UnwrapSymKeyWithFlagsPerm(PK11SymKe
|
||||
templateCount = attrs - keyTemplate;
|
||||
templateCount += pk11_OpFlagsToAttributes(flags, attrs, &cktrue);
|
||||
|
||||
return pk11_AnyUnwrapKey(wrappingKey->slot, wrappingKey->objectID,
|
||||
wrapType, param, wrappedKey, target, operation, keySize,
|
||||
wrappingKey->cx, keyTemplate, templateCount, isPerm);
|
||||
}
|
||||
|
||||
-/* unwrap a symetric key with a private key. */
|
||||
+/* unwrap a symmetric key with a private key. Only supports CKM_RSA_PKCS. */
|
||||
PK11SymKey *
|
||||
PK11_PubUnwrapSymKey(SECKEYPrivateKey *wrappingKey, SECItem *wrappedKey,
|
||||
CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation, int keySize)
|
||||
{
|
||||
CK_MECHANISM_TYPE wrapType = pk11_mapWrapKeyType(wrappingKey->keyType);
|
||||
+
|
||||
+ return PK11_PubUnwrapSymKeyWithMechanism(wrappingKey, wrapType, NULL,
|
||||
+ wrappedKey, target, operation,
|
||||
+ keySize);
|
||||
+}
|
||||
+
|
||||
+/* unwrap a symmetric key with a private key with the given parameters. */
|
||||
+PK11SymKey *
|
||||
+PK11_PubUnwrapSymKeyWithMechanism(SECKEYPrivateKey *wrappingKey,
|
||||
+ CK_MECHANISM_TYPE mechType, SECItem *param,
|
||||
+ SECItem *wrappedKey, CK_MECHANISM_TYPE target,
|
||||
+ CK_ATTRIBUTE_TYPE operation, int keySize)
|
||||
+{
|
||||
PK11SlotInfo *slot = wrappingKey->pkcs11Slot;
|
||||
|
||||
if (SECKEY_HAS_ATTRIBUTE_SET(wrappingKey, CKA_PRIVATE)) {
|
||||
PK11_HandlePasswordCheck(slot, wrappingKey->wincx);
|
||||
}
|
||||
|
||||
- return pk11_AnyUnwrapKey(slot, wrappingKey->pkcs11ID,
|
||||
- wrapType, NULL, wrappedKey, target, operation, keySize,
|
||||
+ return pk11_AnyUnwrapKey(slot, wrappingKey->pkcs11ID, mechType, param,
|
||||
+ wrappedKey, target, operation, keySize,
|
||||
wrappingKey->wincx, NULL, 0, PR_FALSE);
|
||||
}
|
||||
|
||||
/* unwrap a symetric key with a private key. */
|
||||
PK11SymKey *
|
||||
PK11_PubUnwrapSymKeyWithFlags(SECKEYPrivateKey *wrappingKey,
|
||||
SECItem *wrappedKey, CK_MECHANISM_TYPE target,
|
||||
CK_ATTRIBUTE_TYPE operation, int keySize, CK_FLAGS flags)
|
||||
|
@ -1,79 +0,0 @@
|
||||
diff -up ./gtests/softoken_gtest/softoken_gtest.cc.remove_timing_test ./gtests/softoken_gtest/softoken_gtest.cc
|
||||
--- ./gtests/softoken_gtest/softoken_gtest.cc.remove_timing_test 2020-07-30 08:34:30.404750663 -0700
|
||||
+++ ./gtests/softoken_gtest/softoken_gtest.cc 2020-07-30 08:43:39.640495618 -0700
|
||||
@@ -605,11 +605,14 @@ SECStatus test_dh_value(const PQGParams
|
||||
class SoftokenDhTest : public SoftokenTest {
|
||||
protected:
|
||||
SoftokenDhTest() : SoftokenTest("SoftokenDhTest.d-") {}
|
||||
+#ifdef NSS_USE_REFERENCE_TIME
|
||||
time_t reference_time[CLASS_LAST] = {0};
|
||||
+#endif
|
||||
|
||||
virtual void SetUp() {
|
||||
SoftokenTest::SetUp();
|
||||
|
||||
+#ifdef NSS_USE_REFERENCE_TIME
|
||||
ScopedPK11SlotInfo slot(PK11_GetInternalSlot());
|
||||
ASSERT_TRUE(slot);
|
||||
|
||||
@@ -625,6 +628,7 @@ class SoftokenDhTest : public SoftokenTe
|
||||
ASSERT_EQ(SECSuccess, test_dh_value(¶ms, nullptr, PR_FALSE, &time));
|
||||
reference_time[i] = time + 2 * time;
|
||||
}
|
||||
+#endif
|
||||
};
|
||||
};
|
||||
|
||||
@@ -708,12 +712,16 @@ TEST_P(SoftokenDhValidate, DhVectors) {
|
||||
case SAFE_PRIME:
|
||||
case UNKNOWN_SUBPRIME:
|
||||
EXPECT_EQ(SECSuccess, rv) << err;
|
||||
+#ifdef NSS_USE_REFERENCE_TIME
|
||||
EXPECT_LE(time, reference_time[dhTestValues.key_class]) << err;
|
||||
+#endif
|
||||
break;
|
||||
case KNOWN_SUBPRIME:
|
||||
case SAFE_PRIME_WITH_SUBPRIME:
|
||||
EXPECT_EQ(SECSuccess, rv) << err;
|
||||
+#ifdef NSS_USE_REFERENCE_TIME
|
||||
EXPECT_GT(time, reference_time[dhTestValues.key_class]) << err;
|
||||
+#endif
|
||||
break;
|
||||
case WRONG_SUBPRIME:
|
||||
case BAD_PUB_KEY:
|
||||
@@ -749,7 +757,9 @@ class SoftokenFipsTest : public Softoken
|
||||
class SoftokenFipsDhTest : public SoftokenFipsTest {
|
||||
protected:
|
||||
SoftokenFipsDhTest() : SoftokenFipsTest("SoftokenFipsDhTest.d-") {}
|
||||
+#ifdef NSS_USE_REFERENCE_TIME
|
||||
time_t reference_time[CLASS_LAST] = {0};
|
||||
+#endif
|
||||
|
||||
virtual void SetUp() {
|
||||
SoftokenFipsTest::SetUp();
|
||||
@@ -760,6 +770,7 @@ class SoftokenFipsDhTest : public Softok
|
||||
ASSERT_EQ(SECSuccess, PK11_InitPin(slot.get(), nullptr, ""));
|
||||
ASSERT_EQ(SECSuccess, PK11_Authenticate(slot.get(), PR_FALSE, nullptr));
|
||||
|
||||
+#ifdef NSS_USE_REFERENCE_TIME
|
||||
time_t time;
|
||||
for (int i = CLASS_FIRST; i < CLASS_LAST; i++) {
|
||||
PQGParams params;
|
||||
@@ -772,6 +783,7 @@ class SoftokenFipsDhTest : public Softok
|
||||
ASSERT_EQ(SECSuccess, test_dh_value(¶ms, nullptr, PR_FALSE, &time));
|
||||
reference_time[i] = time + 2 * time;
|
||||
}
|
||||
+#endif
|
||||
};
|
||||
};
|
||||
|
||||
@@ -883,7 +895,9 @@ TEST_P(SoftokenFipsDhValidate, DhVectors
|
||||
case TLS_APPROVED:
|
||||
case IKE_APPROVED:
|
||||
EXPECT_EQ(SECSuccess, rv) << err;
|
||||
+#ifdef NSS_USE_REFERENCE_TIME
|
||||
EXPECT_LE(time, reference_time[dhTestValues.key_class]) << err;
|
||||
+#endif
|
||||
break;
|
||||
case SAFE_PRIME:
|
||||
case SAFE_PRIME_WITH_SUBPRIME:
|
14
SOURCES/nss-3.66-disable-external-host-test.patch
Normal file
14
SOURCES/nss-3.66-disable-external-host-test.patch
Normal file
@ -0,0 +1,14 @@
|
||||
diff -up ./tests/ssl/ssl.sh.brew ./tests/ssl/ssl.sh
|
||||
--- ./tests/ssl/ssl.sh.brew 2021-06-12 11:37:46.153265942 -0700
|
||||
+++ ./tests/ssl/ssl.sh 2021-06-12 11:39:43.069925034 -0700
|
||||
@@ -1641,7 +1641,9 @@ ssl_run_tests()
|
||||
if [ "${TEST_MODE}" = "SHARED_DB" ] ; then
|
||||
ssl_policy_listsuites
|
||||
ssl_policy_selfserv
|
||||
- ssl_policy_pkix_ocsp
|
||||
+ # requires access to external servers, which fails
|
||||
+ # when running in brew
|
||||
+ #ssl_policy_pkix_ocsp
|
||||
ssl_policy
|
||||
fi
|
||||
;;
|
@ -1,7 +1,7 @@
|
||||
diff -up ./lib/pk11wrap/pk11pars.c.policy_revert ./lib/pk11wrap/pk11pars.c
|
||||
--- ./lib/pk11wrap/pk11pars.c.policy_revert 2020-11-04 10:26:59.085300799 -0800
|
||||
+++ ./lib/pk11wrap/pk11pars.c 2020-11-04 10:29:52.774239468 -0800
|
||||
@@ -391,12 +391,6 @@ static const oidValDef signOptList[] = {
|
||||
diff -up ./lib/pk11wrap/pk11pars.c.no_signature_policy ./lib/pk11wrap/pk11pars.c
|
||||
--- ./lib/pk11wrap/pk11pars.c.no_signature_policy 2021-06-03 10:08:49.988118880 -0700
|
||||
+++ ./lib/pk11wrap/pk11pars.c 2021-06-03 10:16:26.059935708 -0700
|
||||
@@ -391,12 +391,9 @@ static const oidValDef signOptList[] = {
|
||||
/* Signatures */
|
||||
{ CIPHER_NAME("DSA"), SEC_OID_ANSIX9_DSA_SIGNATURE,
|
||||
NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_SIGNATURE },
|
||||
@ -11,10 +11,13 @@ diff -up ./lib/pk11wrap/pk11pars.c.policy_revert ./lib/pk11wrap/pk11pars.c
|
||||
- NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_SIGNATURE },
|
||||
- { CIPHER_NAME("ECDSA"), SEC_OID_ANSIX962_EC_PUBLIC_KEY,
|
||||
- NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_SIGNATURE },
|
||||
+ { CIPHER_NAME("RSA-PKCS"), SEC_OID_PKCS1_RSA_ENCRYPTION, 0},
|
||||
+ { CIPHER_NAME("RSA-PSS"), SEC_OID_PKCS1_RSA_PSS_SIGNATURE, 0},
|
||||
+ { CIPHER_NAME("ECDSA"), SEC_OID_ANSIX962_EC_PUBLIC_KEY, 0},
|
||||
};
|
||||
|
||||
typedef struct {
|
||||
@@ -412,7 +406,7 @@ static const algListsDef algOptLists[] =
|
||||
@@ -412,7 +409,7 @@ static const algListsDef algOptLists[] =
|
||||
{ macOptList, PR_ARRAY_SIZE(macOptList), "MAC", PR_FALSE },
|
||||
{ cipherOptList, PR_ARRAY_SIZE(cipherOptList), "CIPHER", PR_FALSE },
|
||||
{ kxOptList, PR_ARRAY_SIZE(kxOptList), "OTHER-KX", PR_FALSE },
|
16
SOURCES/nss-3.66-fix-gtest-parsing.patch
Normal file
16
SOURCES/nss-3.66-fix-gtest-parsing.patch
Normal file
@ -0,0 +1,16 @@
|
||||
diff -up ./tests/common/parsegtestreport.sed.new_gtest ./tests/common/parsegtestreport.sed
|
||||
--- ./tests/common/parsegtestreport.sed.new_gtest 2021-06-17 16:26:49.361035662 -0700
|
||||
+++ ./tests/common/parsegtestreport.sed 2021-06-17 16:49:08.512261136 -0700
|
||||
@@ -1,8 +1,11 @@
|
||||
/\<testcase/{
|
||||
- s/^.* name="\([^"]*\)" value_param="\([^"]*\)" status="\([^"]*\)" time="[^"]*" classname="\([^"]*\)".*$/\3 '\4: \1 \2'/
|
||||
+ s/^.* name="\([^"]*\)" value_param="\([^"]*\)" status="\([^"]*\)" time="[^"]*" classname="\([^"]*\).*$/\3 '\4: \1 \2'/
|
||||
t end
|
||||
s/^.* name="\([^"]*\)" status="\([^"]*\)" time="[^"]*" classname="\([^"]*\)".*$/\2 '\3: \1'/
|
||||
t end
|
||||
+ s/^.* name="\([^"]*\)" value_param="\([^"]*\)" status="\([^"]*\)" result="[^"]*" time="[^"]*" timestamp="[^"]*" classname="\([^"]*\)".*$/\3 '\4: \1 \2'/
|
||||
+ t end
|
||||
+ s/^.* name="\([^"]*\)" status="\([^"]*\)" result="[^"]*" time="[^"]*" timestamp="[^"]*" classname="\([^"]*\)".*$/\2 '\3: \1'/
|
||||
}
|
||||
d
|
||||
: end
|
86
SOURCES/nss-3.66-no-small-primes.patch
Normal file
86
SOURCES/nss-3.66-no-small-primes.patch
Normal file
@ -0,0 +1,86 @@
|
||||
diff -up ./gtests/softoken_gtest/softoken_dh_vectors.h.orig ./gtests/softoken_gtest/softoken_dh_vectors.h
|
||||
--- ./gtests/softoken_gtest/softoken_dh_vectors.h.orig 2021-06-02 16:57:50.557008790 -0700
|
||||
+++ ./gtests/softoken_gtest/softoken_dh_vectors.h 2021-06-02 16:59:52.781735096 -0700
|
||||
@@ -2872,7 +2872,7 @@ static const DhTestVector DH_TEST_VECTOR
|
||||
{siBuffer, (unsigned char *)g2, sizeof(g2)},
|
||||
{siBuffer, NULL, 0},
|
||||
{siBuffer, NULL, 0},
|
||||
- IKE_APPROVED,
|
||||
+ SAFE_PRIME,
|
||||
CLASS_1536},
|
||||
{"IKE 2048",
|
||||
{siBuffer, (unsigned char *)prime_ike_2048, sizeof(prime_ike_2048)},
|
||||
@@ -2952,7 +2952,7 @@ static const DhTestVector DH_TEST_VECTOR
|
||||
{siBuffer, (unsigned char *)sub2_prime_ike_1536,
|
||||
sizeof(sub2_prime_ike_1536)},
|
||||
{siBuffer, NULL, 0},
|
||||
- IKE_APPROVED,
|
||||
+ SAFE_PRIME,
|
||||
CLASS_1536},
|
||||
{"IKE 2048 with subprime",
|
||||
{siBuffer, (unsigned char *)prime_ike_2048, sizeof(prime_ike_2048)},
|
||||
diff -up ./lib/softoken/pkcs11c.c.orig ./lib/softoken/pkcs11c.c
|
||||
--- ./lib/softoken/pkcs11c.c.orig 2021-05-28 02:50:43.000000000 -0700
|
||||
+++ ./lib/softoken/pkcs11c.c 2021-06-02 16:52:01.196932757 -0700
|
||||
@@ -5193,7 +5193,7 @@ sftk_PairwiseConsistencyCheck(CK_SESSION
|
||||
/* subprime not supplied, In this case look it up.
|
||||
* This only works with approved primes, but in FIPS mode
|
||||
* that's the only kine of prime that will get here */
|
||||
- subPrimePtr = sftk_VerifyDH_Prime(&prime);
|
||||
+ subPrimePtr = sftk_VerifyDH_Prime(&prime,isFIPS);
|
||||
if (subPrimePtr == NULL) {
|
||||
crv = CKR_GENERAL_ERROR;
|
||||
goto done;
|
||||
@@ -8351,7 +8351,7 @@ NSC_DeriveKey(CK_SESSION_HANDLE hSession
|
||||
|
||||
/* if the prime is an approved prime, we can skip all the other
|
||||
* checks. */
|
||||
- subPrime = sftk_VerifyDH_Prime(&dhPrime);
|
||||
+ subPrime = sftk_VerifyDH_Prime(&dhPrime,isFIPS);
|
||||
if (subPrime == NULL) {
|
||||
SECItem dhSubPrime;
|
||||
/* If the caller set the subprime value, it means that
|
||||
diff -up ./lib/softoken/pkcs11i.h.orig ./lib/softoken/pkcs11i.h
|
||||
--- ./lib/softoken/pkcs11i.h.orig 2021-06-02 16:52:01.196932757 -0700
|
||||
+++ ./lib/softoken/pkcs11i.h 2021-06-02 16:52:54.281248207 -0700
|
||||
@@ -946,7 +946,7 @@ char **NSC_ModuleDBFunc(unsigned long fu
|
||||
/* dh verify functions */
|
||||
/* verify that dhPrime matches one of our known primes, and if so return
|
||||
* it's subprime value */
|
||||
-const SECItem *sftk_VerifyDH_Prime(SECItem *dhPrime);
|
||||
+const SECItem *sftk_VerifyDH_Prime(SECItem *dhPrime, PRBool isFIPS);
|
||||
/* check if dhSubPrime claims dhPrime is a safe prime. */
|
||||
SECStatus sftk_IsSafePrime(SECItem *dhPrime, SECItem *dhSubPrime, PRBool *isSafe);
|
||||
/* map an operation Attribute to a Mechanism flag */
|
||||
diff -up ./lib/softoken/pkcs11u.c.orig ./lib/softoken/pkcs11u.c
|
||||
--- ./lib/softoken/pkcs11u.c.orig 2021-06-02 16:54:23.387777705 -0700
|
||||
+++ ./lib/softoken/pkcs11u.c 2021-06-02 16:54:51.012941866 -0700
|
||||
@@ -2312,7 +2312,7 @@ sftk_handleSpecial(SFTKSlot *slot, CK_ME
|
||||
if (crv != CKR_OK) {
|
||||
return PR_FALSE;
|
||||
}
|
||||
- dhSubPrime = sftk_VerifyDH_Prime(&dhPrime);
|
||||
+ dhSubPrime = sftk_VerifyDH_Prime(&dhPrime, PR_TRUE);
|
||||
SECITEM_ZfreeItem(&dhPrime, PR_FALSE);
|
||||
return (dhSubPrime) ? PR_TRUE : PR_FALSE;
|
||||
}
|
||||
diff -up ./lib/softoken/sftkdhverify.c.orig ./lib/softoken/sftkdhverify.c
|
||||
--- ./lib/softoken/sftkdhverify.c.orig 2021-05-28 02:50:43.000000000 -0700
|
||||
+++ ./lib/softoken/sftkdhverify.c 2021-06-02 16:52:01.196932757 -0700
|
||||
@@ -1171,11 +1171,15 @@ static const SECItem subprime_tls_8192 =
|
||||
* verify that dhPrime matches one of our known primes
|
||||
*/
|
||||
const SECItem *
|
||||
-sftk_VerifyDH_Prime(SECItem *dhPrime)
|
||||
+sftk_VerifyDH_Prime(SECItem *dhPrime, PRBool isFIPS)
|
||||
{
|
||||
/* use the length to decide which primes to check */
|
||||
switch (dhPrime->len) {
|
||||
case 1536 / PR_BITS_PER_BYTE:
|
||||
+ /* don't accept 1536 bit primes in FIPS mode */
|
||||
+ if (isFIPS) {
|
||||
+ break;
|
||||
+ }
|
||||
if (PORT_Memcmp(dhPrime->data, prime_ike_1536,
|
||||
sizeof(prime_ike_1536)) == 0) {
|
||||
return &subprime_ike_1536;
|
44
SOURCES/nss-3.66-restore-old-pkcs12-default.patch
Normal file
44
SOURCES/nss-3.66-restore-old-pkcs12-default.patch
Normal file
@ -0,0 +1,44 @@
|
||||
diff -up ./cmd/pk12util/pk12util.c.orig ./cmd/pk12util/pk12util.c
|
||||
--- ./cmd/pk12util/pk12util.c.orig 2021-05-28 02:50:43.000000000 -0700
|
||||
+++ ./cmd/pk12util/pk12util.c 2021-06-15 17:05:37.200262345 -0700
|
||||
@@ -1031,9 +1031,11 @@ main(int argc, char **argv)
|
||||
char *export_file = NULL;
|
||||
char *dbprefix = "";
|
||||
SECStatus rv;
|
||||
- SECOidTag cipher = SEC_OID_AES_256_CBC;
|
||||
- SECOidTag hash = SEC_OID_SHA256;
|
||||
- SECOidTag certCipher = SEC_OID_AES_128_CBC;
|
||||
+ SECOidTag cipher =
|
||||
+ SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC;
|
||||
+ SECOidTag hash = SEC_OID_SHA1;
|
||||
+ SECOidTag certCipher =
|
||||
+ SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC;
|
||||
int keyLen = 0;
|
||||
int certKeyLen = 0;
|
||||
secuCommand pk12util;
|
||||
@@ -1147,6 +1149,9 @@ main(int argc, char **argv)
|
||||
}
|
||||
}
|
||||
|
||||
+ if (PK11_IsFIPS()) {
|
||||
+ certCipher = SEC_OID_UNKNOWN;
|
||||
+ }
|
||||
if (pk12util.options[opt_CertCipher].activated) {
|
||||
char *cipherString = pk12util.options[opt_CertCipher].arg;
|
||||
|
||||
diff -up ./tests/tools/tools.sh.orig ./tests/tools/tools.sh
|
||||
--- ./tests/tools/tools.sh.orig 2021-06-15 17:06:27.650564449 -0700
|
||||
+++ ./tests/tools/tools.sh 2021-06-15 17:07:59.934117192 -0700
|
||||
@@ -47,9 +47,9 @@
|
||||
"PKCS #5 Password Based Encryption with SHA-1 and DES-CBC"
|
||||
|
||||
# if we change the defaults in pk12util, update these variables
|
||||
- export CERT_ENCRYPTION_DEFAULT="AES-128-CBC"
|
||||
- export KEY_ENCRYPTION_DEFAULT="AES-256-CBC"
|
||||
- export HASH_DEFAULT="SHA-256"
|
||||
+ export CERT_ENCRYPTION_DEFAULT=${pkcs12v2pbeWithSha1And40BitRc2Cbc}
|
||||
+ export KEY_ENCRYPTION_DEFAULT=${pkcs12v2pbeWithSha1AndTripleDESCBC}
|
||||
+ export HASH_DEFAULT="SHA-1"
|
||||
|
||||
export PKCS5v1_PBE_CIPHERS="${pkcs5pbeWithMD2AndDEScbc},\
|
||||
${pkcs5pbeWithMD5AndDEScbc},\
|
325
SOURCES/nss-3.67-cve-2021-43527-test.patch
Normal file
325
SOURCES/nss-3.67-cve-2021-43527-test.patch
Normal file
@ -0,0 +1,325 @@
|
||||
diff --git a/tests/cert/Leaf-bogus-dsa.crt b/tests/cert/Leaf-bogus-dsa.crt
|
||||
new file mode 100644
|
||||
--- /dev/null
|
||||
+++ b/tests/cert/Leaf-bogus-dsa.crt
|
||||
@@ -0,0 +1,143 @@
|
||||
+-----BEGIN CERTIFICATE-----
|
||||
+MIIaZzCCCkWgAwIBAgIBATALBgcqhkjOOAQDBQAwMTEvMC0GA1UEAxMmZGVjb2Rl
|
||||
+RUNvckRTQVNpZ25hdHVyZS10ZXN0Q2FzZS90YXZpc28wHhcNMjEwMTAxMDAwMDAw
|
||||
+WhcNNDEwMTAxMDAwMDAwWjAxMS8wLQYDVQQDEyZkZWNvZGVFQ29yRFNBU2lnbmF0
|
||||
+dXJlLXRlc3RDYXNlL3RhdmlzbzCCCaYwggkaBgcqhkjOOAQBMIIJDQKBgQCqqqqq
|
||||
+qqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqq
|
||||
+qqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqq
|
||||
+qqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgKCCAEAu7u7u7u7u7u7u7u7u7u7
|
||||
+u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7
|
||||
+u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7
|
||||
+u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7
|
||||
+u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7
|
||||
+u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7
|
||||
+u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7
|
||||
+u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7
|
||||
+u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7
|
||||
+u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7
|
||||
+u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7
|
||||
+u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7
|
||||
+u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7
|
||||
+u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7
|
||||
+u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7
|
||||
+u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7
|
||||
+u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7
|
||||
+u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7
|
||||
+u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7
|
||||
+u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7
|
||||
+u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7
|
||||
+u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7
|
||||
+u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7
|
||||
+u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7
|
||||
+u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7
|
||||
+u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7
|
||||
+u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7
|
||||
+u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7
|
||||
+u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7
|
||||
+u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7
|
||||
+u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7
|
||||
+u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7
|
||||
+u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7
|
||||
+u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7
|
||||
+u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7
|
||||
+u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7
|
||||
+u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7
|
||||
+u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7
|
||||
+u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7
|
||||
+u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7
|
||||
+u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7
|
||||
+u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7
|
||||
+u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7
|
||||
+u7u7u7u7u7u7u7u7u7u7u7sCgYEAzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzM
|
||||
+zMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzM
|
||||
+zMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzM
|
||||
+zMzMzMwDgYUAAoGB3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d
|
||||
+3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d
|
||||
+3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3dMAkG
|
||||
+ByqGSM44BAMDghAPADCCEAoCgggBAO7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u
|
||||
+7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u
|
||||
+7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u
|
||||
+7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u
|
||||
+7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u
|
||||
+7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u
|
||||
+7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u
|
||||
+7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u
|
||||
+7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u
|
||||
+7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u
|
||||
+7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u
|
||||
+7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u
|
||||
+7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u
|
||||
+7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u
|
||||
+7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u
|
||||
+7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u
|
||||
+7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u
|
||||
+7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u
|
||||
+7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u
|
||||
+7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u
|
||||
+7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u
|
||||
+7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u
|
||||
+7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u
|
||||
+7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u
|
||||
+7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u
|
||||
+7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u
|
||||
+7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u
|
||||
+7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u
|
||||
+7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u
|
||||
+7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u
|
||||
+7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u
|
||||
+7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u
|
||||
+7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u
|
||||
+7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u
|
||||
+7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u
|
||||
+7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u
|
||||
+7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u
|
||||
+7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u
|
||||
+7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u
|
||||
+7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u
|
||||
+7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u
|
||||
+7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u
|
||||
+7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u
|
||||
+7u7u7u7uAoIIAQD/////////////////////////////////////////////////
|
||||
+////////////////////////////////////////////////////////////////
|
||||
+////////////////////////////////////////////////////////////////
|
||||
+////////////////////////////////////////////////////////////////
|
||||
+////////////////////////////////////////////////////////////////
|
||||
+////////////////////////////////////////////////////////////////
|
||||
+////////////////////////////////////////////////////////////////
|
||||
+////////////////////////////////////////////////////////////////
|
||||
+////////////////////////////////////////////////////////////////
|
||||
+////////////////////////////////////////////////////////////////
|
||||
+////////////////////////////////////////////////////////////////
|
||||
+////////////////////////////////////////////////////////////////
|
||||
+////////////////////////////////////////////////////////////////
|
||||
+////////////////////////////////////////////////////////////////
|
||||
+////////////////////////////////////////////////////////////////
|
||||
+////////////////////////////////////////////////////////////////
|
||||
+////////////////////////////////////////////////////////////////
|
||||
+////////////////////////////////////////////////////////////////
|
||||
+////////////////////////////////////////////////////////////////
|
||||
+////////////////////////////////////////////////////////////////
|
||||
+////////////////////////////////////////////////////////////////
|
||||
+////////////////////////////////////////////////////////////////
|
||||
+////////////////////////////////////////////////////////////////
|
||||
+////////////////////////////////////////////////////////////////
|
||||
+////////////////////////////////////////////////////////////////
|
||||
+////////////////////////////////////////////////////////////////
|
||||
+////////////////////////////////////////////////////////////////
|
||||
+////////////////////////////////////////////////////////////////
|
||||
+////////////////////////////////////////////////////////////////
|
||||
+////////////////////////////////////////////////////////////////
|
||||
+////////////////////////////////////////////////////////////////
|
||||
+////////////////////////////////////////////////////////////////
|
||||
+////////////////////////////////////////////////////////////////
|
||||
+////////////////////////////////////////////////////////////////
|
||||
+////////////////////////////////////////////////////////////////
|
||||
+////////////////////////////////////////////////////////////////
|
||||
+////////////////////////////////////////////////////////////////
|
||||
+////////////////////////////////////////////////////////////////
|
||||
+////////////////////////////////////////////////////////////////
|
||||
+////////////////////////////////////////////////////////////////
|
||||
+////////////////////////////////////////////////////////////////
|
||||
+////////////////////////////////////////////////////////////////
|
||||
+/////////////////////////////////////////////////////////w==
|
||||
+-----END CERTIFICATE-----
|
||||
diff --git a/tests/cert/Leaf-bogus-rsa-pss.crt b/tests/cert/Leaf-bogus-rsa-pss.crt
|
||||
new file mode 100644
|
||||
--- /dev/null
|
||||
+++ b/tests/cert/Leaf-bogus-rsa-pss.crt
|
||||
@@ -0,0 +1,126 @@
|
||||
+-----BEGIN CERTIFICATE-----
|
||||
+MIIXODCCC/WgAwIBAgIBAjApBgkqhkiG9w0BAQowHKACMAChETAPBQAwCwYJYIZI
|
||||
+AWUDBAIBogMCASAwNzEgMB4GCSqGSIb3DQEJARYRdGF2aXNvQGdvb2dsZS5jb20x
|
||||
+EzARBgNVBAMTCmJ1ZzE3Mzc0NzAwHhcNMjAwMTAxMDAwMDAwWhcNNDAwMTAxMDAw
|
||||
+MDAwWjA3MSAwHgYJKoZIhvcNAQkBFhF0YXZpc29AZ29vZ2xlLmNvbTETMBEGA1UE
|
||||
+AxMKYnVnMTczNzQ3MDCCCywwDQYJKoZIhvcNAQEBBQADggsZADCCCxQCggsLAMRE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE
|
||||
+RERERERERERERERERERERERERERERERERERERERERERERERERERERQIDAQABMC4G
|
||||
+CSqGSIb3DQEBCjAhoRowGAYJKoZIhvcNAQEIMAsGCSqGSIb3DQEBCqIDAgEgA4IL
|
||||
+CwAAxVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
|
||||
+VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVU=
|
||||
+-----END CERTIFICATE-----
|
||||
diff --git a/tests/cert/cert.sh b/tests/cert/cert.sh
|
||||
--- a/tests/cert/cert.sh
|
||||
+++ b/tests/cert/cert.sh
|
||||
@@ -114,16 +114,28 @@ certu()
|
||||
cert_log "ERROR: ${CU_ACTION} failed $RET"
|
||||
else
|
||||
html_passed "${CU_ACTION}"
|
||||
fi
|
||||
|
||||
return $RET
|
||||
}
|
||||
|
||||
+cert_test_vfy()
|
||||
+{
|
||||
+ echo "$SCRIPTNAME: Verify large rsa pss signature --------------"
|
||||
+ echo " vfychain -a Leaf-bogus-dsa.crt"
|
||||
+ vfychain -a ${QADIR}/cert/Leaf-bogus-dsa.crt
|
||||
+ html_msg $? 1 "Verify large dsa signature"
|
||||
+ echo "$SCRIPTNAME: Verify large rsa pss signature --------------"
|
||||
+ echo " vfychain -a Leaf-bogus-rsa-pss.crt"
|
||||
+ vfychain -a ${QADIR}/cert/Leaf-bogus-rsa-pss.crt
|
||||
+ html_msg $? 1 "Verify large rsa pss signature"
|
||||
+}
|
||||
+
|
||||
################################ crlu #################################
|
||||
# local shell function to call crlutil, also: writes action and options to
|
||||
# stdout, sets variable RET and writes results to the html file results
|
||||
########################################################################
|
||||
crlu()
|
||||
{
|
||||
echo "$SCRIPTNAME: ${CU_ACTION} --------------------------"
|
||||
|
||||
@@ -2640,11 +2652,13 @@ if [ -z "$NSS_TEST_DISABLE_CRL" ] ; then
|
||||
else
|
||||
echo "$SCRIPTNAME: Skipping CRL Tests"
|
||||
fi
|
||||
|
||||
if [ -n "$DO_DIST_ST" -a "$DO_DIST_ST" = "TRUE" ] ; then
|
||||
cert_stresscerts
|
||||
fi
|
||||
|
||||
+cert_test_vfy
|
||||
+
|
||||
cert_iopr_setup
|
||||
|
||||
cert_cleanup
|
279
SOURCES/nss-3.67-cve-2021-43527.patch
Normal file
279
SOURCES/nss-3.67-cve-2021-43527.patch
Normal file
@ -0,0 +1,279 @@
|
||||
diff --git a/lib/cryptohi/secvfy.c b/lib/cryptohi/secvfy.c
|
||||
--- a/lib/cryptohi/secvfy.c
|
||||
+++ b/lib/cryptohi/secvfy.c
|
||||
@@ -164,6 +164,37 @@
|
||||
PR_FALSE /*XXX: unsafeAllowMissingParameters*/);
|
||||
}
|
||||
|
||||
+static unsigned int
|
||||
+checkedSignatureLen(const SECKEYPublicKey *pubk)
|
||||
+{
|
||||
+ unsigned int sigLen = SECKEY_SignatureLen(pubk);
|
||||
+ if (sigLen == 0) {
|
||||
+ /* Error set by SECKEY_SignatureLen */
|
||||
+ return sigLen;
|
||||
+ }
|
||||
+ unsigned int maxSigLen;
|
||||
+ switch (pubk->keyType) {
|
||||
+ case rsaKey:
|
||||
+ case rsaPssKey:
|
||||
+ maxSigLen = (RSA_MAX_MODULUS_BITS + 7) / 8;
|
||||
+ break;
|
||||
+ case dsaKey:
|
||||
+ maxSigLen = DSA_MAX_SIGNATURE_LEN;
|
||||
+ break;
|
||||
+ case ecKey:
|
||||
+ maxSigLen = 2 * MAX_ECKEY_LEN;
|
||||
+ break;
|
||||
+ default:
|
||||
+ PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG);
|
||||
+ return 0;
|
||||
+ }
|
||||
+ if (sigLen > maxSigLen) {
|
||||
+ PORT_SetError(SEC_ERROR_INVALID_KEY);
|
||||
+ return 0;
|
||||
+ }
|
||||
+ return sigLen;
|
||||
+}
|
||||
+
|
||||
/*
|
||||
* decode the ECDSA or DSA signature from it's DER wrapping.
|
||||
* The unwrapped/raw signature is placed in the buffer pointed
|
||||
@@ -174,38 +205,38 @@
|
||||
unsigned int len)
|
||||
{
|
||||
SECItem *dsasig = NULL; /* also used for ECDSA */
|
||||
- SECStatus rv = SECSuccess;
|
||||
|
||||
- if ((algid != SEC_OID_ANSIX9_DSA_SIGNATURE) &&
|
||||
- (algid != SEC_OID_ANSIX962_EC_PUBLIC_KEY)) {
|
||||
- if (sig->len != len) {
|
||||
- PORT_SetError(SEC_ERROR_BAD_DER);
|
||||
- return SECFailure;
|
||||
+ /* Safety: Ensure algId is as expected and that signature size is within maxmimums */
|
||||
+ if (algid == SEC_OID_ANSIX9_DSA_SIGNATURE) {
|
||||
+ if (len > DSA_MAX_SIGNATURE_LEN) {
|
||||
+ goto loser;
|
||||
}
|
||||
-
|
||||
- PORT_Memcpy(dsig, sig->data, sig->len);
|
||||
- return SECSuccess;
|
||||
+ } else if (algid == SEC_OID_ANSIX962_EC_PUBLIC_KEY) {
|
||||
+ if (len > MAX_ECKEY_LEN * 2) {
|
||||
+ goto loser;
|
||||
+ }
|
||||
+ } else {
|
||||
+ goto loser;
|
||||
}
|
||||
|
||||
- if (algid == SEC_OID_ANSIX962_EC_PUBLIC_KEY) {
|
||||
- if (len > MAX_ECKEY_LEN * 2) {
|
||||
- PORT_SetError(SEC_ERROR_BAD_DER);
|
||||
- return SECFailure;
|
||||
- }
|
||||
+ /* Decode and pad to length */
|
||||
+ dsasig = DSAU_DecodeDerSigToLen((SECItem *)sig, len);
|
||||
+ if (dsasig == NULL) {
|
||||
+ goto loser;
|
||||
}
|
||||
- dsasig = DSAU_DecodeDerSigToLen((SECItem *)sig, len);
|
||||
-
|
||||
- if ((dsasig == NULL) || (dsasig->len != len)) {
|
||||
- rv = SECFailure;
|
||||
- } else {
|
||||
- PORT_Memcpy(dsig, dsasig->data, dsasig->len);
|
||||
+ if (dsasig->len != len) {
|
||||
+ SECITEM_FreeItem(dsasig, PR_TRUE);
|
||||
+ goto loser;
|
||||
}
|
||||
|
||||
- if (dsasig != NULL)
|
||||
- SECITEM_FreeItem(dsasig, PR_TRUE);
|
||||
- if (rv == SECFailure)
|
||||
- PORT_SetError(SEC_ERROR_BAD_DER);
|
||||
- return rv;
|
||||
+ PORT_Memcpy(dsig, dsasig->data, len);
|
||||
+ SECITEM_FreeItem(dsasig, PR_TRUE);
|
||||
+
|
||||
+ return SECSuccess;
|
||||
+
|
||||
+loser:
|
||||
+ PORT_SetError(SEC_ERROR_BAD_DER);
|
||||
+ return SECFailure;
|
||||
}
|
||||
|
||||
const SEC_ASN1Template hashParameterTemplate[] =
|
||||
@@ -281,7 +312,7 @@
|
||||
sec_DecodeSigAlg(const SECKEYPublicKey *key, SECOidTag sigAlg,
|
||||
const SECItem *param, SECOidTag *encalgp, SECOidTag *hashalg)
|
||||
{
|
||||
- int len;
|
||||
+ unsigned int len;
|
||||
PLArenaPool *arena;
|
||||
SECStatus rv;
|
||||
SECItem oid;
|
||||
@@ -466,48 +497,52 @@
|
||||
cx->pkcs1RSADigestInfo = NULL;
|
||||
rv = SECSuccess;
|
||||
if (sig) {
|
||||
- switch (type) {
|
||||
- case rsaKey:
|
||||
- rv = recoverPKCS1DigestInfo(hashAlg, &cx->hashAlg,
|
||||
- &cx->pkcs1RSADigestInfo,
|
||||
- &cx->pkcs1RSADigestInfoLen,
|
||||
- cx->key,
|
||||
- sig, wincx);
|
||||
- break;
|
||||
- case rsaPssKey:
|
||||
- sigLen = SECKEY_SignatureLen(key);
|
||||
- if (sigLen == 0) {
|
||||
- /* error set by SECKEY_SignatureLen */
|
||||
- rv = SECFailure;
|
||||
+ rv = SECFailure;
|
||||
+ if (type == rsaKey) {
|
||||
+ rv = recoverPKCS1DigestInfo(hashAlg, &cx->hashAlg,
|
||||
+ &cx->pkcs1RSADigestInfo,
|
||||
+ &cx->pkcs1RSADigestInfoLen,
|
||||
+ cx->key,
|
||||
+ sig, wincx);
|
||||
+ } else {
|
||||
+ sigLen = checkedSignatureLen(key);
|
||||
+ /* Check signature length is within limits */
|
||||
+ if (sigLen == 0) {
|
||||
+ /* error set by checkedSignatureLen */
|
||||
+ rv = SECFailure;
|
||||
+ goto loser;
|
||||
+ }
|
||||
+ if (sigLen > sizeof(cx->u)) {
|
||||
+ PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
|
||||
+ rv = SECFailure;
|
||||
+ goto loser;
|
||||
+ }
|
||||
+ switch (type) {
|
||||
+ case rsaPssKey:
|
||||
+ if (sig->len != sigLen) {
|
||||
+ PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
|
||||
+ rv = SECFailure;
|
||||
+ goto loser;
|
||||
+ }
|
||||
+ PORT_Memcpy(cx->u.buffer, sig->data, sigLen);
|
||||
+ rv = SECSuccess;
|
||||
break;
|
||||
- }
|
||||
- if (sig->len != sigLen) {
|
||||
- PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
|
||||
+ case ecKey:
|
||||
+ case dsaKey:
|
||||
+ /* decodeECorDSASignature will check sigLen == sig->len after padding */
|
||||
+ rv = decodeECorDSASignature(encAlg, sig, cx->u.buffer, sigLen);
|
||||
+ break;
|
||||
+ default:
|
||||
+ /* Unreachable */
|
||||
rv = SECFailure;
|
||||
- break;
|
||||
- }
|
||||
- PORT_Memcpy(cx->u.buffer, sig->data, sigLen);
|
||||
- break;
|
||||
- case dsaKey:
|
||||
- case ecKey:
|
||||
- sigLen = SECKEY_SignatureLen(key);
|
||||
- if (sigLen == 0) {
|
||||
- /* error set by SECKEY_SignatureLen */
|
||||
- rv = SECFailure;
|
||||
- break;
|
||||
- }
|
||||
- rv = decodeECorDSASignature(encAlg, sig, cx->u.buffer, sigLen);
|
||||
- break;
|
||||
- default:
|
||||
- rv = SECFailure;
|
||||
- PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG);
|
||||
- break;
|
||||
+ goto loser;
|
||||
+ }
|
||||
+ }
|
||||
+ if (rv != SECSuccess) {
|
||||
+ goto loser;
|
||||
}
|
||||
}
|
||||
|
||||
- if (rv)
|
||||
- goto loser;
|
||||
-
|
||||
/* check hash alg again, RSA may have changed it.*/
|
||||
if (HASH_GetHashTypeByOidTag(cx->hashAlg) == HASH_AlgNULL) {
|
||||
/* error set by HASH_GetHashTypeByOidTag */
|
||||
@@ -650,11 +685,16 @@
|
||||
switch (cx->key->keyType) {
|
||||
case ecKey:
|
||||
case dsaKey:
|
||||
- dsasig.data = cx->u.buffer;
|
||||
- dsasig.len = SECKEY_SignatureLen(cx->key);
|
||||
+ dsasig.len = checkedSignatureLen(cx->key);
|
||||
if (dsasig.len == 0) {
|
||||
return SECFailure;
|
||||
}
|
||||
+ if (dsasig.len > sizeof(cx->u)) {
|
||||
+ PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
|
||||
+ return SECFailure;
|
||||
+ }
|
||||
+ dsasig.data = cx->u.buffer;
|
||||
+
|
||||
if (sig) {
|
||||
rv = decodeECorDSASignature(cx->encAlg, sig, dsasig.data,
|
||||
dsasig.len);
|
||||
@@ -686,8 +726,13 @@
|
||||
}
|
||||
|
||||
rsasig.data = cx->u.buffer;
|
||||
- rsasig.len = SECKEY_SignatureLen(cx->key);
|
||||
+ rsasig.len = checkedSignatureLen(cx->key);
|
||||
if (rsasig.len == 0) {
|
||||
+ /* Error set by checkedSignatureLen */
|
||||
+ return SECFailure;
|
||||
+ }
|
||||
+ if (rsasig.len > sizeof(cx->u)) {
|
||||
+ PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
|
||||
return SECFailure;
|
||||
}
|
||||
if (sig) {
|
||||
@@ -749,7 +794,6 @@
|
||||
SECStatus rv;
|
||||
VFYContext *cx;
|
||||
SECItem dsasig; /* also used for ECDSA */
|
||||
-
|
||||
rv = SECFailure;
|
||||
|
||||
cx = vfy_CreateContext(key, sig, encAlg, hashAlg, NULL, wincx);
|
||||
@@ -757,19 +801,25 @@
|
||||
switch (key->keyType) {
|
||||
case rsaKey:
|
||||
rv = verifyPKCS1DigestInfo(cx, digest);
|
||||
+ /* Error (if any) set by verifyPKCS1DigestInfo */
|
||||
break;
|
||||
- case dsaKey:
|
||||
case ecKey:
|
||||
+ case dsaKey:
|
||||
dsasig.data = cx->u.buffer;
|
||||
- dsasig.len = SECKEY_SignatureLen(cx->key);
|
||||
+ dsasig.len = checkedSignatureLen(cx->key);
|
||||
if (dsasig.len == 0) {
|
||||
+ /* Error set by checkedSignatureLen */
|
||||
+ rv = SECFailure;
|
||||
break;
|
||||
}
|
||||
- if (PK11_Verify(cx->key, &dsasig, (SECItem *)digest, cx->wincx) !=
|
||||
- SECSuccess) {
|
||||
+ if (dsasig.len > sizeof(cx->u)) {
|
||||
PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
|
||||
- } else {
|
||||
- rv = SECSuccess;
|
||||
+ rv = SECFailure;
|
||||
+ break;
|
||||
+ }
|
||||
+ rv = PK11_Verify(cx->key, &dsasig, (SECItem *)digest, cx->wincx);
|
||||
+ if (rv != SECSuccess) {
|
||||
+ PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
|
||||
}
|
||||
break;
|
||||
default:
|
||||
|
45
SOURCES/nss-3.67-fix-coverity-issues.patch
Normal file
45
SOURCES/nss-3.67-fix-coverity-issues.patch
Normal file
@ -0,0 +1,45 @@
|
||||
diff -up ./lib/pk11wrap/pk11cxt.c.coverity ./lib/pk11wrap/pk11cxt.c
|
||||
--- ./lib/pk11wrap/pk11cxt.c.coverity 2021-06-18 09:36:19.499203028 -0700
|
||||
+++ ./lib/pk11wrap/pk11cxt.c 2021-06-18 09:37:57.993765299 -0700
|
||||
@@ -382,7 +382,7 @@ pk11_CreateNewContextInSlot(CK_MECHANISM
|
||||
* of the connection.*/
|
||||
context->fortezzaHack = PR_FALSE;
|
||||
if (type == CKM_SKIPJACK_CBC64) {
|
||||
- if (symKey->origin == PK11_OriginFortezzaHack) {
|
||||
+ if (symKey && (symKey->origin == PK11_OriginFortezzaHack)) {
|
||||
context->fortezzaHack = PR_TRUE;
|
||||
}
|
||||
}
|
||||
diff -up ./lib/pk11wrap/pk11hpke.c.coverity ./lib/pk11wrap/pk11hpke.c
|
||||
--- ./lib/pk11wrap/pk11hpke.c.coverity 2021-06-18 13:40:05.410644464 -0700
|
||||
+++ ./lib/pk11wrap/pk11hpke.c 2021-06-18 13:42:40.627606469 -0700
|
||||
@@ -1164,8 +1164,6 @@ PK11_HPKE_Seal(HpkeContext *cx, const SE
|
||||
unsigned char tagBuf[HASH_LENGTH_MAX];
|
||||
size_t tagLen;
|
||||
unsigned int fixedBits;
|
||||
- PORT_Assert(cx->baseNonce->len == sizeof(ivOut));
|
||||
- PORT_Memcpy(ivOut, cx->baseNonce->data, cx->baseNonce->len);
|
||||
|
||||
/* aad may be NULL, PT may be zero-length but not NULL. */
|
||||
if (!cx || !cx->aeadContext ||
|
||||
@@ -1176,6 +1174,9 @@ PK11_HPKE_Seal(HpkeContext *cx, const SE
|
||||
return SECFailure;
|
||||
}
|
||||
|
||||
+ PORT_Assert(cx->baseNonce->len == sizeof(ivOut));
|
||||
+ PORT_Memcpy(ivOut, cx->baseNonce->data, cx->baseNonce->len);
|
||||
+
|
||||
tagLen = cx->aeadParams->tagLen;
|
||||
maxOut = pt->len + tagLen;
|
||||
fixedBits = (cx->baseNonce->len - 8) * 8;
|
||||
diff -up ./lib/softoken/sftkike.c.coverity ./lib/softoken/sftkike.c
|
||||
--- ./lib/softoken/sftkike.c.coverity 2021-06-18 09:33:59.633405513 -0700
|
||||
+++ ./lib/softoken/sftkike.c 2021-06-18 09:34:20.305523382 -0700
|
||||
@@ -1411,7 +1411,6 @@ sftk_fips_IKE_PowerUpSelfTests(void)
|
||||
(outKeySize != sizeof(ike_known_sha256_prf_plus)) ||
|
||||
(PORT_Memcmp(outKeyData, ike_known_sha256_prf_plus,
|
||||
sizeof(ike_known_sha256_prf_plus)) != 0)) {
|
||||
- PORT_ZFree(outKeyData, outKeySize);
|
||||
PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
|
||||
return SECFailure;
|
||||
}
|
@ -1,12 +1,7 @@
|
||||
diff --git a/lib/softoken/sftkpwd.c b/lib/softoken/sftkpwd.c
|
||||
--- a/lib/softoken/sftkpwd.c
|
||||
+++ b/lib/softoken/sftkpwd.c
|
||||
@@ -277,17 +277,19 @@ sftkdb_DecryptAttribute(SFTKDBHandle *ha
|
||||
*plain = nsspkcs5_CipherData(cipherValue.param, passKey, &cipherValue.value,
|
||||
PR_FALSE, NULL);
|
||||
if (*plain == NULL) {
|
||||
rv = SECFailure;
|
||||
goto loser;
|
||||
diff -up ./lib/softoken/sftkpwd.c.orig ./lib/softoken/sftkpwd.c
|
||||
--- ./lib/softoken/sftkpwd.c.orig 2021-06-10 05:33:12.000000000 -0700
|
||||
+++ ./lib/softoken/sftkpwd.c 2021-07-01 14:04:34.068596942 -0700
|
||||
@@ -287,9 +287,12 @@ sftkdb_DecryptAttribute(SFTKDBHandle *ha
|
||||
}
|
||||
|
||||
/* If we are using aes 256, we need to check authentication as well.*/
|
||||
@ -16,29 +11,38 @@ diff --git a/lib/softoken/sftkpwd.c b/lib/softoken/sftkpwd.c
|
||||
+ (cipherValue.param->encAlg == SEC_OID_AES_256_CBC)) {
|
||||
SECItem signature;
|
||||
unsigned char signData[SDB_MAX_META_DATA_LEN];
|
||||
+ CK_RV crv;
|
||||
|
||||
/* if we get here from the old legacy db, there is clearly an
|
||||
* error, don't return the plaintext */
|
||||
if (handle == NULL) {
|
||||
rv = SECFailure;
|
||||
PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
|
||||
@@ -299,17 +301,27 @@ sftkdb_DecryptAttribute(SFTKDBHandle *ha
|
||||
rv = sftkdb_GetAttributeSignature(handle, handle, id, type,
|
||||
@@ -301,15 +304,28 @@ sftkdb_DecryptAttribute(SFTKDBHandle *ha
|
||||
|
||||
signature.data = signData;
|
||||
signature.len = sizeof(signData);
|
||||
- rv = sftkdb_GetAttributeSignature(handle, handle, id, type,
|
||||
+ rv = SECFailure;
|
||||
+ /* sign sftkdb_GetAttriibuteSignature returns a crv, not an rv */
|
||||
+ crv = sftkdb_GetAttributeSignature(handle, handle, id, type,
|
||||
&signature);
|
||||
if (rv != SECSuccess) {
|
||||
goto loser;
|
||||
- if (rv != SECSuccess) {
|
||||
- goto loser;
|
||||
+ if (crv == CKR_OK) {
|
||||
+ rv = sftkdb_VerifyAttribute(handle, passKey, CK_INVALID_HANDLE,
|
||||
+ type, *plain, &signature);
|
||||
}
|
||||
rv = sftkdb_VerifyAttribute(handle, passKey, CK_INVALID_HANDLE, type,
|
||||
*plain, &signature);
|
||||
- rv = sftkdb_VerifyAttribute(handle, passKey, CK_INVALID_HANDLE, type,
|
||||
- *plain, &signature);
|
||||
if (rv != SECSuccess) {
|
||||
- goto loser;
|
||||
+ /* handle a bug where old versions of NSS misfiled the signature
|
||||
+ * attribute on password update */
|
||||
+ id |= SFTK_KEYDB_TYPE|SFTK_TOKEN_TYPE;
|
||||
+ signature.len = sizeof(signData);
|
||||
+ rv = sftkdb_GetAttributeSignature(handle, handle, id, type,
|
||||
+ crv = sftkdb_GetAttributeSignature(handle, handle, id, type,
|
||||
+ &signature);
|
||||
+ if (rv != SECSuccess) {
|
||||
+ if (crv != CKR_OK) {
|
||||
+ rv = SECFailure;
|
||||
+ PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
|
||||
+ goto loser;
|
||||
+ }
|
||||
+ rv = sftkdb_VerifyAttribute(handle, passKey, CK_INVALID_HANDLE,
|
||||
@ -46,17 +50,7 @@ diff --git a/lib/softoken/sftkpwd.c b/lib/softoken/sftkpwd.c
|
||||
}
|
||||
}
|
||||
|
||||
loser:
|
||||
if (cipherValue.param) {
|
||||
nsspkcs5_DestroyPBEParameter(cipherValue.param);
|
||||
}
|
||||
if (cipherValue.arena) {
|
||||
@@ -1186,16 +1198,17 @@ sftk_updateEncrypted(PLArenaPool *arena,
|
||||
};
|
||||
const CK_ULONG privAttrCount = sizeof(privAttrTypes) / sizeof(privAttrTypes[0]);
|
||||
|
||||
// We don't know what attributes this object has, so we update them one at a
|
||||
// time.
|
||||
@@ -1198,6 +1214,7 @@ sftk_updateEncrypted(PLArenaPool *arena,
|
||||
unsigned int i;
|
||||
for (i = 0; i < privAttrCount; i++) {
|
||||
// Read the old attribute in the clear.
|
||||
@ -64,17 +58,7 @@ diff --git a/lib/softoken/sftkpwd.c b/lib/softoken/sftkpwd.c
|
||||
CK_ATTRIBUTE privAttr = { privAttrTypes[i], NULL, 0 };
|
||||
CK_RV crv = sftkdb_GetAttributeValue(keydb, id, &privAttr, 1);
|
||||
if (crv != CKR_OK) {
|
||||
continue;
|
||||
}
|
||||
if ((privAttr.ulValueLen == -1) || (privAttr.ulValueLen == 0)) {
|
||||
continue;
|
||||
}
|
||||
@@ -1210,30 +1223,29 @@ sftk_updateEncrypted(PLArenaPool *arena,
|
||||
if ((privAttr.ulValueLen == -1) || (privAttr.ulValueLen == 0)) {
|
||||
return CKR_GENERAL_ERROR;
|
||||
}
|
||||
SECItem plainText;
|
||||
SECItem *result;
|
||||
@@ -1222,7 +1239,7 @@ sftk_updateEncrypted(PLArenaPool *arena,
|
||||
plainText.data = privAttr.pValue;
|
||||
plainText.len = privAttr.ulValueLen;
|
||||
if (sftkdb_EncryptAttribute(arena, keydb, keydb->db, newKey,
|
||||
@ -83,9 +67,7 @@ diff --git a/lib/softoken/sftkpwd.c b/lib/softoken/sftkpwd.c
|
||||
&plainText, &result) != SECSuccess) {
|
||||
return CKR_GENERAL_ERROR;
|
||||
}
|
||||
privAttr.pValue = result->data;
|
||||
privAttr.ulValueLen = result->len;
|
||||
// Clear sensitive data.
|
||||
@@ -1232,10 +1249,9 @@ sftk_updateEncrypted(PLArenaPool *arena,
|
||||
PORT_Memset(plainText.data, 0, plainText.len);
|
||||
|
||||
// Write the newly encrypted attributes out directly.
|
||||
@ -97,8 +79,3 @@ diff --git a/lib/softoken/sftkpwd.c b/lib/softoken/sftkpwd.c
|
||||
keydb->newKey = NULL;
|
||||
if (crv != CKR_OK) {
|
||||
return crv;
|
||||
}
|
||||
}
|
||||
|
||||
return CKR_OK;
|
||||
}
|
63
SOURCES/nss-3.67-fix-sdb-timeout.patch
Normal file
63
SOURCES/nss-3.67-fix-sdb-timeout.patch
Normal file
@ -0,0 +1,63 @@
|
||||
diff --git a/lib/softoken/sdb.c b/lib/softoken/sdb.c
|
||||
--- a/lib/softoken/sdb.c
|
||||
+++ b/lib/softoken/sdb.c
|
||||
@@ -1519,16 +1519,18 @@ sdb_Begin(SDB *sdb)
|
||||
|
||||
sqlerr = sqlite3_prepare_v2(sqlDB, BEGIN_CMD, -1, &stmt, NULL);
|
||||
|
||||
do {
|
||||
sqlerr = sqlite3_step(stmt);
|
||||
if (sqlerr == SQLITE_BUSY) {
|
||||
PR_Sleep(SDB_BUSY_RETRY_TIME);
|
||||
}
|
||||
+ /* don't retry BEGIN transaction*/
|
||||
+ retry = 0;
|
||||
} while (!sdb_done(sqlerr, &retry));
|
||||
|
||||
if (stmt) {
|
||||
sqlite3_reset(stmt);
|
||||
sqlite3_finalize(stmt);
|
||||
}
|
||||
|
||||
loser:
|
||||
diff --git a/lib/softoken/sftkdb.c b/lib/softoken/sftkdb.c
|
||||
--- a/lib/softoken/sftkdb.c
|
||||
+++ b/lib/softoken/sftkdb.c
|
||||
@@ -1521,17 +1521,17 @@ sftkdb_DestroyObject(SFTKDBHandle *handl
|
||||
if (handle == NULL) {
|
||||
return CKR_TOKEN_WRITE_PROTECTED;
|
||||
}
|
||||
db = SFTK_GET_SDB(handle);
|
||||
objectID &= SFTK_OBJ_ID_MASK;
|
||||
|
||||
crv = (*db->sdb_Begin)(db);
|
||||
if (crv != CKR_OK) {
|
||||
- goto loser;
|
||||
+ return crv;
|
||||
}
|
||||
crv = (*db->sdb_DestroyObject)(db, objectID);
|
||||
if (crv != CKR_OK) {
|
||||
goto loser;
|
||||
}
|
||||
/* if the database supports meta data, delete any old signatures
|
||||
* that we may have added */
|
||||
if ((db->sdb_flags & SDB_HAS_META) == SDB_HAS_META) {
|
||||
@@ -2456,17 +2456,17 @@ sftkdb_Update(SFTKDBHandle *handle, SECI
|
||||
return CKR_OK;
|
||||
}
|
||||
/*
|
||||
* put the whole update under a transaction. This allows us to handle
|
||||
* any possible race conditions between with the updateID check.
|
||||
*/
|
||||
crv = (*handle->db->sdb_Begin)(handle->db);
|
||||
if (crv != CKR_OK) {
|
||||
- goto loser;
|
||||
+ return crv;
|
||||
}
|
||||
inTransaction = PR_TRUE;
|
||||
|
||||
/* some one else has already updated this db */
|
||||
if (sftkdb_hasUpdate(sftkdb_TypeString(handle),
|
||||
handle->db, handle->updateID)) {
|
||||
crv = CKR_OK;
|
||||
goto done;
|
122
SOURCES/nss-3.67-fix-ssl-alerts.patch
Normal file
122
SOURCES/nss-3.67-fix-ssl-alerts.patch
Normal file
@ -0,0 +1,122 @@
|
||||
diff -up ./lib/ssl/ssl3con.c.alert-fix ./lib/ssl/ssl3con.c
|
||||
--- ./lib/ssl/ssl3con.c.alert-fix 2021-06-10 05:33:12.000000000 -0700
|
||||
+++ ./lib/ssl/ssl3con.c 2021-07-06 17:08:25.894018521 -0700
|
||||
@@ -4319,7 +4319,11 @@ ssl_SignatureSchemeValid(SSLSignatureSch
|
||||
if (!ssl_IsSupportedSignatureScheme(scheme)) {
|
||||
return PR_FALSE;
|
||||
}
|
||||
- if (!ssl_SignatureSchemeMatchesSpkiOid(scheme, spkiOid)) {
|
||||
+ /* if we are purposefully passed SEC_OID_UNKOWN, it means
|
||||
+ * we not checking the scheme against a potential key, so skip
|
||||
+ * the call */
|
||||
+ if ((spkiOid != SEC_OID_UNKNOWN) &&
|
||||
+ !ssl_SignatureSchemeMatchesSpkiOid(scheme, spkiOid)) {
|
||||
return PR_FALSE;
|
||||
}
|
||||
if (isTls13) {
|
||||
@@ -4517,7 +4521,8 @@ ssl_CheckSignatureSchemeConsistency(sslS
|
||||
}
|
||||
|
||||
/* Verify that the signature scheme matches the signing key. */
|
||||
- if (!ssl_SignatureSchemeValid(scheme, spkiOid, isTLS13)) {
|
||||
+ if ((spkiOid == SEC_OID_UNKNOWN) ||
|
||||
+ !ssl_SignatureSchemeValid(scheme, spkiOid, isTLS13)) {
|
||||
PORT_SetError(SSL_ERROR_INCORRECT_SIGNATURE_ALGORITHM);
|
||||
return SECFailure;
|
||||
}
|
||||
@@ -4533,6 +4538,7 @@ ssl_CheckSignatureSchemeConsistency(sslS
|
||||
PRBool
|
||||
ssl_IsSupportedSignatureScheme(SSLSignatureScheme scheme)
|
||||
{
|
||||
+ PRBool isSupported = PR_FALSE;
|
||||
switch (scheme) {
|
||||
case ssl_sig_rsa_pkcs1_sha1:
|
||||
case ssl_sig_rsa_pkcs1_sha256:
|
||||
@@ -4552,7 +4558,8 @@ ssl_IsSupportedSignatureScheme(SSLSignat
|
||||
case ssl_sig_dsa_sha384:
|
||||
case ssl_sig_dsa_sha512:
|
||||
case ssl_sig_ecdsa_sha1:
|
||||
- return PR_TRUE;
|
||||
+ isSupported = PR_TRUE;
|
||||
+ break;
|
||||
|
||||
case ssl_sig_rsa_pkcs1_sha1md5:
|
||||
case ssl_sig_none:
|
||||
@@ -4560,7 +4567,19 @@ ssl_IsSupportedSignatureScheme(SSLSignat
|
||||
case ssl_sig_ed448:
|
||||
return PR_FALSE;
|
||||
}
|
||||
- return PR_FALSE;
|
||||
+ if (isSupported) {
|
||||
+ SECOidTag hashOID = ssl3_HashTypeToOID(ssl_SignatureSchemeToHashType(scheme));
|
||||
+ PRUint32 policy;
|
||||
+ const PRUint32 sigSchemePolicy=
|
||||
+ NSS_USE_ALG_IN_SSL_KX|NSS_USE_ALG_IN_SIGNATURE;
|
||||
+ /* check hash policy */
|
||||
+ if ((NSS_GetAlgorithmPolicy(hashOID, &policy) == SECSuccess) &&
|
||||
+ ((policy & sigSchemePolicy) != sigSchemePolicy)) {
|
||||
+ return PR_FALSE;
|
||||
+ }
|
||||
+ /* check algorithm policy */
|
||||
+ }
|
||||
+ return isSupported;
|
||||
}
|
||||
|
||||
PRBool
|
||||
@@ -6533,6 +6552,9 @@ ssl_PickSignatureScheme(sslSocket *ss,
|
||||
}
|
||||
|
||||
spkiOid = SECOID_GetAlgorithmTag(&cert->subjectPublicKeyInfo.algorithm);
|
||||
+ if (spkiOid == SEC_OID_UNKNOWN) {
|
||||
+ goto loser;
|
||||
+ }
|
||||
|
||||
/* Now we have to search based on the key type. Go through our preferred
|
||||
* schemes in order and find the first that can be used. */
|
||||
@@ -6547,6 +6569,7 @@ ssl_PickSignatureScheme(sslSocket *ss,
|
||||
}
|
||||
}
|
||||
|
||||
+loser:
|
||||
PORT_SetError(SSL_ERROR_UNSUPPORTED_SIGNATURE_ALGORITHM);
|
||||
return SECFailure;
|
||||
}
|
||||
@@ -7700,7 +7723,8 @@ ssl_ParseSignatureSchemes(const sslSocke
|
||||
PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
|
||||
return SECFailure;
|
||||
}
|
||||
- if (ssl_IsSupportedSignatureScheme((SSLSignatureScheme)tmp)) {
|
||||
+ if (ssl_SignatureSchemeValid((SSLSignatureScheme)tmp, SEC_OID_UNKNOWN,
|
||||
+ (PRBool)ss->version >= SSL_LIBRARY_VERSION_TLS_1_3)) {;
|
||||
schemes[numSupported++] = (SSLSignatureScheme)tmp;
|
||||
}
|
||||
}
|
||||
@@ -10286,7 +10310,12 @@ ssl3_HandleCertificateVerify(sslSocket *
|
||||
PORT_Assert(ss->ssl3.hs.hashType == handshake_hash_record);
|
||||
rv = ssl_ConsumeSignatureScheme(ss, &b, &length, &sigScheme);
|
||||
if (rv != SECSuccess) {
|
||||
- goto loser; /* malformed or unsupported. */
|
||||
+ errCode = PORT_GetError();
|
||||
+ /* unsupported == illegal_parameter, others == handshake_failure. */
|
||||
+ if (errCode == SSL_ERROR_UNSUPPORTED_SIGNATURE_ALGORITHM) {
|
||||
+ desc = illegal_parameter;
|
||||
+ }
|
||||
+ goto alert_loser;
|
||||
}
|
||||
rv = ssl_CheckSignatureSchemeConsistency(
|
||||
ss, sigScheme, &ss->sec.peerCert->subjectPublicKeyInfo);
|
||||
diff -up ./gtests/ssl_gtest/ssl_extension_unittest.cc.alert-fix ./gtests/ssl_gtest/ssl_extension_unittest.cc
|
||||
--- ./gtests/ssl_gtest/ssl_extension_unittest.cc.alert-fix 2021-07-07 11:32:11.634376932 -0700
|
||||
+++ ./gtests/ssl_gtest/ssl_extension_unittest.cc 2021-07-07 11:33:30.595841110 -0700
|
||||
@@ -428,7 +428,10 @@ TEST_P(TlsExtensionTest12Plus, Signature
|
||||
}
|
||||
|
||||
TEST_P(TlsExtensionTest12Plus, SignatureAlgorithmsTrailingData) {
|
||||
- const uint8_t val[] = {0x00, 0x02, 0x04, 0x01, 0x00}; // sha-256, rsa
|
||||
+ // make sure the test uses an algorithm that is legal for
|
||||
+ // tls 1.3 (or tls 1.3 will through and illegalParameter
|
||||
+ // instead of a decode error)
|
||||
+ const uint8_t val[] = {0x00, 0x02, 0x08, 0x09, 0x00}; // sha-256, rsa-pss-pss
|
||||
DataBuffer extension(val, sizeof(val));
|
||||
ClientHelloErrorTest(std::make_shared<TlsExtensionReplacer>(
|
||||
client_, ssl_signature_algorithms_xtn, extension));
|
132
SOURCES/nss-config.xml
Normal file
132
SOURCES/nss-config.xml
Normal file
@ -0,0 +1,132 @@
|
||||
<?xml version='1.0' encoding='utf-8'?>
|
||||
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
|
||||
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
|
||||
<!ENTITY date SYSTEM "date.xml">
|
||||
<!ENTITY version SYSTEM "version.xml">
|
||||
]>
|
||||
|
||||
<refentry id="nss-config">
|
||||
|
||||
<refentryinfo>
|
||||
<date>&date;</date>
|
||||
<title>Network Security Services</title>
|
||||
<productname>nss</productname>
|
||||
<productnumber>&version;</productnumber>
|
||||
</refentryinfo>
|
||||
|
||||
<refmeta>
|
||||
<refentrytitle>nss-config</refentrytitle>
|
||||
<manvolnum>1</manvolnum>
|
||||
</refmeta>
|
||||
|
||||
<refnamediv>
|
||||
<refname>nss-config</refname>
|
||||
<refpurpose>Return meta information about nss libraries</refpurpose>
|
||||
</refnamediv>
|
||||
|
||||
<refsynopsisdiv>
|
||||
<cmdsynopsis>
|
||||
<command>nss-config</command>
|
||||
<arg><option>--prefix</option></arg>
|
||||
<arg><option>--exec-prefix</option></arg>
|
||||
<arg><option>--includedir</option></arg>
|
||||
<arg><option>--libs</option></arg>
|
||||
<arg><option>--cflags</option></arg>
|
||||
<arg><option>--libdir</option></arg>
|
||||
<arg><option>--version</option></arg>
|
||||
</cmdsynopsis>
|
||||
</refsynopsisdiv>
|
||||
|
||||
<refsection id="description">
|
||||
<title>Description</title>
|
||||
|
||||
<para><command>nss-config</command> is a shell scrip
|
||||
tool which can be used to obtain gcc options for building client pacakges of nspt. </para>
|
||||
|
||||
</refsection>
|
||||
|
||||
<refsection>
|
||||
<title>Options</title>
|
||||
|
||||
<variablelist>
|
||||
<varlistentry>
|
||||
<term><option>--prefix</option></term>
|
||||
<listitem><simpara>Returns the top level system directory under which the nss libraries are installed.</simpara></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><option>--exec-prefix</option></term>
|
||||
<listitem><simpara>returns the top level system directory under which any nss binaries would be installed.</simpara></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><option>--includedir</option> <replaceable>count</replaceable></term>
|
||||
<listitem><simpara>returns the path to the directory were the nss libraries are installed.</simpara></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><option>--version</option></term>
|
||||
<listitem><simpara>returns the upstream version of nss in the form major_version-minor_version-patch_version.</simpara></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><option>--libs</option></term>
|
||||
<listitem><simpara>returns the compiler linking flags.</simpara></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><option>--cflags</option></term>
|
||||
<listitem><simpara>returns the compiler include flags.</simpara></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><option>--libdir</option></term>
|
||||
<listitem><simpara>returns the path to the directory were the nss libraries are installed.</simpara></listitem>
|
||||
</varlistentry>
|
||||
|
||||
</variablelist>
|
||||
</refsection>
|
||||
|
||||
<refsection>
|
||||
<title>Examples</title>
|
||||
|
||||
<para>The following example will query for both include path and linkage flags:
|
||||
|
||||
<programlisting>
|
||||
/usr/bin/nss-config --cflags --libs
|
||||
</programlisting>
|
||||
|
||||
</para>
|
||||
|
||||
|
||||
</refsection>
|
||||
|
||||
<refsection>
|
||||
<title>Files</title>
|
||||
|
||||
<para><filename>/usr/bin/nss-config</filename></para>
|
||||
|
||||
</refsection>
|
||||
|
||||
<refsection>
|
||||
<title>See also</title>
|
||||
<para>pkg-config(1)</para>
|
||||
</refsection>
|
||||
|
||||
<refsection id="authors">
|
||||
<title>Authors</title>
|
||||
<para>The nss liraries were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google.</para>
|
||||
<para>
|
||||
Authors: Elio Maldonado <emaldona@redhat.com>.
|
||||
</para>
|
||||
</refsection>
|
||||
|
||||
<!-- don't change -->
|
||||
<refsection id="license">
|
||||
<title>LICENSE</title>
|
||||
<para>Licensed under the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
||||
</para>
|
||||
</refsection>
|
||||
|
||||
</refentry>
|
||||
|
@ -1,7 +1,18 @@
|
||||
diff -up nss/lib/ssl/sslsock.c.dc nss/lib/ssl/sslsock.c
|
||||
--- nss/lib/ssl/sslsock.c.dc 2020-07-29 14:05:10.413370267 +0200
|
||||
+++ nss/lib/ssl/sslsock.c 2020-07-29 14:06:38.339805833 +0200
|
||||
@@ -798,7 +798,7 @@ SSL_OptionSet(PRFileDesc *fd, PRInt32 wh
|
||||
diff -up ./gtests/ssl_gtest/manifest.mn.orig ./gtests/ssl_gtest/manifest.mn
|
||||
--- ./gtests/ssl_gtest/manifest.mn.orig 2021-06-02 15:40:48.677355426 -0700
|
||||
+++ ./gtests/ssl_gtest/manifest.mn 2021-06-02 15:42:31.248977261 -0700
|
||||
@@ -57,7 +57,6 @@ CPPSRCS = \
|
||||
tls_filter.cc \
|
||||
tls_protect.cc \
|
||||
tls_psk_unittest.cc \
|
||||
- tls_subcerts_unittest.cc \
|
||||
tls_ech_unittest.cc \
|
||||
$(SSLKEYLOGFILE_FILES) \
|
||||
$(NULL)
|
||||
diff -up ./lib/ssl/sslsock.c.orig ./lib/ssl/sslsock.c
|
||||
--- ./lib/ssl/sslsock.c.orig 2021-05-28 02:50:43.000000000 -0700
|
||||
+++ ./lib/ssl/sslsock.c 2021-06-02 15:40:48.676355420 -0700
|
||||
@@ -819,7 +819,7 @@ SSL_OptionSet(PRFileDesc *fd, PRInt32 wh
|
||||
break;
|
||||
|
||||
case SSL_ENABLE_DELEGATED_CREDENTIALS:
|
||||
@ -10,7 +21,7 @@ diff -up nss/lib/ssl/sslsock.c.dc nss/lib/ssl/sslsock.c
|
||||
break;
|
||||
|
||||
case SSL_ENABLE_NPN:
|
||||
@@ -1316,7 +1316,7 @@ SSL_OptionSetDefault(PRInt32 which, PRIn
|
||||
@@ -1337,7 +1337,7 @@ SSL_OptionSetDefault(PRInt32 which, PRIn
|
||||
break;
|
||||
|
||||
case SSL_ENABLE_DELEGATED_CREDENTIALS:
|
||||
@ -19,14 +30,3 @@ diff -up nss/lib/ssl/sslsock.c.dc nss/lib/ssl/sslsock.c
|
||||
break;
|
||||
|
||||
case SSL_ENABLE_NPN:
|
||||
diff -up nss/gtests/ssl_gtest/manifest.mn.dc nss/gtests/ssl_gtest/manifest.mn
|
||||
--- nss/gtests/ssl_gtest/manifest.mn.dc 2020-07-29 16:46:29.574134443 +0200
|
||||
+++ nss/gtests/ssl_gtest/manifest.mn 2020-07-29 16:46:35.821094263 +0200
|
||||
@@ -56,7 +56,6 @@ CPPSRCS = \
|
||||
tls_hkdf_unittest.cc \
|
||||
tls_filter.cc \
|
||||
tls_protect.cc \
|
||||
- tls_subcerts_unittest.cc \
|
||||
tls_esni_unittest.cc \
|
||||
$(SSLKEYLOGFILE_FILES) \
|
||||
$(NULL)
|
||||
|
@ -1,20 +1,20 @@
|
||||
diff -r 699541a7793b lib/pk11wrap/pk11pars.c
|
||||
--- a/lib/pk11wrap/pk11pars.c Tue Jun 16 23:03:22 2020 +0000
|
||||
+++ b/lib/pk11wrap/pk11pars.c Thu Jun 25 14:33:09 2020 +0200
|
||||
@@ -323,11 +323,11 @@
|
||||
--- a/lib/pk11wrap/pk11pars.c 2021-04-16 14:43:41.668835607 -0700
|
||||
+++ b/lib/pk11wrap/pk11pars.c 2021-04-16 14:43:50.585888411 -0700
|
||||
@@ -324,11 +324,11 @@ static const oidValDef curveOptList[] =
|
||||
static const oidValDef hashOptList[] = {
|
||||
/* Hashes */
|
||||
{ CIPHER_NAME("MD2"), SEC_OID_MD2,
|
||||
- NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
|
||||
- NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_SIGNATURE },
|
||||
+ 0 },
|
||||
{ CIPHER_NAME("MD4"), SEC_OID_MD4,
|
||||
- NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
|
||||
- NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_SIGNATURE },
|
||||
+ 0 },
|
||||
{ CIPHER_NAME("MD5"), SEC_OID_MD5,
|
||||
- NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
|
||||
- NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_SIGNATURE },
|
||||
+ 0 },
|
||||
{ CIPHER_NAME("SHA1"), SEC_OID_SHA1,
|
||||
NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
|
||||
NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_SIGNATURE },
|
||||
{ CIPHER_NAME("SHA224"), SEC_OID_SHA224,
|
||||
diff -r 699541a7793b lib/util/secoid.c
|
||||
--- a/lib/util/secoid.c Tue Jun 16 23:03:22 2020 +0000
|
||||
|
@ -1,247 +0,0 @@
|
||||
# HG changeset patch
|
||||
# User Daiki Ueno <dueno@redhat.com>
|
||||
# Date 1594360877 -7200
|
||||
# Fri Jul 10 08:01:17 2020 +0200
|
||||
# Node ID df1d2695e115ed9e6f7e8df6ad4d7be2c9bc77d8
|
||||
# Parent de661583d46713c9b4873a904dda3a8ba4a61976
|
||||
Bug 1646324, advertise rsa_pkcs1_* schemes in CH and CR for certs, r=mt
|
||||
|
||||
Summary:
|
||||
In TLS 1.3, unless "signature_algorithms_cert" is advertised, the
|
||||
"signature_algorithms" extension is used as an indication of supported
|
||||
algorithms for signatures on certificates. While rsa_pkcs1_*
|
||||
signatures schemes cannot be used for signing handshake messages, they
|
||||
should be advertised if the peer wants to to support certificates
|
||||
signed with RSA PKCS#1.
|
||||
|
||||
This adds a flag to ssl3_EncodeSigAlgs() and ssl3_FilterSigAlgs() to
|
||||
preserve rsa_pkcs1_* schemes in the output.
|
||||
|
||||
Reviewers: mt
|
||||
|
||||
Reviewed By: mt
|
||||
|
||||
Bug #: 1646324
|
||||
|
||||
Differential Revision: https://phabricator.services.mozilla.com/D80881
|
||||
|
||||
diff -r de661583d467 -r df1d2695e115 gtests/ssl_gtest/ssl_auth_unittest.cc
|
||||
--- a/gtests/ssl_gtest/ssl_auth_unittest.cc Thu Jul 09 22:45:27 2020 +0000
|
||||
+++ b/gtests/ssl_gtest/ssl_auth_unittest.cc Fri Jul 10 08:01:17 2020 +0200
|
||||
@@ -1591,6 +1591,47 @@
|
||||
capture->extension());
|
||||
}
|
||||
|
||||
+TEST_P(TlsConnectTls13, Tls13RsaPkcs1IsAdvertisedClient) {
|
||||
+ EnsureTlsSetup();
|
||||
+ static const SSLSignatureScheme kSchemes[] = {ssl_sig_rsa_pkcs1_sha256,
|
||||
+ ssl_sig_rsa_pss_rsae_sha256};
|
||||
+ client_->SetSignatureSchemes(kSchemes, PR_ARRAY_SIZE(kSchemes));
|
||||
+ auto capture =
|
||||
+ MakeTlsFilter<TlsExtensionCapture>(client_, ssl_signature_algorithms_xtn);
|
||||
+ Connect();
|
||||
+ // We should only have the one signature algorithm advertised.
|
||||
+ static const uint8_t kExpectedExt[] = {0,
|
||||
+ 4,
|
||||
+ ssl_sig_rsa_pss_rsae_sha256 >> 8,
|
||||
+ ssl_sig_rsa_pss_rsae_sha256 & 0xff,
|
||||
+ ssl_sig_rsa_pkcs1_sha256 >> 8,
|
||||
+ ssl_sig_rsa_pkcs1_sha256 & 0xff};
|
||||
+ ASSERT_EQ(DataBuffer(kExpectedExt, sizeof(kExpectedExt)),
|
||||
+ capture->extension());
|
||||
+}
|
||||
+
|
||||
+TEST_P(TlsConnectTls13, Tls13RsaPkcs1IsAdvertisedServer) {
|
||||
+ EnsureTlsSetup();
|
||||
+ static const SSLSignatureScheme kSchemes[] = {ssl_sig_rsa_pkcs1_sha256,
|
||||
+ ssl_sig_rsa_pss_rsae_sha256};
|
||||
+ server_->SetSignatureSchemes(kSchemes, PR_ARRAY_SIZE(kSchemes));
|
||||
+ auto capture = MakeTlsFilter<TlsExtensionCapture>(
|
||||
+ server_, ssl_signature_algorithms_xtn, true);
|
||||
+ capture->SetHandshakeTypes({kTlsHandshakeCertificateRequest});
|
||||
+ capture->EnableDecryption();
|
||||
+ server_->RequestClientAuth(false); // So we get a CertificateRequest.
|
||||
+ Connect();
|
||||
+ // We should only have the one signature algorithm advertised.
|
||||
+ static const uint8_t kExpectedExt[] = {0,
|
||||
+ 4,
|
||||
+ ssl_sig_rsa_pss_rsae_sha256 >> 8,
|
||||
+ ssl_sig_rsa_pss_rsae_sha256 & 0xff,
|
||||
+ ssl_sig_rsa_pkcs1_sha256 >> 8,
|
||||
+ ssl_sig_rsa_pkcs1_sha256 & 0xff};
|
||||
+ ASSERT_EQ(DataBuffer(kExpectedExt, sizeof(kExpectedExt)),
|
||||
+ capture->extension());
|
||||
+}
|
||||
+
|
||||
// variant, version, certificate, auth type, signature scheme
|
||||
typedef std::tuple<SSLProtocolVariant, uint16_t, std::string, SSLAuthType,
|
||||
SSLSignatureScheme>
|
||||
diff -r de661583d467 -r df1d2695e115 lib/ssl/ssl3con.c
|
||||
--- a/lib/ssl/ssl3con.c Thu Jul 09 22:45:27 2020 +0000
|
||||
+++ b/lib/ssl/ssl3con.c Fri Jul 10 08:01:17 2020 +0200
|
||||
@@ -784,15 +784,19 @@
|
||||
* Both by policy and by having a token that supports it. */
|
||||
static PRBool
|
||||
ssl_SignatureSchemeAccepted(PRUint16 minVersion,
|
||||
- SSLSignatureScheme scheme)
|
||||
+ SSLSignatureScheme scheme,
|
||||
+ PRBool forCert)
|
||||
{
|
||||
/* Disable RSA-PSS schemes if there are no tokens to verify them. */
|
||||
if (ssl_IsRsaPssSignatureScheme(scheme)) {
|
||||
if (!PK11_TokenExists(auth_alg_defs[ssl_auth_rsa_pss])) {
|
||||
return PR_FALSE;
|
||||
}
|
||||
- } else if (ssl_IsRsaPkcs1SignatureScheme(scheme)) {
|
||||
- /* Disable PKCS#1 signatures if we are limited to TLS 1.3. */
|
||||
+ } else if (!forCert && ssl_IsRsaPkcs1SignatureScheme(scheme)) {
|
||||
+ /* Disable PKCS#1 signatures if we are limited to TLS 1.3.
|
||||
+ * We still need to advertise PKCS#1 signatures in CH and CR
|
||||
+ * for certificate signatures.
|
||||
+ */
|
||||
if (minVersion >= SSL_LIBRARY_VERSION_TLS_1_3) {
|
||||
return PR_FALSE;
|
||||
}
|
||||
@@ -851,7 +855,8 @@
|
||||
/* Ensure that there is a signature scheme that can be accepted.*/
|
||||
for (unsigned int i = 0; i < ss->ssl3.signatureSchemeCount; ++i) {
|
||||
if (ssl_SignatureSchemeAccepted(ss->vrange.min,
|
||||
- ss->ssl3.signatureSchemes[i])) {
|
||||
+ ss->ssl3.signatureSchemes[i],
|
||||
+ PR_FALSE /* forCert */)) {
|
||||
return SECSuccess;
|
||||
}
|
||||
}
|
||||
@@ -880,7 +885,7 @@
|
||||
PRBool acceptable = authType == schemeAuthType ||
|
||||
(schemeAuthType == ssl_auth_rsa_pss &&
|
||||
authType == ssl_auth_rsa_sign);
|
||||
- if (acceptable && ssl_SignatureSchemeAccepted(ss->version, scheme)) {
|
||||
+ if (acceptable && ssl_SignatureSchemeAccepted(ss->version, scheme, PR_FALSE /* forCert */)) {
|
||||
return PR_TRUE;
|
||||
}
|
||||
}
|
||||
@@ -9803,12 +9808,13 @@
|
||||
}
|
||||
|
||||
SECStatus
|
||||
-ssl3_EncodeSigAlgs(const sslSocket *ss, PRUint16 minVersion, sslBuffer *buf)
|
||||
+ssl3_EncodeSigAlgs(const sslSocket *ss, PRUint16 minVersion, PRBool forCert,
|
||||
+ sslBuffer *buf)
|
||||
{
|
||||
SSLSignatureScheme filtered[MAX_SIGNATURE_SCHEMES] = { 0 };
|
||||
unsigned int filteredCount = 0;
|
||||
|
||||
- SECStatus rv = ssl3_FilterSigAlgs(ss, minVersion, PR_FALSE,
|
||||
+ SECStatus rv = ssl3_FilterSigAlgs(ss, minVersion, PR_FALSE, forCert,
|
||||
PR_ARRAY_SIZE(filtered),
|
||||
filtered, &filteredCount);
|
||||
if (rv != SECSuccess) {
|
||||
@@ -9843,8 +9849,21 @@
|
||||
return sslBuffer_InsertLength(buf, lengthOffset, 2);
|
||||
}
|
||||
|
||||
+/*
|
||||
+ * In TLS 1.3 we are permitted to advertise support for PKCS#1
|
||||
+ * schemes. This doesn't affect the signatures in TLS itself, just
|
||||
+ * those on certificates. Not advertising PKCS#1 signatures creates a
|
||||
+ * serious compatibility risk as it excludes many certificate chains
|
||||
+ * that include PKCS#1. Hence, forCert is used to enable advertising
|
||||
+ * PKCS#1 support. Note that we include these in signature_algorithms
|
||||
+ * because we don't yet support signature_algorithms_cert. TLS 1.3
|
||||
+ * requires that PKCS#1 schemes are placed last in the list if they
|
||||
+ * are present. This sorting can be removed once we support
|
||||
+ * signature_algorithms_cert.
|
||||
+ */
|
||||
SECStatus
|
||||
ssl3_FilterSigAlgs(const sslSocket *ss, PRUint16 minVersion, PRBool disableRsae,
|
||||
+ PRBool forCert,
|
||||
unsigned int maxSchemes, SSLSignatureScheme *filteredSchemes,
|
||||
unsigned int *numFilteredSchemes)
|
||||
{
|
||||
@@ -9856,15 +9875,32 @@
|
||||
}
|
||||
|
||||
*numFilteredSchemes = 0;
|
||||
+ PRBool allowUnsortedPkcs1 = forCert && minVersion < SSL_LIBRARY_VERSION_TLS_1_3;
|
||||
for (unsigned int i = 0; i < ss->ssl3.signatureSchemeCount; ++i) {
|
||||
if (disableRsae && ssl_IsRsaeSignatureScheme(ss->ssl3.signatureSchemes[i])) {
|
||||
continue;
|
||||
}
|
||||
if (ssl_SignatureSchemeAccepted(minVersion,
|
||||
- ss->ssl3.signatureSchemes[i])) {
|
||||
+ ss->ssl3.signatureSchemes[i],
|
||||
+ allowUnsortedPkcs1)) {
|
||||
filteredSchemes[(*numFilteredSchemes)++] = ss->ssl3.signatureSchemes[i];
|
||||
}
|
||||
}
|
||||
+ if (forCert && !allowUnsortedPkcs1) {
|
||||
+ for (unsigned int i = 0; i < ss->ssl3.signatureSchemeCount; ++i) {
|
||||
+ if (disableRsae && ssl_IsRsaeSignatureScheme(ss->ssl3.signatureSchemes[i])) {
|
||||
+ continue;
|
||||
+ }
|
||||
+ if (!ssl_SignatureSchemeAccepted(minVersion,
|
||||
+ ss->ssl3.signatureSchemes[i],
|
||||
+ PR_FALSE) &&
|
||||
+ ssl_SignatureSchemeAccepted(minVersion,
|
||||
+ ss->ssl3.signatureSchemes[i],
|
||||
+ PR_TRUE)) {
|
||||
+ filteredSchemes[(*numFilteredSchemes)++] = ss->ssl3.signatureSchemes[i];
|
||||
+ }
|
||||
+ }
|
||||
+ }
|
||||
return SECSuccess;
|
||||
}
|
||||
|
||||
@@ -9901,7 +9937,7 @@
|
||||
|
||||
length = 1 + certTypesLength + 2 + calen;
|
||||
if (isTLS12) {
|
||||
- rv = ssl3_EncodeSigAlgs(ss, ss->version, &sigAlgsBuf);
|
||||
+ rv = ssl3_EncodeSigAlgs(ss, ss->version, PR_TRUE /* forCert */, &sigAlgsBuf);
|
||||
if (rv != SECSuccess) {
|
||||
return rv;
|
||||
}
|
||||
diff -r de661583d467 -r df1d2695e115 lib/ssl/ssl3exthandle.c
|
||||
--- a/lib/ssl/ssl3exthandle.c Thu Jul 09 22:45:27 2020 +0000
|
||||
+++ b/lib/ssl/ssl3exthandle.c Fri Jul 10 08:01:17 2020 +0200
|
||||
@@ -1652,7 +1652,7 @@
|
||||
minVersion = ss->vrange.min; /* ClientHello */
|
||||
}
|
||||
|
||||
- SECStatus rv = ssl3_EncodeSigAlgs(ss, minVersion, buf);
|
||||
+ SECStatus rv = ssl3_EncodeSigAlgs(ss, minVersion, PR_TRUE /* forCert */, buf);
|
||||
if (rv != SECSuccess) {
|
||||
return SECFailure;
|
||||
}
|
||||
diff -r de661583d467 -r df1d2695e115 lib/ssl/sslimpl.h
|
||||
--- a/lib/ssl/sslimpl.h Thu Jul 09 22:45:27 2020 +0000
|
||||
+++ b/lib/ssl/sslimpl.h Fri Jul 10 08:01:17 2020 +0200
|
||||
@@ -1688,12 +1688,12 @@
|
||||
SECStatus ssl3_AuthCertificate(sslSocket *ss);
|
||||
SECStatus ssl_ReadCertificateStatus(sslSocket *ss, PRUint8 *b,
|
||||
PRUint32 length);
|
||||
-SECStatus ssl3_EncodeSigAlgs(const sslSocket *ss, PRUint16 minVersion,
|
||||
+SECStatus ssl3_EncodeSigAlgs(const sslSocket *ss, PRUint16 minVersion, PRBool forCert,
|
||||
sslBuffer *buf);
|
||||
SECStatus ssl3_EncodeFilteredSigAlgs(const sslSocket *ss,
|
||||
const SSLSignatureScheme *schemes,
|
||||
PRUint32 numSchemes, sslBuffer *buf);
|
||||
-SECStatus ssl3_FilterSigAlgs(const sslSocket *ss, PRUint16 minVersion, PRBool disableRsae,
|
||||
+SECStatus ssl3_FilterSigAlgs(const sslSocket *ss, PRUint16 minVersion, PRBool disableRsae, PRBool forCert,
|
||||
unsigned int maxSchemes, SSLSignatureScheme *filteredSchemes,
|
||||
unsigned int *numFilteredSchemes);
|
||||
SECStatus ssl_GetCertificateRequestCAs(const sslSocket *ss,
|
||||
diff -r de661583d467 -r df1d2695e115 lib/ssl/tls13exthandle.c
|
||||
--- a/lib/ssl/tls13exthandle.c Thu Jul 09 22:45:27 2020 +0000
|
||||
+++ b/lib/ssl/tls13exthandle.c Fri Jul 10 08:01:17 2020 +0200
|
||||
@@ -1519,7 +1519,8 @@
|
||||
SSLSignatureScheme filtered[MAX_SIGNATURE_SCHEMES] = { 0 };
|
||||
unsigned int filteredCount = 0;
|
||||
SECStatus rv = ssl3_FilterSigAlgs(ss, ss->vrange.max,
|
||||
- PR_TRUE,
|
||||
+ PR_TRUE /* disableRsae */,
|
||||
+ PR_FALSE /* forCert */,
|
||||
MAX_SIGNATURE_SCHEMES,
|
||||
filtered,
|
||||
&filteredCount);
|
File diff suppressed because it is too large
Load Diff
63
SOURCES/secmod.db.xml
Normal file
63
SOURCES/secmod.db.xml
Normal file
@ -0,0 +1,63 @@
|
||||
<?xml version='1.0' encoding='utf-8'?>
|
||||
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
|
||||
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
|
||||
<!ENTITY date SYSTEM "date.xml">
|
||||
<!ENTITY version SYSTEM "version.xml">
|
||||
]>
|
||||
|
||||
<refentry id="secmod.db">
|
||||
|
||||
<refentryinfo>
|
||||
<date>&date;</date>
|
||||
<title>Network Security Services</title>
|
||||
<productname>nss</productname>
|
||||
<productnumber>&version;</productnumber>
|
||||
</refentryinfo>
|
||||
|
||||
<refmeta>
|
||||
<refentrytitle>secmod.db</refentrytitle>
|
||||
<manvolnum>5</manvolnum>
|
||||
</refmeta>
|
||||
|
||||
<refnamediv>
|
||||
<refname>secmod.db</refname>
|
||||
<refpurpose>Legacy NSS security modules database</refpurpose>
|
||||
</refnamediv>
|
||||
|
||||
<refsection id="description">
|
||||
<title>Description</title>
|
||||
<para><emphasis>secmod.db</emphasis> is an NSS security modules database.</para>
|
||||
<para>The security modules database is used to keep track of the NSS security modules. The NSS security modules export their services via the PKCS #11 API which NSS uses as its Services Provider Interface.
|
||||
</para>
|
||||
<para>The command line utility <emphasis>modutil</emphasis> is used for managing PKCS #11 module information both within secmod.db files and within hardware tokens.
|
||||
</para>
|
||||
<para>For new applications the recommended way of tracking security modules is via the pkcs11.txt configuration file used in conjunction the new sqlite-based shared database format for certificate and key databases.
|
||||
</para>
|
||||
</refsection>
|
||||
|
||||
<refsection>
|
||||
<title>Files</title>
|
||||
<para><filename>/etc/pki/nssdb/secmod.db</filename></para>
|
||||
</refsection>
|
||||
|
||||
<refsection>
|
||||
<title>See also</title>
|
||||
<para>modutil(1), cert8.db(5), cert9.db(5), key3.db(5), key4.db(5), pkcs11.txt(5)</para>
|
||||
</refsection>
|
||||
|
||||
<refsection id="authors">
|
||||
<title>Authors</title>
|
||||
<para>The nss libraries were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google.</para>
|
||||
<para>Authors: Elio Maldonado <emaldona@redhat.com>.</para>
|
||||
</refsection>
|
||||
|
||||
<!-- don't change -->
|
||||
<refsection id="license">
|
||||
<title>LICENSE</title>
|
||||
<para>Licensed under the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
||||
</para>
|
||||
|
||||
</refsection>
|
||||
|
||||
|
||||
</refentry>
|
106
SOURCES/setup-nsssysinit.xml
Normal file
106
SOURCES/setup-nsssysinit.xml
Normal file
@ -0,0 +1,106 @@
|
||||
<?xml version='1.0' encoding='utf-8'?>
|
||||
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
|
||||
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
|
||||
<!ENTITY date SYSTEM "date.xml">
|
||||
<!ENTITY version SYSTEM "version.xml">
|
||||
]>
|
||||
|
||||
<refentry id="setup-nsssysinit">
|
||||
|
||||
<refentryinfo>
|
||||
<date>&date;</date>
|
||||
<title>Network Security Services</title>
|
||||
<productname>nss</productname>
|
||||
<productnumber>&version;</productnumber>
|
||||
</refentryinfo>
|
||||
|
||||
<refmeta>
|
||||
<refentrytitle>setup-nsssysinit</refentrytitle>
|
||||
<manvolnum>1</manvolnum>
|
||||
</refmeta>
|
||||
|
||||
<refnamediv>
|
||||
<refname>setup-nsssysinit</refname>
|
||||
<refpurpose>Query or enable the nss-sysinit module</refpurpose>
|
||||
</refnamediv>
|
||||
|
||||
<refsynopsisdiv>
|
||||
<cmdsynopsis>
|
||||
<command>setup-nsssysinit</command>
|
||||
<arg><option>on</option></arg>
|
||||
<arg><option>off</option></arg>
|
||||
<arg><option>status</option></arg>
|
||||
</cmdsynopsis>
|
||||
</refsynopsisdiv>
|
||||
|
||||
<refsection id="description">
|
||||
<title>Description</title>
|
||||
<para><command>setup-nsssysinit</command> is a shell script to query the status of the nss-sysinit module and when run with root priviledge it can enable or disable it. </para>
|
||||
<para>Turns on or off the nss-sysinit module db by editing the global PKCS #11 configuration file. Displays the status. This script can be invoked by the user as super user. It is invoked at nss-sysinit post install time with argument on.
|
||||
</para>
|
||||
</refsection>
|
||||
|
||||
<refsection>
|
||||
<title>Options</title>
|
||||
|
||||
<variablelist>
|
||||
<varlistentry>
|
||||
<term><option>on</option></term>
|
||||
<listitem><simpara>Turn on nss-sysinit.</simpara></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><option>off</option></term>
|
||||
<listitem><simpara>Turn on nss-sysinit.</simpara></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><option>status</option></term>
|
||||
<listitem><simpara>returns whether nss-syinit is enabled or not.</simpara></listitem>
|
||||
</varlistentry>
|
||||
|
||||
</variablelist>
|
||||
</refsection>
|
||||
|
||||
<refsection>
|
||||
<title>Examples</title>
|
||||
|
||||
<para>The following example will query for the status of nss-sysinit:
|
||||
<programlisting>
|
||||
/usr/bin/setup-nsssysinit status
|
||||
</programlisting>
|
||||
</para>
|
||||
|
||||
<para>The following example, when run as superuser, will turn on nss-sysinit:
|
||||
<programlisting>
|
||||
/usr/bin/setup-nsssysinit on
|
||||
</programlisting>
|
||||
</para>
|
||||
|
||||
</refsection>
|
||||
|
||||
<refsection>
|
||||
<title>Files</title>
|
||||
<para><filename>/usr/bin/setup-nsssysinit</filename></para>
|
||||
</refsection>
|
||||
|
||||
<refsection>
|
||||
<title>See also</title>
|
||||
<para>pkg-config(1)</para>
|
||||
</refsection>
|
||||
|
||||
<refsection id="authors">
|
||||
<title>Authors</title>
|
||||
<para>The nss libraries were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google.</para>
|
||||
<para>Authors: Elio Maldonado <emaldona@redhat.com>.</para>
|
||||
</refsection>
|
||||
|
||||
<!-- don't change -->
|
||||
<refsection id="license">
|
||||
<title>LICENSE</title>
|
||||
<para>Licensed under the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
||||
</para>
|
||||
</refsection>
|
||||
|
||||
</refentry>
|
||||
|
140
SPECS/nss.spec
140
SPECS/nss.spec
@ -1,5 +1,6 @@
|
||||
%global nspr_build_version 4.25.0
|
||||
%global nspr_version 4.25.0
|
||||
%global nss_version 3.53.1
|
||||
%global nss_version 3.67.0
|
||||
%global unsupported_tools_directory %{_libdir}/nss/unsupported-tools
|
||||
%global saved_files_dir %{_libdir}/nss/saved
|
||||
%global dracutlibdir %{_prefix}/lib/dracut
|
||||
@ -46,7 +47,7 @@ rpm.define(string.format("nss_release_tag NSS_%s_RTM",
|
||||
Summary: Network Security Services
|
||||
Name: nss
|
||||
Version: %{nss_version}
|
||||
Release: 17%{?dist}
|
||||
Release: 7%{?dist}
|
||||
License: MPLv2.0
|
||||
URL: http://www.mozilla.org/projects/security/pki/nss/
|
||||
Requires: nspr >= %{nspr_version}
|
||||
@ -56,7 +57,7 @@ Requires: nss-softokn%{_isa} >= %{nss_version}
|
||||
Requires: nss-system-init
|
||||
Requires: p11-kit-trust
|
||||
Requires: /usr/bin/update-crypto-policies
|
||||
BuildRequires: nspr-devel >= %{nspr_version}
|
||||
BuildRequires: nspr-devel >= %{nspr_build_version}
|
||||
# for shlibsign
|
||||
BuildRequires: nss-softokn
|
||||
BuildRequires: sqlite-devel
|
||||
@ -92,7 +93,6 @@ Source25: key3.db.xml
|
||||
Source26: key4.db.xml
|
||||
Source27: secmod.db.xml
|
||||
Source28: nss-p11-kit.config
|
||||
Source29: nss-softokn-cavs-1.0.tar.gz
|
||||
Source30: PayPalEE.cert
|
||||
|
||||
# To inject hardening flags for DSO
|
||||
@ -114,60 +114,8 @@ Patch4: iquote.patch
|
||||
# To revert the change in:
|
||||
# https://bugzilla.mozilla.org/show_bug.cgi?id=818686
|
||||
Patch9: nss-sysinit-userdb.patch
|
||||
# Disable nss-sysinit test which is sorely to test the above change
|
||||
# Disable nss-sysinit test which is solely to test the above change
|
||||
Patch10: nss-skip-sysinit-gtests.patch
|
||||
# Local patch for TLS_ECDHE_{ECDSA|RSA}_WITH_3DES_EDE_CBC_SHA ciphers
|
||||
Patch58: rhbz1185708-enable-ecc-3des-ciphers-by-default.patch
|
||||
# This patch has a minor conflict with the upstream version:
|
||||
# off-by-one in sftk_ike1_appendix_b_prf is not fixed, gtests are not
|
||||
# upstreamed:
|
||||
Patch213: nss-3.44-missing-softokn-kdf.patch
|
||||
Patch219: nss-3.44-kbkdf-coverity.patch
|
||||
# To revert the upstream change that causes erroneous SHA-2
|
||||
# calculation with older gcc:
|
||||
# https://bugzilla.mozilla.org/show_bug.cgi?id=1613238
|
||||
Patch220: nss-sha2-ppc.patch
|
||||
# Local patch: disable MD5 (also MD2 and MD4) completely
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=1849938
|
||||
Patch221: nss-disable-md5.patch
|
||||
# Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=1646324
|
||||
Patch222: nss-rsa-pkcs1-sigalgs.patch
|
||||
# Local patch: https://bugzilla.redhat.com/show_bug.cgi?id=1843417
|
||||
Patch223: nss-3.53-strict-proto-fix.patch
|
||||
# Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=1648822
|
||||
Patch224: nss-3.53.1-diffie_hellman_checks.patch
|
||||
# no upsteam bug yet
|
||||
Patch225: nss-3.53-fix-private_key_mac.patch
|
||||
# Local patch: disable Delegated Credentials
|
||||
Patch226: nss-disable-dc.patch
|
||||
# Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=1648822
|
||||
Patch227: nss-3.53.1-remove-timing-tests.patch
|
||||
|
||||
Patch228: nss-3.53.1-cmac-kdf-selftests.patch
|
||||
Patch229: nss-3.53.1-measure-fix.patch
|
||||
Patch230: nss-3.53.1-no-small-primes.patch
|
||||
Patch231: nss-3.53.1-no-small-primes-tests.patch
|
||||
|
||||
#Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=1666891
|
||||
Patch232: nss-3.53.1-oaep-api.patch
|
||||
|
||||
#Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=1670835
|
||||
Patch233: nss-3.53.1-enable-disable-policy.patch
|
||||
# not everything in that patch is appropriate for rhel8 since it requires
|
||||
# changes to the policy generator to wind up with a working system
|
||||
Patch234: nss-3.53.1-revert_rhel8_unsafe_policy_change.patch
|
||||
|
||||
#Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=1636771
|
||||
# CVE-2020-12403
|
||||
Patch235: nss-3.53.1-chacha-len.patch
|
||||
Patch236: nss-3.53.1-chacha-multi.patch
|
||||
# CVE-2020-12400
|
||||
# CVE-2020-6829
|
||||
Patch237: nss-3.53.1-constant-time-p384.patch
|
||||
Patch238: nss-3.53.1-constant-time-p521.patch
|
||||
|
||||
# IKE fix
|
||||
Patch239: nss-3.53.1-ike-app-b-fix.patch
|
||||
|
||||
# For compatibility reasons, we stick with the old PKCS #11 2.40
|
||||
# definition of CK_GCM_PARAMS:
|
||||
@ -176,6 +124,42 @@ Patch239: nss-3.53.1-ike-app-b-fix.patch
|
||||
Patch20: nss-gcm-param-default-pkcs11v2.patch
|
||||
%endif
|
||||
%endif
|
||||
# Local patch: disable MD5 (also MD2 and MD4) completely
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=1849938
|
||||
Patch25: nss-disable-md5.patch
|
||||
# Local patch for TLS_ECDHE_{ECDSA|RSA}_WITH_3DES_EDE_CBC_SHA ciphers
|
||||
Patch30: rhbz1185708-enable-ecc-3des-ciphers-by-default.patch
|
||||
# Local patch: disable Delegated Credentials
|
||||
Patch35: nss-disable-dc.patch
|
||||
# Local patch: ignore rsa, rsa-pss, ecdsa policies until crypto-policies
|
||||
# is updated.
|
||||
Patch40: nss-3.66-disable-signature-policies.patch
|
||||
# Local patch: disable tests that require external reference so brew completes
|
||||
Patch45: nss-3.66-disable-external-host-test.patch
|
||||
# Local patch: restore old pkcs 12 defaults on old version of rhel
|
||||
Patch50: nss-3.66-restore-old-pkcs12-default.patch
|
||||
|
||||
# Patches that should be upstreamed, and (hopefully) will disappear next
|
||||
# rebase
|
||||
# Need upstream bug
|
||||
Patch219: nss-3.44-kbkdf-coverity.patch
|
||||
# no upsteam bug yet
|
||||
Patch225: nss-3.67-fix-private-key-mac.patch
|
||||
# no upstream bug yet
|
||||
Patch229: nss-3.53.1-measure-fix.patch
|
||||
# no upstream bug yet
|
||||
Patch230: nss-3.66-no-small-primes.patch
|
||||
# no upstream bug yet
|
||||
Patch232: nss-3.66-fix-gtest-parsing.patch
|
||||
# no upstream bug yet
|
||||
Patch233: nss-3.67-fix-coverity-issues.patch
|
||||
# no upstream bug yet
|
||||
Patch234: nss-3.67-fix-sdb-timeout.patch
|
||||
# no upstream bug yet
|
||||
Patch235: nss-3.67-fix-ssl-alerts.patch
|
||||
Patch300: nss-3.67-cve-2021-43527.patch
|
||||
Patch301: nss-3.67-cve-2021-43527-test.patch
|
||||
|
||||
|
||||
|
||||
%description
|
||||
@ -297,15 +281,14 @@ Requires: nss-softokn-freebl-devel%{?_isa} = %{version}-%{release}
|
||||
Requires: nspr-devel >= %{nspr_version}
|
||||
Requires: nss-util-devel >= %{version}-%{release}
|
||||
Requires: pkgconfig
|
||||
BuildRequires: nspr-devel >= %{nspr_version}
|
||||
BuildRequires: nspr-devel >= %{nspr_build_version}
|
||||
|
||||
%description softokn-devel
|
||||
Header and library files for doing development with Network Security Services.
|
||||
|
||||
|
||||
%prep
|
||||
#autosetup -N -S quilt -n %{name}-%{nss_archive_version}
|
||||
%autosetup -N -n %{name}-%{nss_archive_version} -a 29
|
||||
%autosetup -N -n %{name}-%{nss_archive_version}
|
||||
pushd nss
|
||||
%autopatch -p1
|
||||
popd
|
||||
@ -546,7 +529,7 @@ pushd nss/tests
|
||||
# don't need to run all the tests when testing packaging
|
||||
export NSS_DEFAULT_DB_TYPE=dbm #in RHEL 8, the default db is sql, but we want
|
||||
# standard to test dbm, or upgradedb will fail
|
||||
%define nss_cycles "standard pkix upgradedb sharedb"
|
||||
%define nss_cycles "standard pkix upgradedb sharedb threadunsafe"
|
||||
# the full list from all.sh is:
|
||||
# "cipher lowhash libpkix cert dbtests tools fips sdr crmf smime ssl ocsp merge pkits chains ec gtests ssl_gtests"
|
||||
%define nss_tests "libpkix cert dbtests tools fips sdr crmf smime ssl ocsp merge pkits chains ec gtests ssl_gtests"
|
||||
@ -804,6 +787,7 @@ update-crypto-policies --no-reload &> /dev/null || :
|
||||
%{_includedir}/nss3/p12plcy.h
|
||||
%{_includedir}/nss3/p12t.h
|
||||
%{_includedir}/nss3/pk11func.h
|
||||
%{_includedir}/nss3/pk11hpke.h
|
||||
%{_includedir}/nss3/pk11pqg.h
|
||||
%{_includedir}/nss3/pk11priv.h
|
||||
%{_includedir}/nss3/pk11pub.h
|
||||
@ -948,6 +932,40 @@ update-crypto-policies --no-reload &> /dev/null || :
|
||||
|
||||
|
||||
%changelog
|
||||
* Thu Nov 18 2021 Bob Relyea <rrelyea@redhat.com> - 3.67.0-7
|
||||
- Fix CVE 2021 43527
|
||||
|
||||
* Tue Jul 6 2021 Bob Relyea <rrelyea@redhat.com> - 3.67.0-6
|
||||
- Fix ssl alert issue
|
||||
|
||||
* Thu Jul 1 2021 Bob Relyea <rrelyea@redhat.com> - 3.67.0-5
|
||||
- Fix issue with reading databases that were updated using
|
||||
unpatched versions of nss
|
||||
|
||||
* Tue Jun 29 2021 Bob Relyea <rrelyea@redhat.com> - 3.67.0-4
|
||||
- Better fix for the sdb timeout. The issue wasn't a race, it was
|
||||
the sqlite timeout waiting to begin a transaction under heavy
|
||||
thread usage.
|
||||
|
||||
* Mon Jun 28 2021 Bob Relyea <rrelyea@redhat.com> - 3.67.0-3
|
||||
- Fix sdb race condition
|
||||
|
||||
* Fri Jun 18 2021 Bob Relyea <rrelyea@redhat.com> - 3.67.0-2
|
||||
- Fix coverity issues
|
||||
|
||||
* Thu Jun 17 2021 Bob Relyea <rrelyea@redhat.com> - 3.67.0-1
|
||||
- Rebase to NSS 3.67
|
||||
|
||||
* Tue Jun 15 2021 Bob Relyea <rrelyea@redhat.com> - 3.66.0-2
|
||||
- Restore old pkcs12 defaults.
|
||||
|
||||
* Mon Jun 14 2021 Bob Relyea <rrelyea@redhat.com> - 3.66.0-1.1
|
||||
- build nss for older nspr so we can pass gating with
|
||||
the new nspr in the build root
|
||||
|
||||
* Wed Jun 2 2021 Bob Relyea <rrelyea@redhat.com> - 3.66.0-1
|
||||
- Rebase to NSS 3.66
|
||||
|
||||
* Thu Dec 3 2020 Bob Relyea <rrelyea@redhat.com> - 3.53.1-17
|
||||
- Fix various corner cases with ike v1 app b support.
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user