rpms/nss
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Compare commits

base: rpms:c9-beta
Branches Tags
rpms:c8
rpms:c8s
rpms:c9s
rpms:c10s
rpms:c9
rpms:c10
rpms:c9-beta
rpms:c8-beta
rpms:imports/c10s/nss-3.112.0-8.el10
rpms:imports/c10s/nss-3.112.0-7.el10
rpms:imports/c10s/nss-3.112.0-6.el10
rpms:imports/c10s/nss-3.112.0-5.el10
rpms:imports/c8/nss-3.112.0-4.el8_10
rpms:imports/c9/nss-3.112.0-4.el9_4
rpms:imports/c10/nss-3.112.0-4.el10_0
rpms:imports/c10s/nss-3.112.0-4.el10
rpms:imports/c10s/nss-3.112.0-3.el10
rpms:imports/c10s/nss-3.112.0-2.el10
rpms:imports/c10s/nss-3.112.0-1.el10
rpms:imports/c10/nss-3.101.0-13.el10_0
rpms:imports/c10s/nss-3.101.0-14.el10
rpms:imports/c8/nss-3.101.0-11.el8_8
rpms:imports/c9/nss-3.101.0-10.el9_2
rpms:imports/c10s/nss-3.101.0-13.el10
rpms:imports/c10s/nss-3.101.0-12.el10
rpms:imports/c10s/nss-3.101.0-10.el10
rpms:imports/c10s/nss-3.101.0-9.el10
rpms:imports/c10s/nss-3.101.0-8.el10
rpms:imports/c10s/nss-3.101.0-7.el10
rpms:imports/c9/nss-3.101.0-7.el9_2
rpms:imports/c8/nss-3.101.0-7.el8_8
rpms:imports/c10s/nss-3.101.0-6.el10
rpms:imports/c10s/nss-3.101.0-5.el10
rpms:imports/c8/nss-3.90.0-7.el8_10
rpms:imports/c9/nss-3.90.0-7.el9_4
rpms:imports/c9/nss-3.90.0-7.el9_3
rpms:imports/c9/nss-3.90.0-6.el9_3
rpms:imports/c8/nss-3.90.0-6.el8_9
rpms:imports/c8/nss-3.90.0-4.el8_9
rpms:imports/c9/nss-3.90.0-4.el9_3
rpms:imports/c8/nss-3.90.0-3.el8_8
rpms:imports/c9/nss-3.90.0-3.el9_2
rpms:imports/c9/nss-3.79.0-18.el9_1
rpms:imports/c9-beta/nss-3.79.0-14.el9_0
rpms:imports/c9/nss-3.79.0-17.el9_1
rpms:imports/c8/nss-3.79.0-11.el8_7
rpms:imports/c9-beta/nss-3.79.0-13.el9_0
rpms:imports/c8-beta/nss-3.79.0-10.el8_6
rpms:imports/c9/nss-3.79.0-14.el9_0
rpms:imports/c8/nss-3.79.0-10.el8_6
rpms:imports/c8s/nss-3.79.0-10.el8_6
rpms:imports/c8s/nss-3.79.0-9.el8_6
rpms:imports/c8s/nss-3.79.0-8.el8_6
rpms:imports/c8s/nss-3.79.0-7.el8_6
rpms:imports/c8s/nss-3.79.0-5.el8_6
rpms:imports/c8s/nss-3.79.0-4.el8_6
rpms:imports/c9/nss-3.71.0-7.el9
rpms:imports/c8-beta/nss-3.67.0-7.el8_5
rpms:imports/c9-beta/nss-3.71.0-7.el9
rpms:imports/c9-beta/nss-3.71.0-3.el9
rpms:imports/c9-beta/nss-3.71.0-2.el9
rpms:imports/c9-beta/nss-3.67.0-13.el9
rpms:imports/c8/nss-3.67.0-7.el8_5
rpms:imports/c8s/nss-3.67.0-7.el8_5
rpms:imports/c8-beta/nss-3.53.1-17.el8_3
rpms:imports/c8-beta/nss-3.44.0-15.el8
rpms:imports/c8-beta/nss-3.44.0-14.el8
rpms:imports/c8-beta/nss-3.41.0-5.el8
rpms:imports/c8s/nss-3.67.0-6.el8_4
rpms:imports/c8s/nss-3.67.0-4.el8_4
rpms:imports/c8s/nss-3.67.0-2.el8_4
rpms:imports/c8s/nss-3.66.0-2.el8_4
rpms:imports/c8s/nss-3.53.1-17.el8_3
rpms:imports/c8/nss-3.67.0-6.el8_4
rpms:imports/c8/nss-3.53.1-17.el8_3
rpms:imports/c8/nss-3.53.1-11.el8_2
rpms:imports/c8/nss-3.44.0-15.el8
rpms:imports/c8/nss-3.44.0-9.el8_1
rpms:imports/c8/nss-3.44.0-8.el8
..
compare: rpms:c8
Branches Tags
rpms:c8s
rpms:c9s
rpms:c10s
rpms:c8
rpms:c9
rpms:c10
rpms:c9-beta
rpms:c8-beta
rpms:imports/c10s/nss-3.112.0-8.el10
rpms:imports/c10s/nss-3.112.0-7.el10
rpms:imports/c10s/nss-3.112.0-6.el10
rpms:imports/c10s/nss-3.112.0-5.el10
rpms:imports/c8/nss-3.112.0-4.el8_10
rpms:imports/c9/nss-3.112.0-4.el9_4
rpms:imports/c10/nss-3.112.0-4.el10_0
rpms:imports/c10s/nss-3.112.0-4.el10
rpms:imports/c10s/nss-3.112.0-3.el10
rpms:imports/c10s/nss-3.112.0-2.el10
rpms:imports/c10s/nss-3.112.0-1.el10
rpms:imports/c10/nss-3.101.0-13.el10_0
rpms:imports/c10s/nss-3.101.0-14.el10
rpms:imports/c8/nss-3.101.0-11.el8_8
rpms:imports/c9/nss-3.101.0-10.el9_2
rpms:imports/c10s/nss-3.101.0-13.el10
rpms:imports/c10s/nss-3.101.0-12.el10
rpms:imports/c10s/nss-3.101.0-10.el10
rpms:imports/c10s/nss-3.101.0-9.el10
rpms:imports/c10s/nss-3.101.0-8.el10
rpms:imports/c10s/nss-3.101.0-7.el10
rpms:imports/c9/nss-3.101.0-7.el9_2
rpms:imports/c8/nss-3.101.0-7.el8_8
rpms:imports/c10s/nss-3.101.0-6.el10
rpms:imports/c10s/nss-3.101.0-5.el10
rpms:imports/c8/nss-3.90.0-7.el8_10
rpms:imports/c9/nss-3.90.0-7.el9_4
rpms:imports/c9/nss-3.90.0-7.el9_3
rpms:imports/c9/nss-3.90.0-6.el9_3
rpms:imports/c8/nss-3.90.0-6.el8_9
rpms:imports/c8/nss-3.90.0-4.el8_9
rpms:imports/c9/nss-3.90.0-4.el9_3
rpms:imports/c8/nss-3.90.0-3.el8_8
rpms:imports/c9/nss-3.90.0-3.el9_2
rpms:imports/c9/nss-3.79.0-18.el9_1
rpms:imports/c9-beta/nss-3.79.0-14.el9_0
rpms:imports/c9/nss-3.79.0-17.el9_1
rpms:imports/c8/nss-3.79.0-11.el8_7
rpms:imports/c9-beta/nss-3.79.0-13.el9_0
rpms:imports/c8-beta/nss-3.79.0-10.el8_6
rpms:imports/c9/nss-3.79.0-14.el9_0
rpms:imports/c8/nss-3.79.0-10.el8_6
rpms:imports/c8s/nss-3.79.0-10.el8_6
rpms:imports/c8s/nss-3.79.0-9.el8_6
rpms:imports/c8s/nss-3.79.0-8.el8_6
rpms:imports/c8s/nss-3.79.0-7.el8_6
rpms:imports/c8s/nss-3.79.0-5.el8_6
rpms:imports/c8s/nss-3.79.0-4.el8_6
rpms:imports/c9/nss-3.71.0-7.el9
rpms:imports/c8-beta/nss-3.67.0-7.el8_5
rpms:imports/c9-beta/nss-3.71.0-7.el9
rpms:imports/c9-beta/nss-3.71.0-3.el9
rpms:imports/c9-beta/nss-3.71.0-2.el9
rpms:imports/c9-beta/nss-3.67.0-13.el9
rpms:imports/c8/nss-3.67.0-7.el8_5
rpms:imports/c8s/nss-3.67.0-7.el8_5
rpms:imports/c8-beta/nss-3.53.1-17.el8_3
rpms:imports/c8-beta/nss-3.44.0-15.el8
rpms:imports/c8-beta/nss-3.44.0-14.el8
rpms:imports/c8-beta/nss-3.41.0-5.el8
rpms:imports/c8s/nss-3.67.0-6.el8_4
rpms:imports/c8s/nss-3.67.0-4.el8_4
rpms:imports/c8s/nss-3.67.0-2.el8_4
rpms:imports/c8s/nss-3.66.0-2.el8_4
rpms:imports/c8s/nss-3.53.1-17.el8_3
rpms:imports/c8/nss-3.67.0-6.el8_4
rpms:imports/c8/nss-3.53.1-17.el8_3
rpms:imports/c8/nss-3.53.1-11.el8_2
rpms:imports/c8/nss-3.44.0-15.el8
rpms:imports/c8/nss-3.44.0-9.el8_1
rpms:imports/c8/nss-3.44.0-8.el8

No commits in common. "c9-beta" and "c8" have entirely different histories.
c9-beta ... c8

55 changed files with 127870 additions and 7226 deletions
Show Stats Expand all files Collapse all files

7
.gitignore vendored
View File

@ -1,4 +1,7 @@
SOURCES/blank-cert8.db
SOURCES/blank-cert9.db SOURCES/blank-cert9.db
SOURCES/blank-key3.db
SOURCES/blank-key4.db SOURCES/blank-key4.db
SOURCES/nspr-4.34.tar.gz SOURCES/blank-secmod.db
SOURCES/nss-3.79.tar.gz SOURCES/nss-3.112.tar.gz
SOURCES/nss_compat_test_pkcs12.tar

7
.nss.metadata
View File

@ -1,4 +1,7 @@
d272a7b58364862613d44261c5744f7a336bf177 SOURCES/blank-cert8.db
b5570125fbf6bfb410705706af48217a0817c03a SOURCES/blank-cert9.db b5570125fbf6bfb410705706af48217a0817c03a SOURCES/blank-cert9.db
7f78b5bcecdb5005e7b803604b2ec9d1a9df2fb5 SOURCES/blank-key3.db
f9c9568442386da370193474de1b25c3f68cdaf6 SOURCES/blank-key4.db f9c9568442386da370193474de1b25c3f68cdaf6 SOURCES/blank-key4.db
efea1385dc83c55018183257036206b5f2c77c59 SOURCES/nspr-4.34.tar.gz bd748cf6e1465a1bbe6e751b72ffc0076aff0b50 SOURCES/blank-secmod.db
3719dd97c8ec9cb04aa61e6aca41b129b4adc004 SOURCES/nss-3.79.tar.gz b39d802c6469170df86317c81cb4f61238405ab4 SOURCES/nss-3.112.tar.gz
ba1cfaa454a2096cd9d8faaa132f3523fd7aa258 SOURCES/nss_compat_test_pkcs12.tar

59
SOURCES/cert8.db.xml Normal file
View File

@ -0,0 +1,59 @@
<?xml version='1.0' encoding='utf-8'?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
<!ENTITY date SYSTEM "date.xml">
<!ENTITY version SYSTEM "version.xml">
]>
<refentry id="cert8.db">
<refentryinfo>
<date>&date;</date>
<title>Network Security Services</title>
<productname>nss</productname>
<productnumber>&version;</productnumber>
</refentryinfo>
<refmeta>
<refentrytitle>cert8.db</refentrytitle>
<manvolnum>5</manvolnum>
</refmeta>
<refnamediv>
<refname>cert8.db</refname>
<refpurpose>Legacy NSS certificate database</refpurpose>
</refnamediv>
<refsection id="description">
<title>Description</title>
<para><emphasis>cert8.db</emphasis> is an NSS certificate database.</para>
<para>This certificate database is in the legacy database format. Consider migrating to cert9.db and key4.db which are the new sqlite-based shared database format with support for concurrent access.
</para>
</refsection>
<refsection>
<title>Files</title>
<para><filename>/etc/pki/nssdb/cert8.db</filename></para>
</refsection>
<refsection>
<title>See also</title>
<para>cert9.db(5), key4.db(5), pkcs11.txt(5), </para>
</refsection>
<refsection id="authors">
<title>Authors</title>
<para>The nss libraries were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google.</para>
<para>Authors: Elio Maldonado &lt;emaldona@redhat.com>.</para>
</refsection>
<!-- don't change -->
<refsection id="license">
<title>LICENSE</title>
<para>Licensed under the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/.
</para>
</refsection>
</refentry>

146
SOURCES/fips_algorithms.h
View File

@ -13,15 +13,35 @@ typedef enum {
SFTKFIPSNone = 0, SFTKFIPSNone = 0,
SFTKFIPSDH, /* allow only specific primes */ SFTKFIPSDH, /* allow only specific primes */
SFTKFIPSECC, /* not just keys but specific curves */ SFTKFIPSECC, /* not just keys but specific curves */
SFTKFIPSAEAD /* single shot AEAD functions not allowed in FIPS mode */ SFTKFIPSAEAD, /* single shot AEAD functions not allowed in FIPS mode */
SFTKFIPSRSAPSS, /* make sure salt isn't too big */
SFTKFIPSPBKDF2, /* handle pbkdf2 FIPS restrictions */
SFTKFIPSTlsKeyCheck, /* check the output of TLS prf functions */
SFTKFIPSChkHash, /* make sure the base hash of KDF functions is FIPS */
SFTKFIPSChkHashTls, /* make sure the base hash of TLS KDF functions is FIPS */
SFTKFIPSChkHashSp800, /* make sure the base hash of SP-800-108 KDF functions is FIPS */
SFTKFIPSRSAOAEP, /* make sure that both hashes use the same FIPS compliant algorithm */
#ifndef NSS_DISABLE_KYBER
SFKFIPSMLKEM, /* make sure the keys are only mlkem and not kyber */
#endif
} SFTKFIPSSpecialClass; } SFTKFIPSSpecialClass;
#ifdef NSS_DISABLE_KYBER
/* if kyber is disable, we don't need to check that we are using
* a kyber key in the ML_KEM code */
#define SFTKFIPSMLKEM SFTKFIPSNone
#endif
/* set according to your security policy */
#define SFTKFIPS_PBKDF2_MIN_PW_LEN 8
typedef struct SFTKFIPSAlgorithmListStr SFTKFIPSAlgorithmList; typedef struct SFTKFIPSAlgorithmListStr SFTKFIPSAlgorithmList;
struct SFTKFIPSAlgorithmListStr { struct SFTKFIPSAlgorithmListStr {
CK_MECHANISM_TYPE type; CK_MECHANISM_TYPE type;
CK_MECHANISM_INFO info; CK_MECHANISM_INFO info;
CK_ULONG step; CK_ULONG step;
SFTKFIPSSpecialClass special; SFTKFIPSSpecialClass special;
size_t offset;
}; };
SFTKFIPSAlgorithmList sftk_fips_mechs[] = { SFTKFIPSAlgorithmList sftk_fips_mechs[] = {
@ -45,12 +65,18 @@ SFTKFIPSAlgorithmList sftk_fips_mechs[] = {
#define CKF_KPG CKF_GENERATE_KEY_PAIR #define CKF_KPG CKF_GENERATE_KEY_PAIR
#define CKF_GEN CKF_GENERATE #define CKF_GEN CKF_GENERATE
#define CKF_SGN (CKF_SIGN | CKF_VERIFY) #define CKF_SGN (CKF_SIGN | CKF_VERIFY)
#define CKF_ENC (CKF_ENCRYPT | CKF_DECRYPT | CKF_WRAP | CKF_UNWRAP) #define CKF_ENC (CKF_ENCRYPT | CKF_DECRYPT )
#define CKF_ECW (CKF_ENCRYPT | CKF_DECRYPT | CKF_WRAP | CKF_UNWRAP)
#define CKF_WRP (CKF_WRAP | CKF_UNWRAP)
#define CKF_KEK (CKF_WRAP | CKF_UNWRAP) #define CKF_KEK (CKF_WRAP | CKF_UNWRAP)
#define CKF_KEA CKF_DERIVE #define CKF_KEA CKF_DERIVE
#define CKF_KDF CKF_DERIVE #define CKF_KDF CKF_DERIVE
#define CKF_HSH CKF_DIGEST #define CKF_HSH CKF_DIGEST
#define CK_MAX 0xffffffffUL #define CK_MAX 0xffffffffUL
#define CK_ALL_KEY 1, CK_MAX /* key limits are handled by special ops or the
* implementation itself */
#define CK_ALL_STEP 1
/* mechanisms using the same key types share the same key type /* mechanisms using the same key types share the same key type
* limits */ * limits */
#define RSA_FB_KEY 2048, 4096 /* min, max */ #define RSA_FB_KEY 2048, 4096 /* min, max */
@ -67,40 +93,34 @@ SFTKFIPSAlgorithmList sftk_fips_mechs[] = {
#define AES_FB_KEY 128, 256 #define AES_FB_KEY 128, 256
#define AES_FB_STEP 64 #define AES_FB_STEP 64
{ CKM_RSA_PKCS_KEY_PAIR_GEN, { RSA_FB_KEY, CKF_KPG }, RSA_FB_STEP, SFTKFIPSNone }, { CKM_RSA_PKCS_KEY_PAIR_GEN, { RSA_FB_KEY, CKF_KPG }, RSA_FB_STEP, SFTKFIPSNone },
{ CKM_RSA_PKCS_OAEP, { RSA_FB_KEY, CKF_ENC }, RSA_FB_STEP, SFTKFIPSRSAOAEP },
/* -------------- RSA Multipart Signing Operations -------------------- */ /* -------------- RSA Multipart Signing Operations -------------------- */
{ CKM_SHA224_RSA_PKCS, { RSA_FB_KEY, CKF_SGN }, RSA_FB_STEP, SFTKFIPSNone }, { CKM_SHA224_RSA_PKCS, { RSA_FB_KEY, CKF_SGN }, RSA_FB_STEP, SFTKFIPSNone },
{ CKM_SHA256_RSA_PKCS, { RSA_FB_KEY, CKF_SGN }, RSA_FB_STEP, SFTKFIPSNone }, { CKM_SHA256_RSA_PKCS, { RSA_FB_KEY, CKF_SGN }, RSA_FB_STEP, SFTKFIPSNone },
{ CKM_SHA384_RSA_PKCS, { RSA_FB_KEY, CKF_SGN }, RSA_FB_STEP, SFTKFIPSNone }, { CKM_SHA384_RSA_PKCS, { RSA_FB_KEY, CKF_SGN }, RSA_FB_STEP, SFTKFIPSNone },
{ CKM_SHA512_RSA_PKCS, { RSA_FB_KEY, CKF_SGN }, RSA_FB_STEP, SFTKFIPSNone }, { CKM_SHA512_RSA_PKCS, { RSA_FB_KEY, CKF_SGN }, RSA_FB_STEP, SFTKFIPSNone },
{ CKM_SHA224_RSA_PKCS, { RSA_LEGACY_FB_KEY, CKF_VERIFY }, RSA_LEGACY_FB_STEP, SFTKFIPSNone }, { CKM_SHA224_RSA_PKCS_PSS, { RSA_FB_KEY, CKF_SGN }, RSA_FB_STEP, SFTKFIPSRSAPSS },
{ CKM_SHA256_RSA_PKCS, { RSA_LEGACY_FB_KEY, CKF_VERIFY }, RSA_LEGACY_FB_STEP, SFTKFIPSNone }, { CKM_SHA256_RSA_PKCS_PSS, { RSA_FB_KEY, CKF_SGN }, RSA_FB_STEP, SFTKFIPSRSAPSS },
{ CKM_SHA384_RSA_PKCS, { RSA_LEGACY_FB_KEY, CKF_VERIFY }, RSA_LEGACY_FB_STEP, SFTKFIPSNone }, { CKM_SHA384_RSA_PKCS_PSS, { RSA_FB_KEY, CKF_SGN }, RSA_FB_STEP, SFTKFIPSRSAPSS },
{ CKM_SHA512_RSA_PKCS, { RSA_LEGACY_FB_KEY, CKF_VERIFY }, RSA_LEGACY_FB_STEP, SFTKFIPSNone }, { CKM_SHA512_RSA_PKCS_PSS, { RSA_FB_KEY, CKF_SGN }, RSA_FB_STEP, SFTKFIPSRSAPSS },
{ CKM_SHA224_RSA_PKCS_PSS, { RSA_LEGACY_FB_KEY, CKF_VERIFY }, RSA_LEGACY_FB_STEP, SFTKFIPSNone },
{ CKM_SHA256_RSA_PKCS_PSS, { RSA_LEGACY_FB_KEY, CKF_VERIFY }, RSA_LEGACY_FB_STEP, SFTKFIPSNone },
{ CKM_SHA384_RSA_PKCS_PSS, { RSA_LEGACY_FB_KEY, CKF_VERIFY }, RSA_LEGACY_FB_STEP, SFTKFIPSNone },
{ CKM_SHA512_RSA_PKCS_PSS, { RSA_LEGACY_FB_KEY, CKF_VERIFY }, RSA_LEGACY_FB_STEP, SFTKFIPSNone },
{ CKM_SHA224_RSA_PKCS_PSS, { RSA_FB_KEY, CKF_SGN }, RSA_FB_STEP, SFTKFIPSNone },
{ CKM_SHA256_RSA_PKCS_PSS, { RSA_FB_KEY, CKF_SGN }, RSA_FB_STEP, SFTKFIPSNone },
{ CKM_SHA384_RSA_PKCS_PSS, { RSA_FB_KEY, CKF_SGN }, RSA_FB_STEP, SFTKFIPSNone },
{ CKM_SHA512_RSA_PKCS_PSS, { RSA_FB_KEY, CKF_SGN }, RSA_FB_STEP, SFTKFIPSNone },
/* ------------------------- DSA Operations --------------------------- */
{ CKM_DSA_SHA224, { DSA_FB_KEY, CKF_VERIFY }, DSA_FB_STEP, SFTKFIPSNone },
{ CKM_DSA_SHA256, { DSA_FB_KEY, CKF_VERIFY }, DSA_FB_STEP, SFTKFIPSNone },
{ CKM_DSA_SHA384, { DSA_FB_KEY, CKF_VERIFY }, DSA_FB_STEP, SFTKFIPSNone },
{ CKM_DSA_SHA512, { DSA_FB_KEY, CKF_VERIFY }, DSA_FB_STEP, SFTKFIPSNone },
/* -------------------- Diffie Hellman Operations --------------------- */ /* -------------------- Diffie Hellman Operations --------------------- */
/* no diffie hellman yet */
{ CKM_DH_PKCS_KEY_PAIR_GEN, { DH_FB_KEY, CKF_KPG }, DH_FB_STEP, SFTKFIPSDH }, { CKM_DH_PKCS_KEY_PAIR_GEN, { DH_FB_KEY, CKF_KPG }, DH_FB_STEP, SFTKFIPSDH },
{ CKM_DH_PKCS_DERIVE, { DH_FB_KEY, CKF_KEA }, DH_FB_STEP, SFTKFIPSDH }, { CKM_DH_PKCS_DERIVE, { DH_FB_KEY, CKF_KEA }, DH_FB_STEP, SFTKFIPSDH },
/* -------------------- Elliptic Curve Operations --------------------- */ /* -------------------- Elliptic Curve Operations --------------------- */
{ CKM_EC_KEY_PAIR_GEN, { EC_FB_KEY, CKF_KPG }, EC_FB_STEP, SFTKFIPSECC }, { CKM_EC_KEY_PAIR_GEN, { EC_FB_KEY, CKF_KPG }, EC_FB_STEP, SFTKFIPSECC },
{ CKM_ECDH1_DERIVE, { EC_FB_KEY, CKF_KEA }, EC_FB_STEP, SFTKFIPSECC }, { CKM_ECDH1_DERIVE, { EC_FB_KEY, CKF_KEA }, EC_FB_STEP, SFTKFIPSECC },
{ CKM_ECDH1_COFACTOR_DERIVE, { EC_FB_KEY, CKF_KEA }, EC_FB_STEP, SFTKFIPSECC },
{ CKM_ECDSA_SHA224, { EC_FB_KEY, CKF_SGN }, EC_FB_STEP, SFTKFIPSECC }, { CKM_ECDSA_SHA224, { EC_FB_KEY, CKF_SGN }, EC_FB_STEP, SFTKFIPSECC },
{ CKM_ECDSA_SHA256, { EC_FB_KEY, CKF_SGN }, EC_FB_STEP, SFTKFIPSECC }, { CKM_ECDSA_SHA256, { EC_FB_KEY, CKF_SGN }, EC_FB_STEP, SFTKFIPSECC },
{ CKM_ECDSA_SHA384, { EC_FB_KEY, CKF_SGN }, EC_FB_STEP, SFTKFIPSECC }, { CKM_ECDSA_SHA384, { EC_FB_KEY, CKF_SGN }, EC_FB_STEP, SFTKFIPSECC },
{ CKM_ECDSA_SHA512, { EC_FB_KEY, CKF_SGN }, EC_FB_STEP, SFTKFIPSECC }, { CKM_ECDSA_SHA512, { EC_FB_KEY, CKF_SGN }, EC_FB_STEP, SFTKFIPSECC },
/* only allowed keys are implented for ML_DSA */
{ CKM_ML_DSA_KEY_PAIR_GEN, { CK_ALL_KEY, CKF_SGN }, CK_ALL_STEP, SFTKFIPSNone },
{ CKM_ML_DSA, { CK_ALL_KEY, CKF_SGN }, CK_ALL_STEP, SFTKFIPSNone },
/* only allowed keys are implented for ML_KEM */
{ CKM_ML_KEM_KEY_PAIR_GEN, { CK_ALL_KEY, CKF_SGN }, CK_ALL_STEP, SFTKFIPSMLKEM },
{ CKM_ML_KEM, { CK_ALL_KEY, CKF_SGN }, CK_ALL_STEP, SFTKFIPSMLKEM },
/* ------------------------- RC2 Operations --------------------------- */ /* ------------------------- RC2 Operations --------------------------- */
/* ------------------------- AES Operations --------------------------- */ /* ------------------------- AES Operations --------------------------- */
{ CKM_AES_KEY_GEN, { AES_FB_KEY, CKF_GEN }, AES_FB_STEP, SFTKFIPSNone }, { CKM_AES_KEY_GEN, { AES_FB_KEY, CKF_GEN }, AES_FB_STEP, SFTKFIPSNone },
@ -111,10 +131,10 @@ SFTKFIPSAlgorithmList sftk_fips_mechs[] = {
{ CKM_AES_CBC_PAD, { AES_FB_KEY, CKF_ENC }, AES_FB_STEP, SFTKFIPSNone }, { CKM_AES_CBC_PAD, { AES_FB_KEY, CKF_ENC }, AES_FB_STEP, SFTKFIPSNone },
{ CKM_AES_CTS, { AES_FB_KEY, CKF_ENC }, AES_FB_STEP, SFTKFIPSNone }, { CKM_AES_CTS, { AES_FB_KEY, CKF_ENC }, AES_FB_STEP, SFTKFIPSNone },
{ CKM_AES_CTR, { AES_FB_KEY, CKF_ENC }, AES_FB_STEP, SFTKFIPSNone }, { CKM_AES_CTR, { AES_FB_KEY, CKF_ENC }, AES_FB_STEP, SFTKFIPSNone },
{ CKM_AES_GCM, { AES_FB_KEY, CKF_ENC }, AES_FB_STEP, SFTKFIPSAEAD }, { CKM_AES_GCM, { AES_FB_KEY, CKF_ECW }, AES_FB_STEP, SFTKFIPSAEAD },
{ CKM_AES_KEY_WRAP, { AES_FB_KEY, CKF_ENC }, AES_FB_STEP, SFTKFIPSNone }, { CKM_AES_KEY_WRAP, { AES_FB_KEY, CKF_ECW }, AES_FB_STEP, SFTKFIPSNone },
{ CKM_AES_KEY_WRAP_PAD, { AES_FB_KEY, CKF_ENC }, AES_FB_STEP, SFTKFIPSNone }, { CKM_AES_KEY_WRAP_PAD, { AES_FB_KEY, CKF_ECW }, AES_FB_STEP, SFTKFIPSNone },
{ CKM_AES_KEY_WRAP_KWP, { AES_FB_KEY, CKF_ENC }, AES_FB_STEP, SFTKFIPSNone }, { CKM_AES_KEY_WRAP_KWP, { AES_FB_KEY, CKF_ECW }, AES_FB_STEP, SFTKFIPSNone },
/* ------------------------- Hashing Operations ----------------------- */ /* ------------------------- Hashing Operations ----------------------- */
{ CKM_SHA224, { 0, 0, CKF_HSH }, 1, SFTKFIPSNone }, { CKM_SHA224, { 0, 0, CKF_HSH }, 1, SFTKFIPSNone },
{ CKM_SHA224_HMAC, { 112, 224, CKF_SGN }, 1, SFTKFIPSNone }, { CKM_SHA224_HMAC, { 112, 224, CKF_SGN }, 1, SFTKFIPSNone },
@ -131,43 +151,61 @@ SFTKFIPSAlgorithmList sftk_fips_mechs[] = {
/* --------------------- Secret Key Operations ------------------------ */ /* --------------------- Secret Key Operations ------------------------ */
{ CKM_GENERIC_SECRET_KEY_GEN, { 112, 256, CKF_GEN }, 1, SFTKFIPSNone }, { CKM_GENERIC_SECRET_KEY_GEN, { 112, 256, CKF_GEN }, 1, SFTKFIPSNone },
/* ---------------------- SSL/TLS operations ------------------------- */ /* ---------------------- SSL/TLS operations ------------------------- */
{ CKM_SHA224_KEY_DERIVATION, { 112, 224, CKF_KDF }, 1, SFTKFIPSNone },
{ CKM_SHA256_KEY_DERIVATION, { 112, 256, CKF_KDF }, 1, SFTKFIPSNone },
{ CKM_SHA384_KEY_DERIVATION, { 112, 284, CKF_KDF }, 1, SFTKFIPSNone },
{ CKM_SHA512_KEY_DERIVATION, { 112, 512, CKF_KDF }, 1, SFTKFIPSNone },
{ CKM_SSL3_PRE_MASTER_KEY_GEN, { 384, 384, CKF_GEN }, 1, SFTKFIPSNone }, { CKM_SSL3_PRE_MASTER_KEY_GEN, { 384, 384, CKF_GEN }, 1, SFTKFIPSNone },
{ CKM_TLS12_MASTER_KEY_DERIVE, { 384, 384, CKF_KDF }, 1, SFTKFIPSNone }, { CKM_TLS12_KEY_AND_MAC_DERIVE, { 384, 384, CKF_KDF }, 1, SFTKFIPSTlsKeyCheck, offsetof(CK_TLS12_KEY_MAT_PARAMS, prfHashMechanism) },
{ CKM_TLS12_MASTER_KEY_DERIVE_DH, { DH_FB_KEY, CKF_KDF }, 1, SFTKFIPSNone }, { CKM_TLS_MAC, { 112, 512, CKF_SGN }, 1, SFTKFIPSChkHashTls,
{ CKM_TLS12_KEY_AND_MAC_DERIVE, { 384, 384, CKF_KDF }, 1, SFTKFIPSNone }, offsetof(CK_TLS_MAC_PARAMS, prfHashMechanism) },
{ CKM_TLS_PRF_GENERAL, { 112, 512, CKF_SGN }, 1, SFTKFIPSNone }, { CKM_NSS_TLS_EXTENDED_MASTER_KEY_DERIVE, { 192, 1024, CKF_KDF }, 1, SFTKFIPSChkHashTls,
{ CKM_TLS_MAC, { 112, 512, CKF_SGN }, 1, SFTKFIPSNone }, offsetof(CK_NSS_TLS_EXTENDED_MASTER_KEY_DERIVE_PARAMS, prfHashMechanism) },
/* sigh, is this algorithm really tested. ssl doesn't seem to have a { CKM_NSS_TLS_EXTENDED_MASTER_KEY_DERIVE_DH, { 192, 1024, CKF_DERIVE }, 1, SFTKFIPSChkHashTls,
* way of turning the extension off */ offsetof(CK_NSS_TLS_EXTENDED_MASTER_KEY_DERIVE_PARAMS, prfHashMechanism) },
{ CKM_NSS_TLS_EXTENDED_MASTER_KEY_DERIVE, { 192, 1024, CKF_KDF }, 1, SFTKFIPSNone },
{ CKM_NSS_TLS_EXTENDED_MASTER_KEY_DERIVE_DH, { 192, 1024, CKF_DERIVE }, 1, SFTKFIPSNone },
/* ------------------------- HKDF Operations -------------------------- */ /* ------------------------- HKDF Operations -------------------------- */
{ CKM_HKDF_DERIVE, { 112, 255 * 64 * 8, CKF_KDF }, 1, SFTKFIPSNone }, { CKM_HKDF_DERIVE, { 112, 255 * 64 * 8, CKF_KDF }, 1, SFTKFIPSChkHash,
{ CKM_HKDF_DATA, { 112, 255 * 64 * 8, CKF_KDF }, 1, SFTKFIPSNone }, offsetof(CK_HKDF_PARAMS, prfHashMechanism) },
{ CKM_HKDF_DATA, { 112, 255 * 64 * 8, CKF_KDF }, 1, SFTKFIPSChkHash,
offsetof(CK_HKDF_PARAMS, prfHashMechanism) },
{ CKM_HKDF_KEY_GEN, { 160, 224, CKF_GEN }, 1, SFTKFIPSNone }, { CKM_HKDF_KEY_GEN, { 160, 224, CKF_GEN }, 1, SFTKFIPSNone },
{ CKM_HKDF_KEY_GEN, { 256, 512, CKF_GEN }, 128, SFTKFIPSNone }, { CKM_HKDF_KEY_GEN, { 256, 512, CKF_GEN }, 128, SFTKFIPSNone },
/* ------------------ NIST 800-108 Key Derivations ------------------- */ /* ------------------ NIST 800-108 Key Derivations ------------------- */
{ CKM_SP800_108_COUNTER_KDF, { 112, CK_MAX, CKF_KDF }, 1, SFTKFIPSNone }, { CKM_SP800_108_COUNTER_KDF, { 112, CK_MAX, CKF_KDF }, 1, SFTKFIPSChkHashSp800,
{ CKM_SP800_108_FEEDBACK_KDF, { 112, CK_MAX, CKF_KDF }, 1, SFTKFIPSNone }, offsetof(CK_SP800_108_KDF_PARAMS, prfType) },
{ CKM_SP800_108_DOUBLE_PIPELINE_KDF, { 112, CK_MAX, CKF_KDF }, 1, SFTKFIPSNone }, { CKM_SP800_108_FEEDBACK_KDF, { 112, CK_MAX, CKF_KDF }, 1, SFTKFIPSChkHashSp800,
{ CKM_NSS_SP800_108_COUNTER_KDF_DERIVE_DATA, { 112, CK_MAX, CKF_KDF }, 1, SFTKFIPSNone }, offsetof(CK_SP800_108_KDF_PARAMS, prfType) },
{ CKM_NSS_SP800_108_FEEDBACK_KDF_DERIVE_DATA, { 112, CK_MAX, CKF_KDF }, 1, SFTKFIPSNone }, { CKM_SP800_108_DOUBLE_PIPELINE_KDF, { 112, CK_MAX, CKF_KDF }, 1, SFTKFIPSChkHashSp800,
{ CKM_NSS_SP800_108_DOUBLE_PIPELINE_KDF_DERIVE_DATA, { 112, CK_MAX, CKF_KDF }, 1, SFTKFIPSNone }, offsetof(CK_SP800_108_KDF_PARAMS, prfType) },
/* --------------------IPSEC ----------------------- */ /* --------------------IPSEC ----------------------- */
{ CKM_NSS_IKE_PRF_PLUS_DERIVE, { 112, 255 * 64, CKF_KDF }, 1, SFTKFIPSNone }, { CKM_NSS_IKE_PRF_PLUS_DERIVE, { 112, 255 * 64 * 8, CKF_KDF }, 1, SFTKFIPSChkHash,
{ CKM_NSS_IKE_PRF_DERIVE, { 112, 64, CKF_KDF }, 1, SFTKFIPSNone }, offsetof(CK_NSS_IKE_PRF_PLUS_DERIVE_PARAMS, prfMechanism) },
{ CKM_NSS_IKE1_PRF_DERIVE, { 112, 64, CKF_KDF }, 1, SFTKFIPSNone }, { CKM_NSS_IKE_PRF_DERIVE, { 112, 64 * 8, CKF_KDF }, 1, SFTKFIPSChkHash,
{ CKM_NSS_IKE1_APP_B_PRF_DERIVE, { 112, 255 * 64, CKF_KDF }, 1, SFTKFIPSNone }, offsetof(CK_NSS_IKE_PRF_DERIVE_PARAMS, prfMechanism) },
/* ------------------ PBE Key Derivations ------------------- */ /* ------------------ PBE Key Derivations ------------------- */
{ CKM_PKCS5_PBKD2, { 112, 256, CKF_GEN }, 1, SFTKFIPSNone }, { CKM_PKCS5_PBKD2, { 112, 256, CKF_GEN }, 1, SFTKFIPSPBKDF2 },
{ CKM_NSS_PKCS12_PBE_SHA224_HMAC_KEY_GEN, { 224, 224, CKF_GEN }, 1, SFTKFIPSNone }, /* the deprecated mechanisms, don't use for some reason we are supposed
{ CKM_NSS_PKCS12_PBE_SHA256_HMAC_KEY_GEN, { 256, 256, CKF_GEN }, 1, SFTKFIPSNone }, * to set the FIPS indicators on these (sigh) */
{ CKM_NSS_PKCS12_PBE_SHA384_HMAC_KEY_GEN, { 384, 384, CKF_GEN }, 1, SFTKFIPSNone }, /* NOTE: CKM_NSS_ML_KEM_KEY_GEN and the KYBER equivalent does not do
{ CKM_NSS_PKCS12_PBE_SHA512_HMAC_KEY_GEN, { 512, 512, CKF_GEN }, 1, SFTKFIPSNone } * pairwise consistency checks on key gen, so are not FIPS */
{ CKM_NSS_ML_KEM, { CK_ALL_KEY, CKF_SGN }, CK_ALL_STEP, SFTKFIPSNone },
{ CKM_NSS_AES_KEY_WRAP, { AES_FB_KEY, CKF_ECW }, AES_FB_STEP, SFTKFIPSNone },
{ CKM_NSS_AES_KEY_WRAP_PAD, { AES_FB_KEY, CKF_ECW }, AES_FB_STEP, SFTKFIPSNone },
{ CKM_NSS_TLS_KEY_AND_MAC_DERIVE_SHA256, { 384, 384, CKF_DERIVE }, 1, SFTKFIPSTlsKeyCheck },
{ CKM_NSS_TLS_PRF_GENERAL_SHA256, { 112, 512, CKF_SGN }, 1, SFTKFIPSNone },
{ CKM_NSS_HKDF_SHA1, { 1, 128, CKF_DERIVE }, 1, SFTKFIPSNone },
{ CKM_NSS_HKDF_SHA256, { 1, 128, CKF_DERIVE }, 1, SFTKFIPSNone },
{ CKM_NSS_HKDF_SHA384, { 1, 128, CKF_DERIVE }, 1, SFTKFIPSNone },
{ CKM_NSS_HKDF_SHA512, { 1, 128, CKF_DERIVE }, 1, SFTKFIPSNone },
{ CKM_NSS_SP800_108_COUNTER_KDF_DERIVE_DATA, { 112, CK_MAX, CKF_KDF }, 1, SFTKFIPSChkHashSp800,
offsetof(CK_SP800_108_KDF_PARAMS, prfType) },
{ CKM_NSS_SP800_108_FEEDBACK_KDF_DERIVE_DATA, { 112, CK_MAX, CKF_KDF }, 1, SFTKFIPSChkHashSp800,
offsetof(CK_SP800_108_KDF_PARAMS, prfType) },
{ CKM_NSS_SP800_108_DOUBLE_PIPELINE_KDF_DERIVE_DATA, { 112, CK_MAX, CKF_KDF }, 1, SFTKFIPSChkHashSp800,
offsetof(CK_SP800_108_KDF_PARAMS, prfType) },
/* concatentate fuctions used in hybrid operations */
/* The following functions add data at the end of a base key. If the base
* key is FIPS, and the resulting keys are strong enough, then the
* resulting key will also be FIPS and the resulting operations will be
* FIPS approved. */
{ CKM_CONCATENATE_BASE_AND_KEY, { 112, CK_MAX, CKF_DERIVE }, 1, SFTKFIPSNone },
{ CKM_CONCATENATE_BASE_AND_DATA, { 112, CK_MAX, CKF_DERIVE }, 1, SFTKFIPSNone },
}; };
const int SFTK_NUMBER_FIPS_ALGORITHMS = PR_ARRAY_SIZE(sftk_fips_mechs); const int SFTK_NUMBER_FIPS_ALGORITHMS = PR_ARRAY_SIZE(sftk_fips_mechs);

59
SOURCES/key3.db.xml Normal file
View File

@ -0,0 +1,59 @@
<?xml version='1.0' encoding='utf-8'?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
<!ENTITY date SYSTEM "date.xml">
<!ENTITY version SYSTEM "version.xml">
]>
<refentry id="key3.db">
<refentryinfo>
<date>&date;</date>
<title>Network Security Services</title>
<productname>nss</productname>
<productnumber>&version;</productnumber>
</refentryinfo>
<refmeta>
<refentrytitle>key3.db</refentrytitle>
<manvolnum>5</manvolnum>
</refmeta>
<refnamediv>
<refname>key3.db</refname>
<refpurpose>Legacy NSS certificate database</refpurpose>
</refnamediv>
<refsection id="description">
<title>Description</title>
<para><emphasis>key3.db</emphasis> is an NSS certificate database.</para>
<para>This is a key database in the legacy database format. Consider migrating to cert9.db and key4.db which which are the new sqlite-based shared database format with support for concurrent access.
</para>
</refsection>
<refsection>
<title>Files</title>
<para><filename>/etc/pki/nssdb/key3.db</filename></para>
</refsection>
<refsection>
<title>See also</title>
<para>cert9.db(5), key4.db(5), pkcs11.txt(5), </para>
</refsection>
<refsection id="authors">
<title>Authors</title>
<para>The nss libraries were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google.</para>
<para>Authors: Elio Maldonado &lt;emaldona@redhat.com>.</para>
</refsection>
<!-- don't change -->
<refsection id="license">
<title>LICENSE</title>
<para>Licensed under the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/.
</para>
</refsection>
</refentry>

51
SOURCES/nspr-4.34-fix-coverity-loop-issue.patch
View File

@ -1,51 +0,0 @@
diff --git a/pr/src/misc/prnetdb.c b/pr/src/misc/prnetdb.c
--- a/pr/src/misc/prnetdb.c
+++ b/pr/src/misc/prnetdb.c
@@ -2209,28 +2209,38 @@ PR_GetPrefLoopbackAddrInfo(PRNetAddr *re
PRBool result_still_empty = PR_TRUE;
PRADDRINFO *ai = res;
do {
PRNetAddr aNetAddr;
while (ai && ai->ai_addrlen > sizeof(PRNetAddr))
ai = ai->ai_next;
- if (ai) {
- /* copy sockaddr to PRNetAddr */
- memcpy(&aNetAddr, ai->ai_addr, ai->ai_addrlen);
- aNetAddr.raw.family = ai->ai_addr->sa_family;
+ if (!ai) {
+ break;
+ }
+
+ /* copy sockaddr to PRNetAddr */
+ memcpy(&aNetAddr, ai->ai_addr, ai->ai_addrlen);
+ aNetAddr.raw.family = ai->ai_addr->sa_family;
#ifdef _PR_INET6
- if (AF_INET6 == aNetAddr.raw.family)
- aNetAddr.raw.family = PR_AF_INET6;
+ if (AF_INET6 == aNetAddr.raw.family)
+ aNetAddr.raw.family = PR_AF_INET6;
#endif
- if (ai->ai_addrlen < sizeof(PRNetAddr))
- memset(((char*)result)+ai->ai_addrlen, 0,
- sizeof(PRNetAddr) - ai->ai_addrlen);
+ if (ai->ai_addrlen < sizeof(PRNetAddr))
+ memset(((char*)&aNetAddr)+ai->ai_addrlen, 0,
+ sizeof(PRNetAddr) - ai->ai_addrlen);
+
+ if (result->raw.family == PR_AF_INET) {
+ aNetAddr.inet.port = htons(port);
}
+ else {
+ aNetAddr.ipv6.port = htons(port);
+ }
+
/* If we obtain more than one result, prefer IPv6. */
if (result_still_empty || aNetAddr.raw.family == PR_AF_INET6) {
memcpy(result, &aNetAddr, sizeof(PRNetAddr));
}
result_still_empty = PR_FALSE;
ai = ai->ai_next;
}

12
SOURCES/nspr-4.34-server-passive.patch
View File

@ -1,12 +0,0 @@
diff -r c75b4e36b7e8 pr/src/misc/prnetdb.c
--- a/pr/src/misc/prnetdb.c Wed May 25 23:39:48 2022 +0200
+++ b/pr/src/misc/prnetdb.c Tue Jun 14 18:48:03 2022 -0400
@@ -2204,6 +2204,7 @@
memset(&hints, 0, sizeof(hints));
+ hints.ai_flags = AI_PASSIVE;
rv = GETADDRINFO(NULL, tmpBuf, &hints, &res);
if (rv == 0) {
PRBool result_still_empty = PR_TRUE;

37
SOURCES/nspr-config-pc.patch
View File

@ -1,37 +0,0 @@
diff -up nspr/config/nspr-config.in.flags nspr/config/nspr-config.in
--- nspr/config/nspr-config.in.flags 2013-05-29 13:46:34.147971410 -0700
+++ nspr/config/nspr-config.in 2013-05-29 14:17:10.990838914 -0700
@@ -102,7 +102,7 @@ if test -z "$includedir"; then
includedir=@includedir@
fi
if test -z "$libdir"; then
- libdir=@libdir@
+ libdir=`pkg-config --variable=libdir nspr`
fi
if test "$echo_prefix" = "yes"; then
@@ -136,12 +136,12 @@ if test "$echo_libs" = "yes"; then
if test -n "$lib_nspr"; then
libdirs="$libdirs -lnspr${major_version}"
fi
- os_ldflags="@LDFLAGS@"
+ os_ldflags=`pkg-config --variable=ldflags nspr`
for i in $os_ldflags ; do
if echo $i | grep \^-L >/dev/null; then
libdirs="$libdirs $i"
fi
done
- echo $libdirs @OS_LIBS@
+ echo $libdirs `pkg-config --variable=os_libs nspr`
fi
diff -up nspr/config/nspr.pc.in.flags nspr/config/nspr.pc.in
--- nspr/config/nspr.pc.in.flags 2013-05-29 13:48:15.026643570 -0700
+++ nspr/config/nspr.pc.in 2013-05-29 13:49:47.795202949 -0700
@@ -6,5 +6,5 @@ includedir=@includedir@
Name: NSPR
Description: The Netscape Portable Runtime
Version: @MOD_MAJOR_VERSION@.@MOD_MINOR_VERSION@.@MOD_PATCH_VERSION@
-Libs: -L@libdir@ -lplds@MOD_MAJOR_VERSION@ -lplc@MOD_MAJOR_VERSION@ -lnspr@MOD_MAJOR_VERSION@
+Libs: -L@libdir@ -lplds@MOD_MAJOR_VERSION@ -lplc@MOD_MAJOR_VERSION@ -lnspr@MOD_MAJOR_VERSION@ @OS_LIBS@
Cflags: -I@includedir@

127
SOURCES/nspr-config.xml
View File

@ -1,127 +0,0 @@
<?xml version='1.0' encoding='utf-8'?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
<!ENTITY date SYSTEM "date.xml">
<!ENTITY version SYSTEM "version.xml">
]>
<refentry id="nspr-config">
<refentryinfo>
<date>&date;</date>
<title>Netscape Portable Runtime</title>
<productname>nspr</productname>
<productnumber>&version;</productnumber>
</refentryinfo>
<refmeta>
<refentrytitle>nspr-config</refentrytitle>
<manvolnum>1</manvolnum>
</refmeta>
<refnamediv>
<refname>nspr-config</refname>
<refpurpose>Return meta information about nspr libraries</refpurpose>
</refnamediv>
<refsynopsisdiv>
<cmdsynopsis>
<command>nspr-config</command>
<arg><option>--prefix</option></arg>
<arg><option>--exec-prefix</option></arg>
<arg><option>--includedir</option></arg>
<arg><option>--libs</option></arg>
<arg><option>--cflags</option></arg>
<arg><option>--libdir</option></arg>
<arg><option>--version</option></arg>
</cmdsynopsis>
</refsynopsisdiv>
<refsection id="description">
<title>Description</title>
<para><command>nspr-config</command> is a shell script which can be used to obtain gcc options for building client pacakges of nspr.</para>
</refsection>
<refsection>
<title>Options</title>
<variablelist>
<varlistentry>
<term><option>--prefix</option></term>
<listitem><simpara>Returns the top level system directory under which the nspr libraries are installed.</simpara></listitem>
</varlistentry>
<varlistentry>
<term><option>--exec-prefix</option></term>
<listitem><simpara>Returns the top level system directory under which any nspr binaries would be installed.</simpara></listitem>
</varlistentry>
<varlistentry>
<term><option>--includedir</option> <replaceable>count</replaceable></term>
<listitem><simpara>Returns the path to the directory were the nspr headers are installed.</simpara></listitem>
</varlistentry>
<varlistentry>
<term><option>--version</option></term>
<listitem><simpara>Returns the upstream version of nspr in the form major_version-minor_version-patch_version.</simpara></listitem>
</varlistentry>
<varlistentry>
<term><option>--libs</option></term>
<listitem><simpara>Returns the compiler linking flags.</simpara></listitem>
</varlistentry>
<varlistentry>
<term><option>--cflags</option></term>
<listitem><simpara>Returns the compiler include flags.</simpara></listitem>
</varlistentry>
<varlistentry>
<term><option>--libdir</option></term>
<listitem><simpara>Returns the path to the directory were the nspr libraries are installed.</simpara></listitem>
</varlistentry>
</variablelist>
</refsection>
<refsection>
<title>Examples</title>
<para>The following example will query for both include path and linkage flags:
<programlisting>
/usr/bin/nspr-config --cflags --libs
</programlisting>
</para>
</refsection>
<refsection>
<title>Files</title>
<para><filename>/usr/bin/nspr-config</filename></para>
</refsection>
<refsection>
<title>See also</title>
<para>pkg-config(1)</para>
</refsection>
<refsection id="authors">
<title>Authors</title>
<para>The NSPR liraries were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google.</para>
<para>
Authors: Elio Maldonado &lt;emaldona@redhat.com>.
</para>
</refsection>
<!-- don't change -->
<refsection id="license">
<title>LICENSE</title>
<para>Licensed under the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/.
</para>
</refsection>
</refentry>

77
SOURCES/nspr-gcc-atomics.patch
View File

@ -1,77 +0,0 @@
diff --git a/pr/include/md/_linux.h b/pr/include/md/_linux.h
--- a/pr/include/md/_linux.h
+++ b/pr/include/md/_linux.h
@@ -82,53 +82,73 @@
#define NO_DLOPEN_NULL
#endif
#if defined(__FreeBSD_kernel__) || defined(__GNU__)
#define _PR_HAVE_SOCKADDR_LEN
#endif
#if defined(__i386__)
+#if defined(__GNUC__)
+/* Use GCC built-in functions */
+#define _PR_HAVE_ATOMIC_OPS
+#define _MD_INIT_ATOMIC()
+#define _MD_ATOMIC_INCREMENT(ptr) __sync_add_and_fetch(ptr, 1)
+#define _MD_ATOMIC_DECREMENT(ptr) __sync_sub_and_fetch(ptr, 1)
+#define _MD_ATOMIC_ADD(ptr, i) __sync_add_and_fetch(ptr, i)
+#define _MD_ATOMIC_SET(ptr, nv) __sync_lock_test_and_set(ptr, nv)
+#else
#define _PR_HAVE_ATOMIC_OPS
#define _MD_INIT_ATOMIC()
extern PRInt32 _PR_x86_AtomicIncrement(PRInt32 *val);
#define _MD_ATOMIC_INCREMENT _PR_x86_AtomicIncrement
extern PRInt32 _PR_x86_AtomicDecrement(PRInt32 *val);
#define _MD_ATOMIC_DECREMENT _PR_x86_AtomicDecrement
extern PRInt32 _PR_x86_AtomicAdd(PRInt32 *ptr, PRInt32 val);
#define _MD_ATOMIC_ADD _PR_x86_AtomicAdd
extern PRInt32 _PR_x86_AtomicSet(PRInt32 *val, PRInt32 newval);
#define _MD_ATOMIC_SET _PR_x86_AtomicSet
#endif
+#endif
#if defined(__ia64__)
#define _PR_HAVE_ATOMIC_OPS
#define _MD_INIT_ATOMIC()
extern PRInt32 _PR_ia64_AtomicIncrement(PRInt32 *val);
#define _MD_ATOMIC_INCREMENT _PR_ia64_AtomicIncrement
extern PRInt32 _PR_ia64_AtomicDecrement(PRInt32 *val);
#define _MD_ATOMIC_DECREMENT _PR_ia64_AtomicDecrement
extern PRInt32 _PR_ia64_AtomicAdd(PRInt32 *ptr, PRInt32 val);
#define _MD_ATOMIC_ADD _PR_ia64_AtomicAdd
extern PRInt32 _PR_ia64_AtomicSet(PRInt32 *val, PRInt32 newval);
#define _MD_ATOMIC_SET _PR_ia64_AtomicSet
#endif
#if defined(__x86_64__)
+#if defined(__GNUC__)
+/* Use GCC built-in functions */
+#define _PR_HAVE_ATOMIC_OPS
+#define _MD_INIT_ATOMIC()
+#define _MD_ATOMIC_INCREMENT(ptr) __sync_add_and_fetch(ptr, 1)
+#define _MD_ATOMIC_DECREMENT(ptr) __sync_sub_and_fetch(ptr, 1)
+#define _MD_ATOMIC_ADD(ptr, i) __sync_add_and_fetch(ptr, i)
+#define _MD_ATOMIC_SET(ptr, nv) __sync_lock_test_and_set(ptr, nv)
+#else
#define _PR_HAVE_ATOMIC_OPS
#define _MD_INIT_ATOMIC()
extern PRInt32 _PR_x86_64_AtomicIncrement(PRInt32 *val);
#define _MD_ATOMIC_INCREMENT _PR_x86_64_AtomicIncrement
extern PRInt32 _PR_x86_64_AtomicDecrement(PRInt32 *val);
#define _MD_ATOMIC_DECREMENT _PR_x86_64_AtomicDecrement
extern PRInt32 _PR_x86_64_AtomicAdd(PRInt32 *ptr, PRInt32 val);
#define _MD_ATOMIC_ADD _PR_x86_64_AtomicAdd
extern PRInt32 _PR_x86_64_AtomicSet(PRInt32 *val, PRInt32 newval);
#define _MD_ATOMIC_SET _PR_x86_64_AtomicSet
#endif
+#endif
#if defined(__or1k__)
#if defined(__GNUC__)
/* Use GCC built-in functions */
#define _PR_HAVE_ATOMIC_OPS
#define _MD_INIT_ATOMIC()
#define _MD_ATOMIC_INCREMENT(ptr) __sync_add_and_fetch(ptr, 1)
#define _MD_ATOMIC_DECREMENT(ptr) __sync_sub_and_fetch(ptr, 1)

24
SOURCES/nss-3.101-ec-dbm-test.patch Normal file
View File

@ -0,0 +1,24 @@
diff -up ./tests/ec/ectest.sh.dbm ./tests/ec/ectest.sh
--- ./tests/ec/ectest.sh.dbm 2024-06-18 14:53:51.201438651 -0700
+++ ./tests/ec/ectest.sh 2024-06-18 14:56:09.993993637 -0700
@@ -45,12 +45,20 @@ ectest_genkeydb_test()
if [ $? -ne 0 ]; then
return $?
fi
+ if [ "${TEST_MODE}" = "SHARED_DB" ] ; then
curves=( \
"curve25519" \
"secp256r1" \
"secp384r1" \
"secp521r1" \
)
+ else
+ curves=( \
+ "secp256r1" \
+ "secp384r1" \
+ "secp521r1" \
+ )
+ fi
for curve in "${curves[@]}"; do
echo "Test $curve key generation using certutil ..."
certutil -G -d "${HOSTDIR}" -k ec -q $curve -f "${R_PWFILE}" -z ${NOISE_FILE}

58
SOURCES/nss-3.101-el8-restore-old-pkcs12-default.patch Normal file
View File

@ -0,0 +1,58 @@
diff -up ./cmd/pk12util/pk12util.c.orig ./cmd/pk12util/pk12util.c
--- ./cmd/pk12util/pk12util.c.orig 2021-05-28 02:50:43.000000000 -0700
+++ ./cmd/pk12util/pk12util.c 2021-06-15 17:05:37.200262345 -0700
@@ -1031,9 +1031,11 @@ main(int argc, char **argv)
char *export_file = NULL;
char *dbprefix = "";
SECStatus rv;
- SECOidTag cipher = SEC_OID_AES_256_CBC;
- SECOidTag hash = SEC_OID_SHA256;
- SECOidTag certCipher = SEC_OID_AES_128_CBC;
+ SECOidTag cipher =
+ SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC;
+ SECOidTag hash = SEC_OID_SHA1;
+ SECOidTag certCipher =
+ SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC;
int keyLen = 0;
int certKeyLen = 0;
secuCommand pk12util;
@@ -1147,6 +1149,9 @@ main(int argc, char **argv)
}
}
+ if (PK11_IsFIPS()) {
+ certCipher = SEC_OID_UNKNOWN;
+ }
if (pk12util.options[opt_CertCipher].activated) {
char *cipherString = pk12util.options[opt_CertCipher].arg;
--- ./cmd/pk12util/pk12util.c.no_pkcs12_macpbe_default 2024-07-18 08:26:35.7732
48450 -0700
+++ ./cmd/pk12util/pk12util.c 2024-07-18 08:27:05.796595554 -0700
@@ -1165,10 +1165,6 @@ main(int argc, char **argv)
}
}
}
- /* in FIPS mode default to encoding with pkcs5v2 for the MAC */
- if (PK11_IsFIPS()) {
- hash = SEC_OID_HMAC_SHA256;
- }
if (pk12util.options[opt_Mac].activated) {
char *hashString = pk12util.options[opt_Mac].arg;
diff -up ./tests/tools/tools.sh.orig ./tests/tools/tools.sh
--- ./tests/tools/tools.sh.orig 2021-06-15 17:06:27.650564449 -0700
+++ ./tests/tools/tools.sh 2021-06-15 17:07:59.934117192 -0700
@@ -47,9 +47,9 @@
"PKCS #5 Password Based Encryption with SHA-1 and DES-CBC"
# if we change the defaults in pk12util, update these variables
- export CERT_ENCRYPTION_DEFAULT="AES-128-CBC"
- export KEY_ENCRYPTION_DEFAULT="AES-256-CBC"
- export HASH_DEFAULT="SHA-256"
+ export CERT_ENCRYPTION_DEFAULT=${pkcs12v2pbeWithSha1And40BitRc2Cbc}
+ export KEY_ENCRYPTION_DEFAULT=${pkcs12v2pbeWithSha1AndTripleDESCBC}
+ export HASH_DEFAULT="SHA-1"
export PKCS5v1_PBE_CIPHERS="${pkcs5pbeWithMD2AndDEScbc},\
${pkcs5pbeWithMD5AndDEScbc},\

12
SOURCES/nss-3.101-extend-db-dump-time.patch Normal file
View File

@ -0,0 +1,12 @@
diff -up ./tests/dbtests/dbtests.sh.extend ./tests/dbtests/dbtests.sh
--- ./tests/dbtests/dbtests.sh.extend 2023-11-15 13:17:50.651020458 -0800
+++ ./tests/dbtests/dbtests.sh 2023-11-15 13:18:57.091608850 -0800
@@ -366,7 +366,7 @@ dbtest_main()
RARRAY=($dtime)
TIMEARRAY=(${RARRAY[1]//./ })
echo "${TIMEARRAY[0]} seconds"
- test ${TIMEARRAY[0]} -lt 5
+ test ${TIMEARRAY[0]} -lt ${NSS_DB_DUMP_TIME-5}
ret=$?
html_msg ${ret} 0 "certutil dump keys with explicit default trust flags"
fi

115
SOURCES/nss-3.101-fix-cms-abi-break.patch Normal file
View File

@ -0,0 +1,115 @@
diff -up ./lib/smime/cmsasn1.c.restore_abi ./lib/smime/cmsasn1.c
--- ./lib/smime/cmsasn1.c.restore_abi 2024-06-07 09:26:03.000000000 -0700
+++ ./lib/smime/cmsasn1.c 2024-09-06 18:05:27.808338289 -0700
@@ -350,7 +350,7 @@ static const SEC_ASN1Template NSSCMSKeyA
{ SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_EXPLICIT |
SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 1,
offsetof(NSSCMSKeyAgreeRecipientInfo, ukm),
- SEC_ASN1_SUB(SEC_OctetStringTemplate) },
+ SEC_ASN1_SUB(SEC_PointerToOctetStringTemplate) },
{ SEC_ASN1_INLINE | SEC_ASN1_XTRN,
offsetof(NSSCMSKeyAgreeRecipientInfo, keyEncAlg),
SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
diff -up ./lib/smime/cmslocal.h.restore_abi ./lib/smime/cmslocal.h
--- ./lib/smime/cmslocal.h.restore_abi 2024-06-07 09:26:03.000000000 -0700
+++ ./lib/smime/cmslocal.h 2024-09-06 18:04:47.647863624 -0700
@@ -174,7 +174,7 @@ NSS_CMSUtil_DecryptSymKey_RSA_OAEP(SECKE
extern SECStatus
NSS_CMSUtil_EncryptSymKey_ESECDH(PLArenaPool *poolp, CERTCertificate *cert, PK11SymKey *key,
- SECItem *encKey, PRBool genUkm, SECItem *ukm,
+ SECItem *encKey, PRBool genUkm, SECItem **ukm,
SECAlgorithmID *keyEncAlg, SECItem *originatorPubKey, void *wincx);
PK11SymKey *
diff -up ./lib/smime/cmspubkey.c.restore_abi ./lib/smime/cmspubkey.c
--- ./lib/smime/cmspubkey.c.restore_abi 2024-06-07 09:26:03.000000000 -0700
+++ ./lib/smime/cmspubkey.c 2024-09-06 18:04:47.647863624 -0700
@@ -292,9 +292,15 @@ Create_ECC_CMS_SharedInfo(PLArenaPool *p
unsigned char suppPubInfo[4] = { 0 };
SI.keyInfo = keyInfo;
- SI.entityUInfo.type = ukm->type;
- SI.entityUInfo.data = ukm->data;
- SI.entityUInfo.len = ukm->len;
+ if (ukm) {
+ SI.entityUInfo.type = ukm->type;
+ SI.entityUInfo.data = ukm->data;
+ SI.entityUInfo.len = ukm->len;
+ } else {
+ SI.entityUInfo.type = siBuffer;
+ SI.entityUInfo.data = NULL;
+ SI.entityUInfo.len = 0;
+ }
SI.suppPubInfo.type = siBuffer;
SI.suppPubInfo.data = suppPubInfo;
@@ -322,7 +328,7 @@ Create_ECC_CMS_SharedInfo(PLArenaPool *p
SECStatus
NSS_CMSUtil_EncryptSymKey_ESECDH(PLArenaPool *poolp, CERTCertificate *cert,
PK11SymKey *bulkkey, SECItem *encKey,
- PRBool genUkm, SECItem *ukm,
+ PRBool genUkm, SECItem **ukmp,
SECAlgorithmID *keyEncAlg, SECItem *pubKey,
void *wincx)
{
@@ -337,10 +343,11 @@ NSS_CMSUtil_EncryptSymKey_ESECDH(PLArena
SECAlgorithmID keyWrapAlg;
SECOidTag keyEncAlgtag;
SECItem keyWrapAlg_params, *keyEncAlg_params, *SharedInfo;
+ SECItem *ukm = *ukmp;
CK_MECHANISM_TYPE keyDerivationType, keyWrapMech;
CK_ULONG kdf;
- if (genUkm && (ukm->len != 0 || ukm->data != NULL)) {
+ if (genUkm && (ukm != NULL)) {
PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
return SECFailure;
}
@@ -427,17 +434,17 @@ NSS_CMSUtil_EncryptSymKey_ESECDH(PLArena
* contain 512 bits for Diffie-Hellman key agreement. */
if (genUkm) {
- ukm->type = siBuffer;
- ukm->len = 64;
- ukm->data = (unsigned char *)PORT_ArenaAlloc(poolp, ukm->len);
-
- if (ukm->data == NULL) {
+ ukm = SECITEM_AllocItem(poolp, NULL, 64);
+ if (ukm == NULL) {
goto loser;
}
+ ukm->type = siBuffer;
+
rv = PK11_GenerateRandom(ukm->data, ukm->len);
if (rv != SECSuccess) {
goto loser;
}
+ *ukmp = ukm; /* return it */
}
SharedInfo = Create_ECC_CMS_SharedInfo(poolp, &keyWrapAlg,
diff -up ./lib/smime/cmsrecinfo.c.restore_abi ./lib/smime/cmsrecinfo.c
--- ./lib/smime/cmsrecinfo.c.restore_abi 2024-06-07 09:26:03.000000000 -0700
+++ ./lib/smime/cmsrecinfo.c 2024-09-06 18:04:47.647863624 -0700
@@ -582,7 +582,7 @@ NSS_CMSRecipientInfo_UnwrapBulkKey(NSSCM
parameters = &(ri->ri.keyAgreeRecipientInfo.keyEncAlg.parameters);
enckey = &(ri->ri.keyAgreeRecipientInfo.recipientEncryptedKeys[subIndex]->encKey);
oiok = &(ri->ri.keyAgreeRecipientInfo.originatorIdentifierOrKey);
- ukm = &(ri->ri.keyAgreeRecipientInfo.ukm);
+ ukm = ri->ri.keyAgreeRecipientInfo.ukm;
break;
case NSSCMSRecipientInfoID_KEK:
algid = &(ri->ri.kekRecipientInfo.keyEncAlg);
diff -up ./lib/smime/cmst.h.restore_abi ./lib/smime/cmst.h
--- ./lib/smime/cmst.h.restore_abi 2024-06-07 09:26:03.000000000 -0700
+++ ./lib/smime/cmst.h 2024-09-06 18:04:47.647863624 -0700
@@ -376,7 +376,7 @@ typedef struct NSSCMSRecipientEncryptedK
struct NSSCMSKeyAgreeRecipientInfoStr {
SECItem version;
NSSCMSOriginatorIdentifierOrKey originatorIdentifierOrKey;
- SECItem ukm; /* optional */
+ SECItem *ukm; /* optional */
SECAlgorithmID keyEncAlg;
NSSCMSRecipientEncryptedKey **recipientEncryptedKeys;
};

12
SOURCES/nss-3.101-fix-shlibsign-fips.patch Normal file
View File

@ -0,0 +1,12 @@
diff -up ./cmd/shlibsign/shlibsign.c.shlibsign ./cmd/shlibsign/shlibsign.c
--- ./cmd/shlibsign/shlibsign.c.shlibsign 2024-06-07 09:26:03.000000000 -0700
+++ ./cmd/shlibsign/shlibsign.c 2024-10-31 10:49:28.637449054 -0700
@@ -1426,7 +1426,7 @@ main(int argc, char **argv)
} else {
/* NON FIPS mode == C_GetFunctionList */
pC_GetFunctionList = (CK_C_GetFunctionList)
- PR_FindFunctionSymbol(lib, "C_GetFunctionList");
+ PR_FindFunctionSymbol(lib, "NSC_GetFunctionList");
}
assert(pC_GetFunctionList != NULL);
if (!pC_GetFunctionList) {

26085
SOURCES/nss-3.112-add-ml-dsa-base-el8.patch Normal file
View File

File diff suppressed because it is too large Load Diff

83501
SOURCES/nss-3.112-add-ml-dsa-gtests-el8.patch Normal file
View File

File diff suppressed because one or more lines are too long

4930
SOURCES/nss-3.112-add-ml-dsa-ssl-support-el8.patch Normal file
View File

File diff suppressed because it is too large Load Diff

2149
SOURCES/nss-3.112-add-sec384r1-mlkem-1024.patch Normal file
View File

File diff suppressed because it is too large Load Diff

71
SOURCES/nss-3.112-big-endian-compression-fix.patch Normal file
View File

@ -0,0 +1,71 @@
diff --git a/cmd/selfserv/selfserv.c b/cmd/selfserv/selfserv.c
--- a/cmd/selfserv/selfserv.c
+++ b/cmd/selfserv/selfserv.c
@@ -2078,13 +2078,13 @@
if (!input || !input->data || input->len == 0 || !output || outputLen == 0) {
PR_SetError(SEC_ERROR_INVALID_ARGS, 0);
return SECFailure;
}
- *usedLen = outputLen;
-
- int ret = uncompress(output, (unsigned long *)usedLen, input->data, input->len);
+ unsigned long outputLenUL = outputLen;
+ int ret = uncompress(output, &outputLenUL, input->data, input->len);
+ *usedLen = outputLenUL;
if (ret != Z_OK) {
PR_SetError(SEC_ERROR_BAD_DATA, 0);
return SECFailure;
}
@@ -2100,11 +2100,13 @@
}
unsigned long maxCompressedLen = compressBound(input->len);
SECITEM_AllocItem(NULL, output, maxCompressedLen);
- int ret = compress(output->data, (unsigned long *)&output->len, input->data, input->len);
+ unsigned long outputLenUL = output->len;
+ int ret = compress(output->data, &outputLenUL, input->data, input->len);
+ output->len = outputLenUL;
if (ret != Z_OK) {
PR_SetError(SEC_ERROR_LIBRARY_FAILURE, 0);
return SECFailure;
}
diff --git a/cmd/tstclnt/tstclnt.c b/cmd/tstclnt/tstclnt.c
--- a/cmd/tstclnt/tstclnt.c
+++ b/cmd/tstclnt/tstclnt.c
@@ -1375,11 +1375,13 @@
}
unsigned long maxCompressedLen = compressBound(input->len);
SECITEM_AllocItem(NULL, output, maxCompressedLen);
- int ret = compress(output->data, (unsigned long *)&output->len, input->data, input->len);
+ unsigned long outputLenUL = output->len;
+ int ret = compress(output->data, &outputLenUL, input->data, input->len);
+ output->len = outputLenUL;
if (ret != Z_OK) {
PR_SetError(SEC_ERROR_LIBRARY_FAILURE, 0);
return SECFailure;
}
@@ -1394,13 +1396,13 @@
if (!input || !input->data || input->len == 0 || !output || outputLen == 0) {
PR_SetError(SEC_ERROR_INVALID_ARGS, 0);
return SECFailure;
}
- *usedLen = outputLen;
-
- int ret = uncompress(output, (unsigned long *)usedLen, input->data, input->len);
+ unsigned long outputLenUL = outputLen;
+ int ret = uncompress(output, &outputLenUL, input->data, input->len);
+ *usedLen = outputLenUL;
if (ret != Z_OK) {
PR_SetError(SEC_ERROR_BAD_DATA, 0);
return SECFailure;
}

91
SOURCES/nss-3.112-disable-ech.patch Normal file
View File

@ -0,0 +1,91 @@
diff --git a/gtests/ssl_gtest/manifest.mn b/gtests/ssl_gtest/manifest.mn
--- a/gtests/ssl_gtest/manifest.mn
+++ b/gtests/ssl_gtest/manifest.mn
@@ -50,17 +50,16 @@ CPPSRCS = \
ssl_staticrsa_unittest.cc \
ssl_tls13compat_unittest.cc \
ssl_v2_client_hello_unittest.cc \
ssl_version_unittest.cc \
ssl_versionpolicy_unittest.cc \
test_io.cc \
tls_agent.cc \
tls_connect.cc \
- tls_ech_unittest.cc \
tls_filter.cc \
tls_hkdf_unittest.cc \
tls_mlkem_unittest.cc \
tls_protect.cc \
tls_psk_unittest.cc \
tls_subcerts_unittest.cc \
tls_xyber_unittest.cc \
$(SSLKEYLOGFILE_FILES) \
diff -up ./lib/ssl/sslsock.c.disable_ech ./lib/ssl/sslsock.c
--- ./lib/ssl/sslsock.c.disable_ech 2024-06-07 09:26:03.000000000 -0700
+++ ./lib/ssl/sslsock.c 2024-06-12 13:29:17.162207862 -0700
@@ -4415,17 +4415,23 @@ ssl_ClearPRCList(PRCList *list, void (*f
SECStatus
SSLExp_EnableTls13GreaseEch(PRFileDesc *fd, PRBool enabled)
{
+#ifdef notdef
sslSocket *ss = ssl_FindSocket(fd);
if (!ss) {
return SECFailure;
}
ss->opt.enableTls13GreaseEch = enabled;
return SECSuccess;
+#else
+ PORT_SetError(SSL_ERROR_UNSUPPORTED_EXPERIMENTAL_API);
+ return SECFailure;
+#endif
}
SECStatus
SSLExp_SetTls13GreaseEchSize(PRFileDesc *fd, PRUint8 size)
{
+#ifdef notdef
sslSocket *ss = ssl_FindSocket(fd);
if (!ss || size == 0) {
return SECFailure;
@@ -4439,28 +4445,42 @@ SSLExp_SetTls13GreaseEchSize(PRFileDesc
ssl_Release1stHandshakeLock(ss);
return SECSuccess;
+#else
+ PORT_SetError(SSL_ERROR_UNSUPPORTED_EXPERIMENTAL_API);
+ return SECFailure;
+#endif
}
SECStatus
SSLExp_EnableTls13BackendEch(PRFileDesc *fd, PRBool enabled)
{
+#ifdef notdef
sslSocket *ss = ssl_FindSocket(fd);
if (!ss) {
return SECFailure;
}
ss->opt.enableTls13BackendEch = enabled;
return SECSuccess;
+#else
+ PORT_SetError(SSL_ERROR_UNSUPPORTED_EXPERIMENTAL_API);
+ return SECFailure;
+#endif
}
SECStatus
SSLExp_CallExtensionWriterOnEchInner(PRFileDesc *fd, PRBool enabled)
{
+#ifdef notdef
sslSocket *ss = ssl_FindSocket(fd);
if (!ss) {
return SECFailure;
}
ss->opt.callExtensionWriterOnEchInner = enabled;
return SECSuccess;
+#else
+ PORT_SetError(SSL_ERROR_UNSUPPORTED_EXPERIMENTAL_API);
+ return SECFailure;
+#endif
}
SECStatus

33
SOURCES/nss-3.112-disable-external-host-test.patch Normal file
View File

@ -0,0 +1,33 @@
# HG changeset patch
# User Robert Relyea <rrelyea@redhat.com>
# Date 1752601914 25200
# Tue Jul 15 10:51:54 2025 -0700
# Branch RHEL_8
# Node ID 89a40126836b8e2a5d98e250262c498e304fcdcc
# Parent ef820c54bad5f034231f51df2b14f88863170cfb
nss-3.66-disable-external-host-test.patch
diff --git a/tests/ssl/ssl.sh b/tests/ssl/ssl.sh
--- a/tests/ssl/ssl.sh
+++ b/tests/ssl/ssl.sh
@@ -1595,17 +1595,19 @@ ssl_run_tests()
{
for SSL_TEST in ${NSS_SSL_TESTS}
do
case "${SSL_TEST}" in
"policy")
if using_sql ; then
ssl_policy_listsuites
ssl_policy_selfserv
- ssl_policy_pkix_ocsp
+ # requires access to external servers, which fails
+ # when running in brew
+ #ssl_policy_pkix_ocsp
ssl_policy
fi
;;
"crl")
ssl_crl_ssl
ssl_crl_cache
;;
"iopr")

72
SOURCES/nss-3.112-disable-md5.patch Normal file
View File

@ -0,0 +1,72 @@
diff -up ./lib/pk11wrap/pk11pars.c.no_md ./lib/pk11wrap/pk11pars.c
--- ./lib/pk11wrap/pk11pars.c.no_md 2024-06-11 12:41:35.054654990 -0700
+++ ./lib/pk11wrap/pk11pars.c 2024-06-11 12:46:25.347979894 -0700
@@ -329,14 +329,11 @@ static const oidValDef curveOptList[] =
static const oidValDef hashOptList[] = {
/* Hashes */
{ CIPHER_NAME("MD2"), SEC_OID_MD2,
- NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_SIGNATURE | NSS_USE_ALG_IN_SMIME |
- NSS_USE_ALG_IN_PKCS12 },
+ NSS_USE_ALG_IN_SMIME_LEGACY | NSS_USE_ALG_IN_PKCS12_DECRYPT },
{ CIPHER_NAME("MD4"), SEC_OID_MD4,
- NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_SIGNATURE | NSS_USE_ALG_IN_SMIME |
- NSS_USE_ALG_IN_PKCS12 },
+ NSS_USE_ALG_IN_SMIME_LEGACY | NSS_USE_ALG_IN_PKCS12_DECRYPT },
{ CIPHER_NAME("MD5"), SEC_OID_MD5,
- NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_SIGNATURE | NSS_USE_ALG_IN_SMIME |
- NSS_USE_ALG_IN_PKCS12 },
+ NSS_USE_ALG_IN_SMIME_LEGACY | NSS_USE_ALG_IN_PKCS12_DECRYPT },
{ CIPHER_NAME("SHA1"), SEC_OID_SHA1,
NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_SIGNATURE | NSS_USE_ALG_IN_SMIME |
NSS_USE_ALG_IN_PKCS12 },
diff -up ./lib/util/secoid.c.no_md ./lib/util/secoid.c
diff -r 699541a7793b lib/util/secoid.c
--- a/lib/util/secoid.c Tue Jun 16 23:03:22 2020 +0000
+++ b/lib/util/secoid.c Thu Jun 25 14:33:09 2020 +0200
@@ -2042,6 +2042,19 @@
int i;
for (i = 1; i < SEC_OID_TOTAL; i++) {
+ switch (i) {
+ case SEC_OID_MD2:
+ case SEC_OID_MD4:
+ case SEC_OID_MD5:
+ case SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION:
+ case SEC_OID_PKCS1_MD4_WITH_RSA_ENCRYPTION:
+ case SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION:
+ case SEC_OID_PKCS5_PBE_WITH_MD2_AND_DES_CBC:
+ case SEC_OID_PKCS5_PBE_WITH_MD5_AND_DES_CBC:
+ continue;
+ default:
+ break;
+ }
if (oids[i].desc && strstr(arg, oids[i].desc)) {
xOids[i].notPolicyFlags = notEnable |
(xOids[i].notPolicyFlags & ~(DEF_FLAGS));
diff -up ./tests/tools/pkcs12policy.txt.disable_md5 ./tests/tools/pkcs12policy.txt
--- ./tests/tools/pkcs12policy.txt.disable_md5 2025-05-23 06:07:49.000000000 -0700
+++ ./tests/tools/pkcs12policy.txt 2025-06-21 13:46:53.055812187 -0700
@@ -95,21 +95,12 @@
0 17 allow_all disallow=rc2 PKCS_#12_V2_PBE_With_SHA-1_And_128_Bit_RC4 PKCS_#12_V2_PBE_With_SHA-1_And_128_Bit_RC2_CBC SHA-1 disallow rc2 (read), RC4 and RC2
# integrity policy check the various has based controls.
# NOTE: md4, md2, and md5 are turned off by policy by default for encrypting
-# (decrypting is fine). To be enabled, you must allow=all or allow=mdX on the
+# (decrypting is fine). To be enabled, you must allow=mdX/pkcs12 on the
# encryption side. These tests purposefully tests that the default fails to encrypt
# but succeeds when decrypting.
27 x allow=tls allow=tls PKCS_#12_V2_PBE_With_SHA-1_And_128_Bit_RC2_CBC PKCS_#5_Password_Based_Encryption_with_MD2_and_DES-CBC SHA-256 Use default policy with multiple hashes
- 0 0 allow=all allow=tls PKCS_#12_V2_PBE_With_SHA-1_And_128_Bit_RC2_CBC PKCS_#5_Password_Based_Encryption_with_MD2_and_DES-CBC SHA-256 Allow all encrypt, use default decrypt with multiple hashes
- 0 0 allow=all allow=all PKCS_#12_V2_PBE_With_SHA-1_And_128_Bit_RC2_CBC PKCS_#5_Password_Based_Encryption_with_MD2_and_DES-CBC SHA-256 Allow all with multiple hashes
- 28 x disallow=sha1_allow=md2 allow=all PKCS_#12_V2_PBE_With_SHA-1_And_128_Bit_RC2_CBC PKCS_#5_Password_Based_Encryption_with_MD2_and_DES-CBC SHA-256 Disallow sha1 on write
27 x disallow=md2 allow=all PKCS_#12_V2_PBE_With_SHA-1_And_128_Bit_RC2_CBC PKCS_#5_Password_Based_Encryption_with_MD2_and_DES-CBC SHA-256 Disallow md2 on write
- 29 x disallow=sha256_allow=md2 allow=all PKCS_#12_V2_PBE_With_SHA-1_And_128_Bit_RC2_CBC PKCS_#5_Password_Based_Encryption_with_MD2_and_DES-CBC SHA-256 Disallow sha256 on write
- 0 19 allow=all disallow=sha1 PKCS_#12_V2_PBE_With_SHA-1_And_128_Bit_RC2_CBC PKCS_#5_Password_Based_Encryption_with_MD2_and_DES-CBC SHA-256 Disallow sha1 on read
- 0 17 allow=all disallow=md2 PKCS_#12_V2_PBE_With_SHA-1_And_128_Bit_RC2_CBC PKCS_#5_Password_Based_Encryption_with_MD2_and_DES-CBC SHA-256 Disallow md2 on read
- 0 17 allow=all disallow=sha256 PKCS_#12_V2_PBE_With_SHA-1_And_128_Bit_RC2_CBC PKCS_#5_Password_Based_Encryption_with_MD2_and_DES-CBC SHA-256 Disallow sha256 on read
- 0 0 allow=all disallow=md2/pkcs12-encrypt PKCS_#12_V2_PBE_With_SHA-1_And_128_Bit_RC2_CBC PKCS_#5_Password_Based_Encryption_with_MD2_and_DES-CBC SHA-256 Disallow md2 on read
- 0 0 allow=all disallow=sha1/pkcs12-encrypt PKCS_#12_V2_PBE_With_SHA-1_And_128_Bit_RC2_CBC PKCS_#5_Password_Based_Encryption_with_MD2_and_DES-CBC SHA-256 Disallow sha1 on read
- 0 0 allow=all disallow=sha256/pkcs12-encrypt PKCS_#12_V2_PBE_With_SHA-1_And_128_Bit_RC2_CBC PKCS_#5_Password_Based_Encryption_with_MD2_and_DES-CBC SHA-256 Disallow sha256 on read
+ 27 x disallow=sha256_allow=md2 allow=all PKCS_#12_V2_PBE_With_SHA-1_And_128_Bit_RC2_CBC PKCS_#5_Password_Based_Encryption_with_MD2_and_DES-CBC SHA-256 Disallow sha256 on write
0 0 allow=all allow=all AES-128-CBC AES-128-CBC HMAC_SHA-256 Allow all with hmac
29 x disallow=hmac-sha256 allow=all AES-128-CBC AES-128-CBC HMAC_SHA-256 Disallow hmac on write
0 17 allow=all disallow=hmac-sha256 AES-128-CBC AES-128-CBC HMAC_SHA-256 Disallow hmac on read

62
SOURCES/nss-3.112-disable-signature-policies.patch Normal file
View File

@ -0,0 +1,62 @@
# HG changeset patch
# User Robert Relyea <rrelyea@redhat.com>
# Date 1752601818 25200
# Tue Jul 15 10:50:18 2025 -0700
# Branch RHEL_8
# Node ID ef820c54bad5f034231f51df2b14f88863170cfb
# Parent 5c09db329be3e1e2b19c92f9e6224cdad04d65ba
nss-3.101-disable-signature-policies.patch
diff --git a/lib/pk11wrap/pk11pars.c b/lib/pk11wrap/pk11pars.c
--- a/lib/pk11wrap/pk11pars.c
+++ b/lib/pk11wrap/pk11pars.c
@@ -448,22 +448,19 @@ static const oidValDef smimeKxOptList[]
{ CIPHER_NAME("ECDH"), SEC_OID_ECDH_KEA, NSS_USE_ALG_IN_SMIME_KX },
{ CIPHER_NAME("DH"), SEC_OID_X942_DIFFIE_HELMAN_KEY, NSS_USE_ALG_IN_SMIME_KX },
};
static const oidValDef signOptList[] = {
/* Signatures */
{ CIPHER_NAME("DSA"), SEC_OID_ANSIX9_DSA_SIGNATURE,
NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_SIGNATURE },
- { CIPHER_NAME("RSA-PKCS"), SEC_OID_PKCS1_RSA_ENCRYPTION,
- NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_SIGNATURE },
- { CIPHER_NAME("RSA-PSS"), SEC_OID_PKCS1_RSA_PSS_SIGNATURE,
- NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_SIGNATURE },
- { CIPHER_NAME("ECDSA"), SEC_OID_ANSIX962_EC_PUBLIC_KEY,
- NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_SIGNATURE },
+ { CIPHER_NAME("RSA-PKCS"), SEC_OID_PKCS1_RSA_ENCRYPTION, 0},
+ { CIPHER_NAME("RSA-PSS"), SEC_OID_PKCS1_RSA_PSS_SIGNATURE, 0},
+ { CIPHER_NAME("ECDSA"), SEC_OID_ANSIX962_EC_PUBLIC_KEY, 0},
{ CIPHER_NAME("ED25519"), SEC_OID_ED25519_PUBLIC_KEY,
NSS_USE_ALG_IN_SIGNATURE },
};
typedef struct {
const oidValDef *list;
PRUint32 entries;
const char *description;
diff --git a/tests/ssl/sslpolicy.txt b/tests/ssl/sslpolicy.txt
--- a/tests/ssl/sslpolicy.txt
+++ b/tests/ssl/sslpolicy.txt
@@ -188,17 +188,19 @@
1 noECC SSL3 d disallow=rsa/ssl-key-exchange Disallow Key Exchange Explicitly
1 noECC SSL3 d disallow=all_allow=hmac-sha1:sha256:rsa-pkcs:dh-dss:des-ede3-cbc:tls-version-min=ssl3.0:tls-version-max=ssl3.0 Disallow Key Exchange Implicitly Narrow
1 noECC SSL3 d disallow=all_allow=md2/all:md4/all:md5/all:sha1/all:sha256/all:sha384/all:sha512/all:rsa-pkcs/all:rsa-pss/all:ecdsa/all:dsa/all:hmac-sha1/all:hmac-sha224/all:hmac-sha256/all:hmac-sha384/all:hmac-sha512/all:hmac-md5/all:camellia128-cbc/all:camellia192-cbc/all:camellia256-cbc/all:seed-cbc/all:des-ede3-cbc/all:des-40-cbc/all:des-cbc/all:null-cipher/all:rc2/all:rc4/all:idea/all:rsa-export/all:dhe-rsa/all:dhe-dss/all:ecdhe-ecdsa/all:ecdhe-rsa/all:ecdh-ecdsa/all:ecdh-rsa/all:tls-version-min=ssl2.0:tls-version-max=tls1.2 Disallow Key Exchange Signatures Implicitly
# turn off version
1 noECC SSL3 d allow=tls-version-min=tls1.0:tls-version-max=tls1.2 Disallow Version Exlicitly
1 noECC SSL3 d disallow=all_allow=hmac-sha1:sha256:rsa-pkcs:rsa:des-ede3-cbc:tls-version-min=tls1.0:tls-version-max=tls1.2 Disallow Version Implicitly Narrow
1 noECC SSL3 d disallow=all_allow=md2/all:md4/all:md5/all:sha1/all:sha256/all:sha384/all:sha512/all:rsa-pkcs/all:rsa-pss/all:ecdsa/all:dsa/all:hmac-sha1/all:hmac-sha224/all:hmac-sha256/all:hmac-sha384/all:hmac-sha512/all:hmac-md5/all:camellia128-cbc/all:camellia192-cbc/all:camellia256-cbc/all:seed-cbc/all:des-ede3-cbc/all:des-40-cbc/all:des-cbc/all:null-cipher/all:rc2/all:rc4/all:idea/all:rsa/all:rsa-export/all:dhe-rsa/all:dhe-dss/all:ecdhe-ecdsa/all:ecdhe-rsa/all:ecdh-ecdsa/all:ecdh-rsa/all:tls-version-min=tls1.0:tls-version-max=tls1.2 Disallow Version Implicitly
0 noECC SSL3 d disallow=dsa Disallow DSA Signatures Explicitly
- 1 noECC SSL3 d disallow=rsa-pkcs Disallow RSA PKCS 1 Signatures Explicitly
+# rsa-pkcs, rsa-pss, and ecdsa policy checking reverted in rhel8 for binary
+# compatibility reasons
+# 1 noECC SSL3 d disallow=rsa-pkcs Disallow RSA PKCS 1 Signatures Explicitly
1 noECC SSL3 d allow=rsa-min=16384:key-size-flags=key-size-verify Restrict RSA keys on signature verification
0 noECC SSL3 d allow=rsa-min=16384:key-size-flags=key-size-sign Restrict RSA keys on signing
1 noECC SSL3 d allow=rsa-min=16384:key-size-flags=key-size-ssl Restrict RSA keys when used in SSL
0 noECC SSL3 d allow=rsa-min=1023 Restrict RSA keys when used in SSL
# test default settings
# NOTE: tstclient will attempt to overide the defaults, so we detect we
# were successful by locking in our settings
0 noECC SSL3 d allow=all_disable=all Disable all by default, application override

160
SOURCES/nss-3.112-el8-no-p12-smime-policy.patch Normal file
View File

@ -0,0 +1,160 @@
# HG changeset patch
# User Robert Relyea <rrelyea@redhat.com>
# Date 1752603323 25200
# Tue Jul 15 11:15:23 2025 -0700
# Branch RHEL_8
# Node ID 66485f8ab28943977de80c0e22c800bea996e3c9
# Parent c36fc2df3a13b0672f9a11b500e6e3ddc7115490
nss-3.112-el8-no-p12-smime-policy.patch
diff --git a/lib/pkcs12/p12plcy.c b/lib/pkcs12/p12plcy.c
--- a/lib/pkcs12/p12plcy.c
+++ b/lib/pkcs12/p12plcy.c
@@ -32,27 +32,31 @@ static pkcs12SuiteMap pkcs12SuiteMaps[]
{ SEC_OID_UNKNOWN, 0, PKCS12_NULL, PR_FALSE, PR_FALSE },
{ SEC_OID_UNKNOWN, 0, 0L, PR_FALSE, PR_FALSE }
};
/* determine if algid is an algorithm which is allowed */
static PRBool
sec_PKCS12Allowed(SECOidTag alg, PRUint32 needed)
{
+#ifdef notdef
PRUint32 policy;
SECStatus rv;
rv = NSS_GetAlgorithmPolicy(alg, &policy);
if (rv != SECSuccess) {
return PR_FALSE;
}
if ((policy & needed) == needed) {
return PR_TRUE;
}
return PR_FALSE;
+#else
+ return PR_TRUE;
+#endif
}
PRBool
SEC_PKCS12CipherAllowed(SECOidTag pbeAlg, SECOidTag hmacAlg)
{
SECOidTag cipherAlg = SEC_PKCS5GetCryptoFromAlgTag(pbeAlg);
SECOidTag hashAlg = SEC_PKCS5GetHashFromAlgTag(pbeAlg);
if (cipherAlg == SEC_OID_UNKNOWN) {
diff --git a/lib/smime/smimeutil.c b/lib/smime/smimeutil.c
--- a/lib/smime/smimeutil.c
+++ b/lib/smime/smimeutil.c
@@ -197,16 +197,17 @@ smime_get_policy_tag_from_key_length(SEC
return SEC_OID_UNKNOWN;
}
return algtag;
}
PRBool
smime_allowed_by_policy(SECOidTag algtag, PRUint32 neededPolicy)
{
+#ifdef notdef
PRUint32 policyFlags;
/* some S/MIME algs map to the same underlying KEA mechanism,
* collaps them here */
if ((neededPolicy & (NSS_USE_ALG_IN_SMIME_KX | NSS_USE_ALG_IN_SMIME_KX_LEGACY)) != 0) {
CK_MECHANISM_TYPE mechType = PK11_AlgtagToMechanism(algtag);
switch (mechType) {
case CKM_ECDH1_DERIVE:
@@ -216,16 +217,17 @@ smime_allowed_by_policy(SECOidTag algtag
}
}
if ((NSS_GetAlgorithmPolicy(algtag, &policyFlags) == SECFailure) ||
((policyFlags & neededPolicy) != neededPolicy)) {
PORT_SetError(SEC_ERROR_BAD_EXPORT_ALGORITHM);
return PR_FALSE;
}
+#endif
return PR_TRUE;
}
/*
* We'll need this for the fake policy oids for RC2, but the
* rest of these should be moved to pk11wrap for generic
* algtag to key size values. We already need this for
* sec_pkcs5v2_key_length_by oid.
@@ -480,28 +482,34 @@ smime_init_once(void *arg)
return PR_FAILURE;
}
algorithm_list_lock = PZ_NewLock(nssILockCache);
if (algorithm_list_lock == NULL) {
*error = PORT_GetError();
return PR_FAILURE;
}
+#ifdef notdef
/* At initialization time, we need to set up the defaults. We first
* look to see if the system or application has set up certain algorithms
* by policy. If they have set up values by policy we'll only allow those
* algorithms. We'll then look to see if any algorithms are enabled by
* the application. */
rv = NSS_GetAlgorithmPolicyAll(NSS_USE_ALG_IN_SMIME_LEGACY,
NSS_USE_ALG_IN_SMIME_LEGACY,
&tags, &tagCount);
if (tags) {
PORT_Free(tags);
tags = NULL;
}
+#else
+ /* just initialize the old maps */
+ rv = SECSuccess;
+ tagCount = 0;
+#endif
if ((rv != SECSuccess) || (tagCount == 0)) {
/* No algorithms have been enabled by policy (either by the system
* or by the application, we then will use the traditional default
* algorithms from the policy map */
for (i = smime_legacy_map_count - 1; i >= 0; i--) {
SECOidTag policytag = smime_legacy_map[i].policytag;
/* this enables the algorithm by policy. We need this or
* the policy code will reject attempts to use it */
diff --git a/tests/smime/smime.sh b/tests/smime/smime.sh
--- a/tests/smime/smime.sh
+++ b/tests/smime/smime.sh
@@ -867,13 +867,13 @@ smime_cleanup()
}
################## main #################################################
smime_init
smime_main
smime_data_tb
smime_p7
-if using_sql ; then
- smime_policy
-fi
+#if using_sql ; then
+# smime_policy
+#fi
smime_cleanup
diff --git a/tests/tools/tools.sh b/tests/tools/tools.sh
--- a/tests/tools/tools.sh
+++ b/tests/tools/tools.sh
@@ -590,17 +590,17 @@ tools_p12()
tools_p12_export_list_import_most_ciphers
fi
tools_p12_export_with_none_ciphers
tools_p12_export_with_invalid_ciphers
tools_p12_import_old_files
tools_p12_import_pbmac1_samples
if using_sql; then
tools_p12_import_rsa_pss_private_key
- tools_p12_policy
+#tools_p12_policy
fi
}
############################## tools_sign ##############################
# local shell function pk12util uses a hardcoded tmp file, if this exists
# and is owned by another user we don't get reasonable errormessages
########################################################################
check_tmpfile()

3988
SOURCES/nss-3.112-fips-and-fixes-el8.patch Normal file
View File

File diff suppressed because it is too large Load Diff

888
SOURCES/nss-3.112-fips.patch Normal file
View File

@ -0,0 +1,888 @@
diff --git a/lib/freebl/stubs.c b/lib/freebl/stubs.c
--- a/lib/freebl/stubs.c
+++ b/lib/freebl/stubs.c
@@ -485,17 +485,17 @@ PR_GetLibraryFilePathname_stub(const cha
extern int
PORT_GetError_stub(void)
{
STUB_SAFE_CALL0(PORT_GetError_Util);
return errno;
}
extern void
-PORT_SafeZero(void *p, size_t n)
+PORT_SafeZero_stub(void *p, size_t n)
{
STUB_SAFE_CALL2(PORT_SafeZero, p, n);
/* just use a generic call in the case where we are running
* standalone freebl */
if (p != NULL) {
volatile unsigned char *__vl = (unsigned char *)p;
size_t __nl = n;
while (__nl--)
diff --git a/lib/freebl/stubs.h b/lib/freebl/stubs.h
--- a/lib/freebl/stubs.h
+++ b/lib/freebl/stubs.h
@@ -22,17 +22,17 @@
#define PORT_Alloc PORT_Alloc_stub
#define PORT_ArenaAlloc PORT_ArenaAlloc_stub
#define PORT_ArenaZAlloc PORT_ArenaZAlloc_stub
#define PORT_Free PORT_Free_stub
#define PORT_FreeArena PORT_FreeArena_stub
#define PORT_GetError PORT_GetError_stub
#define PORT_NewArena PORT_NewArena_stub
-#define PORT_SaveZero PORT_SaveZero_stub
+#define PORT_SafeZero PORT_SafeZero_stub
#define PORT_SetError PORT_SetError_stub
#define PORT_ZAlloc PORT_ZAlloc_stub
#define PORT_ZFree PORT_ZFree_stub
#define PORT_ZAllocAligned PORT_ZAllocAligned_stub
#define PORT_ZAllocAlignedOffset PORT_ZAllocAlignedOffset_stub
#define SECITEM_AllocItem SECITEM_AllocItem_stub
#define SECITEM_CompareItem SECITEM_CompareItem_stub
diff --git a/lib/freebl/unix_fips140_3.c b/lib/freebl/unix_fips140_3.c
--- a/lib/freebl/unix_fips140_3.c
+++ b/lib/freebl/unix_fips140_3.c
@@ -25,17 +25,17 @@ RNG_SystemInfoForRNG(void)
{
PRUint8 bytes[SYSTEM_RNG_SEED_COUNT];
size_t numBytes = RNG_SystemRNG(bytes, SYSTEM_RNG_SEED_COUNT);
if (!numBytes) {
/* error is set */
return;
}
RNG_RandomUpdate(bytes, numBytes);
- PORT_SaveZero(bytes, sizeof(bytes));
+ PORT_SafeZero(bytes, sizeof(bytes));
}
static unsigned int rng_grndFlags = 0;
static PRCallOnceType rng_KernelFips;
static PRStatus
rng_getKernelFips()
{
diff --git a/lib/softoken/pkcs11c.c b/lib/softoken/pkcs11c.c
--- a/lib/softoken/pkcs11c.c
+++ b/lib/softoken/pkcs11c.c
@@ -535,17 +535,17 @@ sftk_InitGeneric(SFTKSession *session, C
context->cipherInfo = NULL;
context->hashInfo = NULL;
context->doPad = PR_FALSE;
context->padDataLength = 0;
context->key = key;
context->blockSize = 0;
context->maxLen = 0;
context->isFIPS = sftk_operationIsFIPS(session->slot, pMechanism,
- operation, key);
+ operation, key, 0);
*contextPtr = context;
return CKR_OK;
}
static int
sftk_aes_mode(CK_MECHANISM_TYPE mechanism)
{
switch (mechanism) {
@@ -4794,16 +4794,17 @@ NSC_GenerateKey(CK_SESSION_HANDLE hSessi
goto loser;
}
/* make sure we don't have any class, key_type, or value fields */
sftk_DeleteAttributeType(key, CKA_CLASS);
sftk_DeleteAttributeType(key, CKA_KEY_TYPE);
sftk_DeleteAttributeType(key, CKA_VALUE);
+
/* Now Set up the parameters to generate the key (based on mechanism) */
key_gen_type = nsc_bulk; /* bulk key by default */
switch (pMechanism->mechanism) {
case CKM_CDMF_KEY_GEN:
case CKM_DES_KEY_GEN:
case CKM_DES2_KEY_GEN:
case CKM_DES3_KEY_GEN:
checkWeak = PR_TRUE;
@@ -4990,16 +4991,20 @@ NSC_GenerateKey(CK_SESSION_HANDLE hSessi
crv = CKR_SESSION_HANDLE_INVALID;
goto loser;
}
/*
* handle the base object stuff
*/
crv = sftk_handleObject(key, session);
+ /* we need to do this check at the end, so we can check the generated key length against
+ * fips requirements */
+ key->isFIPS = sftk_operationIsFIPS(slot, pMechanism, CKA_NSS_GENERATE, key, 0);
+ session->lastOpWasFIPS = key->isFIPS;
sftk_FreeSession(session);
if (crv == CKR_OK && sftk_isTrue(key, CKA_SENSITIVE)) {
crv = sftk_forceAttribute(key, CKA_ALWAYS_SENSITIVE, &cktrue, sizeof(CK_BBOOL));
}
if (crv == CKR_OK && !sftk_isTrue(key, CKA_EXTRACTABLE)) {
crv = sftk_forceAttribute(key, CKA_NEVER_EXTRACTABLE, &cktrue, sizeof(CK_BBOOL));
}
if (crv == CKR_OK) {
@@ -6077,18 +6082,18 @@ NSC_GenerateKeyPair(CK_SESSION_HANDLE hS
}
/*
* handle the base object cleanup for the private Key
* If we have any problems, we destroy the public Key we've
* created and linked.
*/
crv = sftk_handleObject(publicKey, session);
- sftk_FreeSession(session);
if (crv != CKR_OK) {
+ sftk_FreeSession(session);
sftk_FreeObject(publicKey);
NSC_DestroyObject(hSession, privateKey->handle);
sftk_FreeObject(privateKey);
return crv;
}
if (sftk_isTrue(privateKey, CKA_SENSITIVE)) {
crv = sftk_forceAttribute(privateKey, CKA_ALWAYS_SENSITIVE,
&cktrue, sizeof(CK_BBOOL));
@@ -6120,22 +6125,29 @@ NSC_GenerateKeyPair(CK_SESSION_HANDLE hS
(PRUint32)hSession, (PRUint32)pMechanism->mechanism,
(PRUint32)crv);
sftk_LogAuditMessage(NSS_AUDIT_ERROR, NSS_AUDIT_SELF_TEST, msg);
}
}
}
if (crv != CKR_OK) {
+ sftk_FreeSession(session);
NSC_DestroyObject(hSession, publicKey->handle);
sftk_FreeObject(publicKey);
NSC_DestroyObject(hSession, privateKey->handle);
sftk_FreeObject(privateKey);
return crv;
}
+ /* we need to do this check at the end to make sure the generated key meets the key length requirements */
+ privateKey->isFIPS = sftk_operationIsFIPS(slot, pMechanism, CKA_NSS_GENERATE_KEY_PAIR, privateKey, 0);
+ publicKey->isFIPS = privateKey->isFIPS;
+ session->lastOpWasFIPS = privateKey->isFIPS;
+
+ sftk_FreeSession(session);
*phPrivateKey = privateKey->handle;
*phPublicKey = publicKey->handle;
sftk_FreeObject(publicKey);
sftk_FreeObject(privateKey);
return CKR_OK;
}
@@ -7321,30 +7333,35 @@ sftk_HKDF(CK_HKDF_PARAMS_PTR params, CK_
return CKR_MECHANISM_PARAM_INVALID;
}
if ((params->bExpand && keySize == 0) ||
(!params->bExpand && keySize > hashLen) ||
(params->bExpand && keySize > 255 * hashLen)) {
return CKR_TEMPLATE_INCONSISTENT;
}
+ if (!params->bExpand) {
+ keySize = hashLen;
+ }
+
/* sourceKey is NULL if we are called from the POST, skip the
* sensitiveCheck */
if (sourceKey != NULL) {
crv = sftk_DeriveSensitiveCheck(sourceKey, key, canBeData);
if (crv != CKR_OK)
return crv;
}
/* HKDF-Extract(salt, base key value) */
if (params->bExtract) {
CK_BYTE *salt;
CK_ULONG saltLen;
HMACContext *hmac;
unsigned int bufLen;
+ SFTKSource saltKeySource = SFTK_SOURCE_DEFAULT;
switch (params->ulSaltType) {
case CKF_HKDF_SALT_NULL:
saltLen = hashLen;
salt = hashbuf;
memset(salt, 0, saltLen);
break;
case CKF_HKDF_SALT_DATA:
@@ -7369,31 +7386,57 @@ sftk_HKDF(CK_HKDF_PARAMS_PTR params, CK_
/* if the base key is not fips, but the salt key is, the
* resulting key can be fips */
if (isFIPS && (key->isFIPS == 0) && (saltKey->isFIPS == 1)) {
CK_MECHANISM mech;
mech.mechanism = CKM_HKDF_DERIVE;
mech.pParameter = params;
mech.ulParameterLen = sizeof(*params);
key->isFIPS = sftk_operationIsFIPS(saltKey->slot, &mech,
- CKA_DERIVE, saltKey);
+ CKA_DERIVE, saltKey,
+ keySize*PR_BITS_PER_BYTE);
}
+ saltKeySource = saltKey->source;
saltKey_att = sftk_FindAttribute(saltKey, CKA_VALUE);
if (saltKey_att == NULL) {
sftk_FreeObject(saltKey);
return CKR_KEY_HANDLE_INVALID;
}
/* save the resulting salt */
salt = saltKey_att->attrib.pValue;
saltLen = saltKey_att->attrib.ulValueLen;
break;
default:
return CKR_MECHANISM_PARAM_INVALID;
break;
}
+ /* only TLS style usage is FIPS approved,
+ * turn off the FIPS indicator for other usages */
+ if (isFIPS && key && sourceKey) {
+ PRBool fipsOK = PR_FALSE;
+ /* case one: mix the kea with a previous or default
+ * salt */
+ if ((sourceKey->source == SFTK_SOURCE_KEA) &&
+ (saltKeySource == SFTK_SOURCE_HKDF_EXPAND) &&
+ (saltLen == rawHash->length)) {
+ fipsOK = PR_TRUE;
+ }
+ /* case two: restart, remix the previous secret as a salt */
+ if ((sourceKey->objclass == CKO_DATA) &&
+ (NSS_SecureMemcmpZero(sourceKeyBytes, sourceKeyLen) == 0) &&
+ (sourceKeyLen == rawHash->length) &&
+ (saltKeySource == SFTK_SOURCE_HKDF_EXPAND) &&
+ (saltLen == rawHash->length)) {
+ fipsOK = PR_TRUE;
+ }
+ if (!fipsOK) {
+ key->isFIPS = PR_FALSE;
+ }
+ }
+ if (key) key->source = SFTK_SOURCE_HKDF_EXTRACT;
hmac = HMAC_Create(rawHash, salt, saltLen, isFIPS);
if (saltKey_att) {
sftk_FreeAttribute(saltKey_att);
}
if (saltKey) {
sftk_FreeObject(saltKey);
}
@@ -7411,26 +7454,50 @@ sftk_HKDF(CK_HKDF_PARAMS_PTR params, CK_
/* PRK = base key value */
prk = sourceKeyBytes;
prkLen = sourceKeyLen;
}
/* HKDF-Expand */
if (!params->bExpand) {
okm = prk;
- keySize = genLen = hashLen;
+ genLen = hashLen;
} else {
/* T(1) = HMAC-Hash(prk, "" | info | 0x01)
* T(n) = HMAC-Hash(prk, T(n-1) | info | n
* key material = T(1) | ... | T(n)
*/
HMACContext *hmac;
CK_BYTE bi;
unsigned iterations;
+ /* only TLS style usage is FIPS approved,
+ * turn off the FIPS indicator for other usages */
+ if (isFIPS && key && key->isFIPS && sourceKey) {
+ unsigned char *info=&params->pInfo[3];
+ /* only one case,
+ * 1) Expand only
+ * 2) with a key whose source was
+ * SFTK_SOURCE_HKDF_EXPAND or SFTK_SOURCE_HKDF_EXTRACT
+ * 3) source key length == rawHash->length
+ * 4) Info has tls or dtls
+ * If any of those conditions aren't met, then we turn
+ * off the fips indicator */
+ if (params->bExtract ||
+ ((sourceKey->source != SFTK_SOURCE_HKDF_EXTRACT) &&
+ (sourceKey->source != SFTK_SOURCE_HKDF_EXPAND)) ||
+ (sourceKeyLen != rawHash->length) ||
+ (params->ulInfoLen < 7) ||
+ ((PORT_Memcmp(info,"tls",3) != 0) &&
+ (PORT_Memcmp(info,"dtls",4) != 0))) {
+ key->isFIPS = PR_FALSE;
+ }
+ }
+ if (key) key->source = SFTK_SOURCE_HKDF_EXPAND;
+
genLen = PR_ROUNDUP(keySize, hashLen);
iterations = genLen / hashLen;
if (genLen > sizeof(keyBlock)) {
keyBlockAlloc = PORT_Alloc(genLen);
if (keyBlockAlloc == NULL) {
return CKR_HOST_MEMORY;
}
@@ -7635,17 +7702,18 @@ NSC_DeriveKey(CK_SESSION_HANDLE hSession
/* get the value of the base key */
att = sftk_FindAttribute(sourceKey, CKA_VALUE);
if (att == NULL) {
sftk_FreeObject(key);
sftk_FreeObject(sourceKey);
return CKR_KEY_HANDLE_INVALID;
}
}
- key->isFIPS = sftk_operationIsFIPS(slot, pMechanism, CKA_DERIVE, sourceKey);
+ key->isFIPS = sftk_operationIsFIPS(slot, pMechanism, CKA_DERIVE, sourceKey,
+ keySize*PR_BITS_PER_BYTE);
switch (mechanism) {
/* get a public key from a private key. nsslowkey_ConvertToPublickey()
* will generate the public portion if it doesn't already exist. */
case CKM_NSS_PUB_FROM_PRIV: {
NSSLOWKEYPrivateKey *privKey;
NSSLOWKEYPublicKey *pubKey;
int error;
@@ -8797,16 +8865,17 @@ NSC_DeriveKey(CK_SESSION_HANDLE hSession
/* calculate private value - oct */
rv = DH_Derive(&dhPublic, &dhPrime, &dhValue, &derived, keySize);
SECITEM_ZfreeItem(&dhPrime, PR_FALSE);
SECITEM_ZfreeItem(&dhValue, PR_FALSE);
if (rv == SECSuccess) {
+ key->source = SFTK_SOURCE_KEA;
sftk_forceAttribute(key, CKA_VALUE, derived.data, derived.len);
SECITEM_ZfreeItem(&derived, PR_FALSE);
crv = CKR_OK;
} else
crv = CKR_HOST_MEMORY;
break;
}
@@ -8894,16 +8963,17 @@ NSC_DeriveKey(CK_SESSION_HANDLE hSession
* tmp is the raw data created by ECDH_Derive,
* secret and secretlen are the values we will
* eventually pass as our generated key.
*/
secret = tmp.data;
secretlen = tmp.len;
} else {
secretlen = keySize;
+ key->isFIPS = PR_FALSE;
crv = sftk_ANSI_X9_63_kdf(&secret, keySize,
&tmp, mechParams->pSharedData,
mechParams->ulSharedDataLen, mechParams->kdf);
PORT_ZFree(tmp.data, tmp.len);
if (crv != CKR_OK) {
break;
}
tmp.data = secret;
@@ -8927,16 +8997,17 @@ NSC_DeriveKey(CK_SESSION_HANDLE hSession
}
PORT_Memcpy(&keyData[keySize - secretlen], secret, secretlen);
secret = keyData;
} else {
secret += (secretlen - keySize);
}
secretlen = keySize;
}
+ key->source = SFTK_SOURCE_KEA;
sftk_forceAttribute(key, CKA_VALUE, secret, secretlen);
PORT_ZFree(tmp.data, tmp.len);
if (keyData) {
PORT_ZFree(keyData, keySize);
}
break;
diff --git a/lib/softoken/pkcs11i.h b/lib/softoken/pkcs11i.h
--- a/lib/softoken/pkcs11i.h
+++ b/lib/softoken/pkcs11i.h
@@ -147,16 +147,26 @@ typedef enum {
*/
typedef enum {
SFTK_DestroyFailure,
SFTK_Destroyed,
SFTK_Busy
} SFTKFreeStatus;
/*
+ * Source of various objects
+ */
+typedef enum {
+ SFTK_SOURCE_DEFAULT=0,
+ SFTK_SOURCE_KEA,
+ SFTK_SOURCE_HKDF_EXPAND,
+ SFTK_SOURCE_HKDF_EXTRACT
+} SFTKSource;
+
+/*
* attribute values of an object.
*/
struct SFTKAttributeStr {
SFTKAttribute *next;
SFTKAttribute *prev;
PRBool freeAttr;
PRBool freeData;
/*must be called handle to make sftkqueue_find work */
@@ -189,16 +199,17 @@ struct SFTKObjectStr {
CK_OBJECT_CLASS objclass;
CK_OBJECT_HANDLE handle;
int refCount;
PZLock *refLock;
SFTKSlot *slot;
void *objectInfo;
SFTKFree infoFree;
PRBool isFIPS;
+ SFTKSource source;
};
struct SFTKTokenObjectStr {
SFTKObject obj;
SECItem dbKey;
};
struct SFTKSessionObjectStr {
@@ -963,15 +974,16 @@ char **NSC_ModuleDBFunc(unsigned long fu
const SECItem *sftk_VerifyDH_Prime(SECItem *dhPrime, SECItem *generator, PRBool isFIPS);
/* check if dhSubPrime claims dhPrime is a safe prime. */
SECStatus sftk_IsSafePrime(SECItem *dhPrime, SECItem *dhSubPrime, PRBool *isSafe);
/* map an operation Attribute to a Mechanism flag */
CK_FLAGS sftk_AttributeToFlags(CK_ATTRIBUTE_TYPE op);
/* check the FIPS table to determine if this current operation is allowed by
* FIPS security policy */
PRBool sftk_operationIsFIPS(SFTKSlot *slot, CK_MECHANISM *mech,
- CK_ATTRIBUTE_TYPE op, SFTKObject *source);
+ CK_ATTRIBUTE_TYPE op, SFTKObject *source,
+ CK_ULONG targetKeySize);
/* add validation objects to the slot */
CK_RV sftk_CreateValidationObjects(SFTKSlot *slot);
SEC_END_PROTOS
#endif /* _PKCS11I_H_ */
diff --git a/lib/softoken/pkcs11u.c b/lib/softoken/pkcs11u.c
--- a/lib/softoken/pkcs11u.c
+++ b/lib/softoken/pkcs11u.c
@@ -1098,16 +1098,17 @@ sftk_NewObject(SFTKSlot *slot)
sessObject->attrList[i].freeData = PR_FALSE;
}
sessObject->optimizeSpace = slot->optimizeSpace;
object->handle = 0;
object->next = object->prev = NULL;
object->slot = slot;
object->isFIPS = sftk_isFIPS(slot->slotID);
+ object->source = SFTK_SOURCE_DEFAULT;
object->refCount = 1;
sessObject->sessionList.next = NULL;
sessObject->sessionList.prev = NULL;
sessObject->sessionList.parent = object;
sessObject->session = NULL;
sessObject->wasDerived = PR_FALSE;
if (!hasLocks)
@@ -1683,16 +1684,17 @@ fail:
CK_RV
sftk_CopyObject(SFTKObject *destObject, SFTKObject *srcObject)
{
SFTKAttribute *attribute;
SFTKSessionObject *src_so = sftk_narrowToSessionObject(srcObject);
unsigned int i;
destObject->isFIPS = srcObject->isFIPS;
+ destObject->source = srcObject->source;
if (src_so == NULL) {
return sftk_CopyTokenObject(destObject, srcObject);
}
PZ_Lock(src_so->attributeLock);
for (i = 0; i < src_so->hashSize; i++) {
attribute = src_so->head[i];
do {
@@ -2068,16 +2070,17 @@ sftk_NewTokenObject(SFTKSlot *slot, SECI
/* every object must have a class, if we can't get it, the object
* doesn't exist */
crv = handleToClass(slot, handle, &object->objclass);
if (crv != CKR_OK) {
goto loser;
}
object->slot = slot;
object->isFIPS = sftk_isFIPS(slot->slotID);
+ object->source = SFTK_SOURCE_DEFAULT;
object->objectInfo = NULL;
object->infoFree = NULL;
if (!hasLocks) {
object->refLock = PZ_NewLock(nssILockRefLock);
}
if (object->refLock == NULL) {
goto loser;
}
@@ -2234,16 +2237,25 @@ sftk_AttributeToFlags(CK_ATTRIBUTE_TYPE
break;
case CKA_DERIVE:
flags = CKF_DERIVE;
break;
/* fake attribute to select digesting */
case CKA_DIGEST:
flags = CKF_DIGEST;
break;
+ /* fake attribute to select key gen */
+ case CKA_NSS_GENERATE:
+ flags = CKF_GENERATE;
+ break;
+ /* fake attribute to select key pair gen */
+ case CKA_NSS_GENERATE_KEY_PAIR:
+ flags = CKF_GENERATE_KEY_PAIR;
+ break;
+ /* fake attributes to to handle MESSAGE* flags */
case CKA_NSS_MESSAGE | CKA_ENCRYPT:
flags = CKF_MESSAGE_ENCRYPT;
break;
case CKA_NSS_MESSAGE | CKA_DECRYPT:
flags = CKF_MESSAGE_DECRYPT;
break;
case CKA_NSS_MESSAGE | CKA_SIGN:
flags = CKF_MESSAGE_SIGN;
@@ -2319,20 +2331,20 @@ sftk_quickGetECCCurveOid(SFTKObject *sou
}
/* This function currently only returns valid lengths for
* FIPS approved ECC curves. If we want to make this generic
* in the future, that Curve determination can be done in
* the sftk_handleSpecial. Since it's currently only used
* in FIPS indicators, it's currently only compiled with
* the FIPS indicator code */
-static int
+static CK_ULONG
sftk_getKeyLength(SFTKObject *source)
{
- CK_KEY_TYPE keyType = CK_INVALID_HANDLE;
+ CK_KEY_TYPE keyType = CKK_INVALID_KEY_TYPE;
CK_ATTRIBUTE_TYPE keyAttribute;
CK_ULONG keyLength = 0;
SFTKAttribute *attribute;
CK_RV crv;
/* If we don't have a key, then it doesn't have a length.
* this may be OK (say we are hashing). The mech info will
* sort this out because algorithms which expect no keys
@@ -2342,17 +2354,17 @@ sftk_getKeyLength(SFTKObject *source)
}
crv = sftk_GetULongAttribute(source, CKA_KEY_TYPE, &keyType);
if (crv != CKR_OK) {
/* sometimes we're passed a data object, in that case the
* key length is CKA_VALUE, which is the default */
keyType = CKK_INVALID_KEY_TYPE;
}
- if (keyType == CKK_EC) {
+ if (keyType == CKK_EC || keyType == CKK_EC_EDWARDS || keyType == CKK_EC_MONTGOMERY) {
SECOidTag curve = sftk_quickGetECCCurveOid(source);
switch (curve) {
case SEC_OID_CURVE25519:
/* change when we start algorithm testing on curve25519 */
return 0;
case SEC_OID_SECG_EC_SECP256R1:
return 256;
case SEC_OID_SECG_EC_SECP384R1:
@@ -2384,24 +2396,65 @@ sftk_getKeyLength(SFTKObject *source)
attribute = sftk_FindAttribute(source, keyAttribute);
if (attribute) {
keyLength = attribute->attrib.ulValueLen * 8;
sftk_FreeAttribute(attribute);
}
return keyLength;
}
+PRBool
+sftk_checkFIPSHash(CK_MECHANISM_TYPE hash, PRBool allowSmall, PRBool allowCMAC)
+{
+ switch (hash) {
+ case CKM_AES_CMAC:
+ return allowCMAC;
+ case CKM_SHA_1:
+ case CKM_SHA_1_HMAC:
+ case CKM_SHA224:
+ case CKM_SHA224_HMAC:
+ return allowSmall;
+ case CKM_SHA256:
+ case CKM_SHA256_HMAC:
+ case CKM_SHA384:
+ case CKM_SHA384_HMAC:
+ case CKM_SHA512:
+ case CKM_SHA512_HMAC:
+ return PR_TRUE;
+ }
+ return PR_FALSE;
+}
+
+PRBool
+sftk_checkKeyLength(CK_ULONG keyLength, CK_ULONG min,
+ CK_ULONG max, CK_ULONG step)
+{
+ if (keyLength > max) {
+ return PR_FALSE;
+ }
+ if (keyLength < min ) {
+ return PR_FALSE;
+ }
+ if (((keyLength - min) % step) != 0) {
+ return PR_FALSE;
+ }
+ return PR_TRUE;
+}
+
/*
* handle specialized FIPS semantics that are too complicated to
* handle with just a table. NOTE: this means any additional semantics
* would have to be coded here before they can be added to the table */
static PRBool
sftk_handleSpecial(SFTKSlot *slot, CK_MECHANISM *mech,
- SFTKFIPSAlgorithmList *mechInfo, SFTKObject *source)
+ SFTKFIPSAlgorithmList *mechInfo, SFTKObject *source,
+ CK_ULONG keyLength, CK_ULONG targetKeyLength)
{
+ PRBool allowSmall = PR_FALSE;
+ PRBool allowCMAC = PR_FALSE;
switch (mechInfo->special) {
case SFTKFIPSDH: {
SECItem dhPrime;
SECItem dhBase;
SECItem dhGenerator;
PRBool fipsOk = PR_FALSE;
const SECItem *dhSubPrime;
CK_RV crv = sftk_Attribute2SecItem(NULL, &dhPrime,
@@ -2451,32 +2504,97 @@ sftk_handleSpecial(SFTKSlot *slot, CK_ME
}
/* we use the existing hash utilities to find the length of
* the hash */
hashObj = HASH_GetRawHashObject(sftk_GetHashTypeFromMechanism(
pss->hashAlg));
if (hashObj == NULL) {
return PR_FALSE;
}
+ /* cap the salt for legacy keys */
+ if ((keyLength <= 1024) && (pss->sLen > 63)) {
+ return PR_FALSE;
+ }
+ /* cap the salt for based on the hash */
if (pss->sLen > hashObj->length) {
return PR_FALSE;
}
+ /* Our code makes sure pss->hashAlg matches the explicit
+ * hash in the mechanism, and only mechanisms with approved
+ * hashes are included, so no need to check pss->hashAlg
+ * here */
+ return PR_TRUE;
+ }
+ case SFTKFIPSPBKDF2: {
+ /* PBKDF2 must have the following addition restrictions
+ * (independent of keysize).
+ * 1. iteration count must be at least 1000.
+ * 2. salt must be at least 128 bits (16 bytes).
+ * 3. password must match the length specified in the SP
+ */
+ CK_PKCS5_PBKD2_PARAMS *pbkdf2 = (CK_PKCS5_PBKD2_PARAMS *)
+ mech->pParameter;
+ if (mech->ulParameterLen != sizeof(*pbkdf2)) {
+ return PR_FALSE;
+ }
+ if (pbkdf2->iterations < 1000) {
+ return PR_FALSE;
+ }
+ if (pbkdf2->ulSaltSourceDataLen < 16) {
+ return PR_FALSE;
+ }
+ if (*(pbkdf2->ulPasswordLen) < SFTKFIPS_PBKDF2_MIN_PW_LEN) {
+ return PR_FALSE;
+ }
return PR_TRUE;
}
+ /* check the hash mechanisms to make sure they themselves are FIPS */
+ case SFTKFIPSChkHashSp800:
+ allowCMAC = PR_TRUE;
+ case SFTKFIPSChkHash:
+ allowSmall = PR_TRUE;
+ case SFTKFIPSChkHashTls:
+ if (mech->ulParameterLen < mechInfo->offset +sizeof(CK_ULONG)) {
+ return PR_FALSE;
+ }
+ return sftk_checkFIPSHash(*(CK_ULONG *)(((char *)mech->pParameter)
+ + mechInfo->offset), allowSmall, allowCMAC);
+ case SFTKFIPSTlsKeyCheck:
+ if (mech->mechanism != CKM_NSS_TLS_KEY_AND_MAC_DERIVE_SHA256) {
+ /* unless the mechnism has a built-in hash, check the hash */
+ if (mech->ulParameterLen < mechInfo->offset +sizeof(CK_ULONG)) {
+ return PR_FALSE;
+ }
+ if (!sftk_checkFIPSHash(*(CK_ULONG *)(((char *)mech->pParameter)
+ + mechInfo->offset), PR_FALSE, PR_FALSE)) {
+ return PR_FALSE;
+ }
+ }
+ return sftk_checkKeyLength(targetKeyLength, 112, 512, 1);
+ case SFTKFIPSRSAOAEP:;
+ CK_RSA_PKCS_OAEP_PARAMS *rsaoaep = (CK_RSA_PKCS_OAEP_PARAMS *)
+ mech->pParameter;
+
+ HASH_HashType hash_msg = sftk_GetHashTypeFromMechanism(rsaoaep->hashAlg);
+ HASH_HashType hash_pad = sftk_GetHashTypeFromMechanism(rsaoaep->mgf);
+ /* message hash and mask generation function must be the same */
+ if (hash_pad != hash_msg) return PR_FALSE;
+
+ return sftk_checkFIPSHash(rsaoaep->hashAlg, PR_FALSE, PR_FALSE);
default:
break;
}
/* if we didn't understand the special processing, mark it non-fips */
return PR_FALSE;
}
#endif
PRBool
sftk_operationIsFIPS(SFTKSlot *slot, CK_MECHANISM *mech, CK_ATTRIBUTE_TYPE op,
- SFTKObject *source)
+ SFTKObject *source, CK_ULONG targetKeyLength)
{
#ifndef NSS_HAS_FIPS_INDICATORS
return PR_FALSE;
#else
int i;
CK_FLAGS opFlags;
CK_ULONG keyLength;
@@ -2498,23 +2616,25 @@ sftk_operationIsFIPS(SFTKSlot *slot, CK_
}
keyLength = sftk_getKeyLength(source);
/* check against our algorithm array */
for (i = 0; i < SFTK_NUMBER_FIPS_ALGORITHMS; i++) {
SFTKFIPSAlgorithmList *mechs = &sftk_fips_mechs[i];
/* if we match the number of records exactly, then we are an
* approved algorithm in the approved mode with an approved key */
- if (((mech->mechanism == mechs->type) &&
- (opFlags == (mechs->info.flags & opFlags)) &&
- (keyLength <= mechs->info.ulMaxKeySize) &&
- (keyLength >= mechs->info.ulMinKeySize) &&
- ((keyLength - mechs->info.ulMinKeySize) % mechs->step) == 0) &&
- ((mechs->special == SFTKFIPSNone) ||
- sftk_handleSpecial(slot, mech, mechs, source))) {
+ if ((mech->mechanism == mechs->type) &&
+ (opFlags == (mechs->info.flags & opFlags)) &&
+ sftk_checkKeyLength(keyLength, mechs->info.ulMinKeySize,
+ mechs->info.ulMaxKeySize, mechs->step) &&
+ ((targetKeyLength == 0) || (mechs->special == SFTKFIPSTlsKeyCheck)
+ || sftk_checkKeyLength(targetKeyLength, mechs->info.ulMinKeySize,
+ mechs->info.ulMaxKeySize, mechs->step)) &&
+ ((mechs->special == SFTKFIPSNone) ||
+ sftk_handleSpecial(slot, mech, mechs, source, keyLength, targetKeyLength))) {
return PR_TRUE;
}
}
return PR_FALSE;
#endif
}
/*
diff --git a/lib/softoken/sftkike.c b/lib/softoken/sftkike.c
--- a/lib/softoken/sftkike.c
+++ b/lib/softoken/sftkike.c
@@ -511,16 +511,22 @@ sftk_ike_prf(CK_SESSION_HANDLE hSession,
}
/* key as the data */
crv = prf_update(&context, inKey->attrib.pValue,
inKey->attrib.ulValueLen);
if (crv != CKR_OK) {
goto fail;
}
} else {
+ /* ikev1 isn't validated, if we use this function in ikev1 mode,
+ * mark the resulting key as not FIPS */
+ if (!params->bRekey) {
+ outKey->isFIPS = PR_FALSE;
+ }
+
crv = prf_init(&context, inKey->attrib.pValue,
inKey->attrib.ulValueLen);
if (crv != CKR_OK) {
goto fail;
}
if (newKeyValue) {
crv = prf_update(&context, newKeyValue->attrib.pValue,
newKeyValue->attrib.ulValueLen);
diff --git a/lib/softoken/sftkmessage.c b/lib/softoken/sftkmessage.c
--- a/lib/softoken/sftkmessage.c
+++ b/lib/softoken/sftkmessage.c
@@ -178,16 +178,48 @@ sftk_CryptMessage(CK_SESSION_HANDLE hSes
CHECK_FORK();
/* make sure we're legal */
crv = sftk_GetContext(hSession, &context, contextType, PR_TRUE, NULL);
if (crv != CKR_OK)
return crv;
+ if (context->isFIPS && (contextType == SFTK_MESSAGE_ENCRYPT)) {
+ if ((pParameter == NULL) || (ulParameterLen != sizeof(CK_GCM_MESSAGE_PARAMS))) {
+ context->isFIPS = PR_FALSE;
+ } else {
+ CK_GCM_MESSAGE_PARAMS *p = (CK_GCM_MESSAGE_PARAMS *)pParameter;
+ switch (p->ivGenerator) {
+ default:
+ case CKG_NO_GENERATE:
+ context->isFIPS = PR_FALSE;
+ break;
+ case CKG_GENERATE_RANDOM:
+ if ((p->ulIvLen < 96/PR_BITS_PER_BYTE) ||
+ (p->ulIvFixedBits != 0)) {
+ context->isFIPS = PR_FALSE;
+ }
+ break;
+ case CKG_GENERATE_COUNTER_XOR:
+ if ((p->ulIvLen != 96/PR_BITS_PER_BYTE) ||
+ (p->ulIvFixedBits != 32)) {
+ context->isFIPS = PR_FALSE;
+ }
+ break;
+ case CKG_GENERATE_COUNTER:
+ if ((p->ulIvFixedBits < 32) ||
+ ((p->ulIvLen*PR_BITS_PER_BYTE - p->ulIvFixedBits) < 32)) {
+ context->isFIPS = PR_FALSE;
+ }
+ break;
+ }
+ }
+ }
+
if (!pOuttext) {
*pulOuttextLen = ulIntextLen;
return CKR_OK;
}
rv = (*context->aeadUpdate)(context->cipherInfo, pOuttext, &outlen,
maxout, pIntext, ulIntextLen,
pParameter, ulParameterLen,
pAssociatedData, ulAssociatedDataLen);
diff --git a/lib/util/pkcs11n.h b/lib/util/pkcs11n.h
--- a/lib/util/pkcs11n.h
+++ b/lib/util/pkcs11n.h
@@ -148,16 +148,18 @@
/*
* NSS-defined certificate types
*
*/
#define CKC_NSS (CKC_VENDOR_DEFINED | NSSCK_VENDOR_NSS)
/* FAKE PKCS #11 defines */
#define CKA_DIGEST 0x81000000L
+#define CKA_NSS_GENERATE 0x81000001L
+#define CKA_NSS_GENERATE_KEY_PAIR 0x81000002L
#define CKA_NSS_MESSAGE 0x82000000L
#define CKA_NSS_MESSAGE_MASK 0xff000000L
#define CKA_FLAGS_ONLY 0 /* CKA_CLASS */
/*
* NSS-defined object attributes
*
*/

44
SOURCES/nss-3.112-fix-get-interface.patch Normal file
View File

@ -0,0 +1,44 @@
diff --git a/lib/softoken/fipstokn.c b/lib/softoken/fipstokn.c
--- a/lib/softoken/fipstokn.c
+++ b/lib/softoken/fipstokn.c
@@ -244,17 +244,17 @@ fc_getAttribute(CK_ATTRIBUTE_PTR pTempla
#define CK_PKCS11_FUNCTION_INFO(name) CK_RV __PASTE(F, name)
#define CK_NEED_ARG_LIST 1
#include "pkcs11f.h"
/* ------------- build the CK_CRYPTO_TABLE ------------------------- */
static CK_FUNCTION_LIST_3_0 sftk_fipsTable = {
- { CRYPTOKI_VERSION_MAJOR, CRYPTOKI_VERSION_MINOR },
+ { 3, 0 },
#undef CK_NEED_ARG_LIST
#undef CK_PKCS11_FUNCTION_INFO
#define CK_PKCS11_FUNCTION_INFO(name) \
__PASTE(F, name) \
,
diff --git a/lib/softoken/pkcs11.c b/lib/softoken/pkcs11.c
--- a/lib/softoken/pkcs11.c
+++ b/lib/softoken/pkcs11.c
@@ -107,17 +107,17 @@ static PRIntervalTime loginWaitTime;
#define CK_PKCS11_FUNCTION_INFO(name) CK_RV __PASTE(F, name)
#define CK_NEED_ARG_LIST 1
#include "pkcs11f.h"
#endif
/* build the crypto module table */
static CK_FUNCTION_LIST_3_0 sftk_funcList = {
- { CRYPTOKI_VERSION_MAJOR, CRYPTOKI_VERSION_MINOR },
+ { 3, 0 },
#undef CK_PKCS11_FUNCTION_INFO
#undef CK_NEED_ARG_LIST
#define CK_PKCS11_FUNCTION_INFO(func) \
__PASTE(NS, func) \
,
#include "pkcs11f.h"

4027
SOURCES/nss-3.112-replace-xyber-with-mlkem-256.patch Normal file
View File

File diff suppressed because it is too large Load Diff

183
SOURCES/nss-3.112-revert-libpkix-default.patch Normal file
View File

@ -0,0 +1,183 @@
# HG changeset patch
# User Robert Relyea <rrelyea@redhat.com>
# Date 1752603075 25200
# Tue Jul 15 11:11:15 2025 -0700
# Branch RHEL_8
# Node ID 688a6b5db483a4168d15e09d5b243fca79b5b01d
# Parent a87aba54de420d418961245be6e55d354bebd77b
nss-3.101-revert-libpkix-default.patch
diff --git a/lib/certhigh/certvfypkix.c b/lib/certhigh/certvfypkix.c
--- a/lib/certhigh/certvfypkix.c
+++ b/lib/certhigh/certvfypkix.c
@@ -34,17 +34,17 @@ extern PKIX_UInt32
pkix_pl_lifecycle_ObjectLeakCheck(int *);
extern SECStatus
pkix_pl_lifecycle_ObjectTableUpdate(int *objCountTable);
PRInt32 parallelFnInvocationCount;
#endif /* PKIX_OBJECT_LEAK_TEST */
-static PRBool usePKIXValidationEngine = PR_TRUE;
+static PRBool usePKIXValidationEngine = PR_FALSE;
#endif /* NSS_DISABLE_LIBPKIX */
/*
* FUNCTION: CERT_SetUsePKIXForValidation
* DESCRIPTION:
*
* Enables or disables use of libpkix for certificate validation
*
diff --git a/lib/nss/nssinit.c b/lib/nss/nssinit.c
--- a/lib/nss/nssinit.c
+++ b/lib/nss/nssinit.c
@@ -759,19 +759,19 @@ nss_Init(const char *configdir, const ch
#ifndef NSS_DISABLE_LIBPKIX
pkixError = PKIX_Initialize(PKIX_FALSE, PKIX_MAJOR_VERSION, PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION, &actualMinorVersion, &plContext);
if (pkixError != NULL) {
goto loser;
} else {
- char *ev = PR_GetEnvSecure("NSS_DISABLE_PKIX_VERIFY");
+ char *ev = PR_GetEnvSecure("NSS_ENABLE_PKIX_VERIFY");
if (ev && ev[0]) {
- CERT_SetUsePKIXForValidation(PR_FALSE);
+ CERT_SetUsePKIXForValidation(PR_TRUE);
}
}
#endif /* NSS_DISABLE_LIBPKIX */
}
/*
* Now mark the appropriate init state. If initContextPtr was passed
* in, then return the new context pointer and add it to the
diff --git a/tests/all.sh b/tests/all.sh
--- a/tests/all.sh
+++ b/tests/all.sh
@@ -138,28 +138,23 @@ run_tests()
########################## run_cycle_standard ##########################
# run test suites with sql database (no PKIX)
########################################################################
run_cycle_standard()
{
TEST_MODE=STANDARD
- NSS_DISABLE_LIBPKIX_VERIFY="1"
- export NSS_DISABLE_LIBPKIX_VERIFY
-
TESTS="${ALL_TESTS}"
TESTS_SKIP="libpkix pkits"
NSS_DEFAULT_DB_TYPE=${NSS_DEFAULT_DB_TYPE:-"sql"}
export NSS_DEFAULT_DB_TYPE
run_tests
-
- unset NSS_DISABLE_LIBPKIX_VERIFY
}
############################ run_cycle_pkix ############################
# run test suites with PKIX enabled
########################################################################
run_cycle_pkix()
{
TEST_MODE=PKIX
@@ -167,16 +162,19 @@ run_cycle_pkix()
TABLE_ARGS="bgcolor=cyan"
html_head "Testing with PKIX"
html "</TABLE><BR>"
HOSTDIR="${HOSTDIR}/pkix"
mkdir -p "${HOSTDIR}"
init_directories
+ NSS_ENABLE_PKIX_VERIFY="1"
+ export NSS_ENABLE_PKIX_VERIFY
+
TESTS="${ALL_TESTS}"
TESTS_SKIP="cipher dbtests sdr crmf smime merge multinit"
export -n NSS_SSL_RUN
# use the default format. (unset for the shell, export -n for binaries)
export -n NSS_DEFAULT_DB_TYPE
unset NSS_DEFAULT_DB_TYPE
diff --git a/tests/common/init.sh b/tests/common/init.sh
--- a/tests/common/init.sh
+++ b/tests/common/init.sh
@@ -135,18 +135,18 @@ if [ -z "${INIT_SOURCED}" -o "${INIT_SOU
{
echo "HOSTDIR=\"${HOSTDIR}\""
echo "TABLE_ARGS="
echo "NSS_TEST_DISABLE_CRL=${NSS_TEST_DISABLE_CRL}"
echo "NSS_SSL_TESTS=\"${NSS_SSL_TESTS}\""
echo "NSS_SSL_RUN=\"${NSS_SSL_RUN}\""
echo "NSS_DEFAULT_DB_TYPE=${NSS_DEFAULT_DB_TYPE}"
echo "export NSS_DEFAULT_DB_TYPE"
- echo "NSS_DISABLE_PKIX_VERIFY=${NSS_DISABLE_PKIX_VERIFY}"
- echo "export NSS_DISABLE_PKIX_VERIFY"
+ echo "NSS_ENABLE_PKIX_VERIFY=${NSS_ENABLE_PKIX_VERIFY}"
+ echo "export NSS_ENABLE_PKIX_VERIFY"
echo "init_directories"
}
# Exit shellfunction to clean up at exit (error, regular or signal)
Exit()
{
if [ -n "$1" ] ; then
echo "$SCRIPTNAME: Exit: $* - FAILED"
diff --git a/tests/ssl/ssl.sh b/tests/ssl/ssl.sh
--- a/tests/ssl/ssl.sh
+++ b/tests/ssl/ssl.sh
@@ -957,18 +957,19 @@ ssl_policy_listsuites()
html "</TABLE><BR>"
}
ssl_policy_pkix_ocsp()
{
#verbose="-v"
html_head "Check that OCSP doesn't break if we disable sha1 $NORM_EXT - server $SERVER_MODE/client $CLIENT_MODE"
- PKIX_SAVE=${NSS_DISABLE_LIBPKIX_VERIFY-"unset"}
- unset NSS_DISABLE_LIBPKIX_VERIFY
+ PKIX_SAVE=${NSS_ENABLE_PKIX_VERIFY-"unset"}
+ NSS_ENABLE_PKIX_VERIFY="1"
+ export NSS_ENABLE_PKIX_VERIFY
testname=""
if [ ! -f "${P_R_SERVERDIR}/pkcs11.txt" ] ; then
html_failed "${SCRIPTNAME}: ${P_R_SERVERDIR} is not initialized"
return 1;
fi
@@ -983,20 +984,22 @@ ssl_policy_pkix_ocsp()
vfyserv -o wrong.host.badssl.com -d ${P_R_SERVERDIR} 2>&1 | tee ${P_R_SERVERDIR}/vfy.out
# make sure we have the domain mismatch, not bad signature error
echo "grep -E '12276|5961' ${P_R_SERVERDIR}/vfy.out"
grep -E '12276|5961' ${P_R_SERVERDIR}/vfy.out
RET=$?
html_msg $RET $RET_EXP "${testname}" \
"produced a returncode of $RET, expected is $RET_EXP"
- if [ "{PKIX_SAVE}" != "unset" ]; then
- export NSS_DISABLE_LIBPKIX_VERIFY=${PKIX_SAVE}
+ if [ "${PKIX_SAVE}" = "unset" ]; then
+ unset NSS_ENABLE_PKIX_VERIFY
+ else
+ NSS_ENABLE_PKIX_VERIFY=${PKIX_SAVE}
+ export NSS_ENABLE_PKIX_VERIFY
fi
-
cp ${P_R_SERVERDIR}/pkcs11.txt.sav ${P_R_SERVERDIR}/pkcs11.txt
html "</TABLE><BR>"
}
############################## ssl_policy_selfserv #####################
# local shell function to perform SSL Policy tests, using selfserv

20
SOURCES/nss-3.71-camellia-pkcs12-doc.patch
View File

@ -1,20 +0,0 @@
diff -up ./doc/pk12util.xml.camellia ./doc/pk12util.xml
--- ./doc/pk12util.xml.camellia 2022-01-26 09:46:39.794919455 -0800
+++ ./doc/pk12util.xml 2022-01-26 09:54:58.277019760 -0800
@@ -317,7 +317,7 @@ Certificate Friendly Name: Thawte Fre
<refsection id="encryption">
<title>Password Encryption</title>
- <para>PKCS #12 provides for not only the protection of the private keys but also the certificate and meta-data associated with the keys. Password-based encryption is used to protect private keys on export to a PKCS #12 file and, optionally, the associated certificates. If no algorithm is specified, the tool defaults to using PKCS #12 SHA-1 and 3-key triple DES for private key encryption. When not in FIPS mode, PKCS #12 SHA-1 and 40-bit RC4 is used for certificate encryption. When in FIPS mode, there is no certificate encryption. If certificate encryption is not wanted, specify <userinput>"NONE"</userinput> as the argument of the <option>-C</option> option.</para>
+ <para>PKCS #12 provides for not only the protection of the private keys but also the certificate and meta-data associated with the keys. Password-based encryption is used to protect private keys on export to a PKCS #12 file and, optionally, the associated certificates. If no algorithm is specified, the tool defaults to using AES-256-CBC for private key encryption and AES-128-CBC for certificate encryption. If certificate encryption is not wanted, specify <userinput>"NONE"</userinput> as the argument of the <option>-C</option> option.</para>
<para>The private key is always protected with strong encryption by default.</para>
<para>Several types of ciphers are supported.</para>
<variablelist>
@@ -327,6 +327,7 @@ Certificate Friendly Name: Thawte Fre
<listitem>
<itemizedlist>
<listitem><para>PBES2 with AES-CBC-Pad as underlying encryption scheme (<userinput>"AES-128-CBC"</userinput>, <userinput>"AES-192-CBC"</userinput>, and <userinput>"AES-256-CBC"</userinput>)</para></listitem>
+ <listitem><para>PBES2 with CAMELLIA-CBC-Pad as underlying encryption scheme (<userinput>"CAMELLIA-128-CBC"</userinput>, <userinput>"CAMELLIA-192-CBC"</userinput>, and <userinput>"CAMELLIA-256-CBC"</userinput>)</para></listitem>
</itemizedlist>
</listitem>
</varlistentry>

12
SOURCES/nss-3.71-fix-lto-gtests.patch
View File

@ -1,12 +1,7 @@
diff --git a/gtests/ssl_gtest/tls_subcerts_unittest.cc b/gtests/ssl_gtest/tls_subcerts_unittest.cc diff --git a/gtests/ssl_gtest/tls_subcerts_unittest.cc b/gtests/ssl_gtest/tls_subcerts_unittest.cc
--- a/gtests/ssl_gtest/tls_subcerts_unittest.cc --- a/gtests/ssl_gtest/tls_subcerts_unittest.cc
+++ b/gtests/ssl_gtest/tls_subcerts_unittest.cc +++ b/gtests/ssl_gtest/tls_subcerts_unittest.cc
@@ -8,23 +8,32 @@ @@ -15,13 +15,22 @@
#include "prtime.h"
#include "secerr.h"
#include "ssl.h"
#include "gtest_utils.h" #include "gtest_utils.h"
#include "tls_agent.h" #include "tls_agent.h"
#include "tls_connect.h" #include "tls_connect.h"
@ -29,8 +24,3 @@ diff --git a/gtests/ssl_gtest/tls_subcerts_unittest.cc b/gtests/ssl_gtest/tls_su
const SSLSignatureScheme kDCScheme = ssl_sig_ecdsa_secp256r1_sha256; const SSLSignatureScheme kDCScheme = ssl_sig_ecdsa_secp256r1_sha256;
const PRUint32 kDCValidFor = 60 * 60 * 24 * 7 /* 1 week (seconds) */; const PRUint32 kDCValidFor = 60 * 60 * 24 * 7 /* 1 week (seconds) */;
static void CheckPreliminaryPeerDelegCred(
const std::shared_ptr<TlsAgent>& client, bool expected,
PRUint32 key_bits = 0, SSLSignatureScheme sig_scheme = ssl_sig_none) {
EXPECT_NE(0U, (client->pre_info().valuesSet & ssl_preinfo_peer_auth));
EXPECT_EQ(expected, client->pre_info().peerDelegCred);

3411
SOURCES/nss-3.79-dbtool.patch
View File

File diff suppressed because it is too large Load Diff

375
SOURCES/nss-3.79-distrusted-certs.patch
View File

@ -1,375 +0,0 @@
# HG changeset patch
# User John M. Schanck <jschanck@mozilla.com>
# Date 1648094761 0
# Thu Mar 24 04:06:01 2022 +0000
# Node ID b722e523d66297fe4bc1fac0ebb06203138eccbb
# Parent 853b64626b19a46f41f4ba9c684490dc15923c94
Bug 1751305 - Remove expired explicitly distrusted certificates from certdata.txt. r=KathleenWilson
Differential Revision: https://phabricator.services.mozilla.com/D141919
diff --git a/lib/ckfw/builtins/certdata.txt b/lib/ckfw/builtins/certdata.txt
--- a/lib/ckfw/builtins/certdata.txt
+++ b/lib/ckfw/builtins/certdata.txt
@@ -7663,197 +7663,16 @@ CKA_SERIAL_NUMBER MULTILINE_OCTAL
\377\377
END
CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_NOT_TRUSTED
CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_NOT_TRUSTED
CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_NOT_TRUSTED
CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
#
-# Certificate "Explicitly Distrusted DigiNotar PKIoverheid G2"
-#
-# Issuer: CN=DigiNotar PKIoverheid CA Organisatie - G2,O=DigiNotar B.V.,C=NL
-# Serial Number: 268435455 (0xfffffff)
-# Subject: CN=DigiNotar PKIoverheid CA Organisatie - G2,O=DigiNotar B.V.,C=NL
-# Not Valid Before: Wed May 12 08:51:39 2010
-# Not Valid After : Mon Mar 23 09:50:05 2020
-# Fingerprint (MD5): 2E:61:A2:D1:78:CE:EE:BF:59:33:B0:23:14:0F:94:1C
-# Fingerprint (SHA1): D5:F2:57:A9:BF:2D:D0:3F:8B:46:57:F9:2B:C9:A4:C6:92:E1:42:42
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Explicitly Distrusted DigiNotar PKIoverheid G2"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\132\061\013\060\011\006\003\125\004\006\023\002\116\114\061
-\027\060\025\006\003\125\004\012\014\016\104\151\147\151\116\157
-\164\141\162\040\102\056\126\056\061\062\060\060\006\003\125\004
-\003\014\051\104\151\147\151\116\157\164\141\162\040\120\113\111
-\157\166\145\162\150\145\151\144\040\103\101\040\117\162\147\141
-\156\151\163\141\164\151\145\040\055\040\107\062
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\132\061\013\060\011\006\003\125\004\006\023\002\116\114\061
-\027\060\025\006\003\125\004\012\014\016\104\151\147\151\116\157
-\164\141\162\040\102\056\126\056\061\062\060\060\006\003\125\004
-\003\014\051\104\151\147\151\116\157\164\141\162\040\120\113\111
-\157\166\145\162\150\145\151\144\040\103\101\040\117\162\147\141
-\156\151\163\141\164\151\145\040\055\040\107\062
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\004\017\377\377\377
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\006\225\060\202\004\175\240\003\002\001\002\002\004\017
-\377\377\377\060\015\006\011\052\206\110\206\367\015\001\001\013
-\005\000\060\132\061\013\060\011\006\003\125\004\006\023\002\116
-\114\061\027\060\025\006\003\125\004\012\014\016\104\151\147\151
-\116\157\164\141\162\040\102\056\126\056\061\062\060\060\006\003
-\125\004\003\014\051\104\151\147\151\116\157\164\141\162\040\120
-\113\111\157\166\145\162\150\145\151\144\040\103\101\040\117\162
-\147\141\156\151\163\141\164\151\145\040\055\040\107\062\060\036
-\027\015\061\060\060\065\061\062\060\070\065\061\063\071\132\027
-\015\062\060\060\063\062\063\060\071\065\060\060\065\132\060\132
-\061\013\060\011\006\003\125\004\006\023\002\116\114\061\027\060
-\025\006\003\125\004\012\014\016\104\151\147\151\116\157\164\141
-\162\040\102\056\126\056\061\062\060\060\006\003\125\004\003\014
-\051\104\151\147\151\116\157\164\141\162\040\120\113\111\157\166
-\145\162\150\145\151\144\040\103\101\040\117\162\147\141\156\151
-\163\141\164\151\145\040\055\040\107\062\060\202\002\042\060\015
-\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202\002
-\017\000\060\202\002\012\002\202\002\001\000\261\023\031\017\047
-\346\154\324\125\206\113\320\354\211\212\105\221\170\254\107\275
-\107\053\344\374\105\353\117\264\046\163\133\067\323\303\177\366
-\343\336\327\243\370\055\150\305\010\076\113\224\326\344\207\045
-\066\153\204\265\030\164\363\050\130\163\057\233\152\317\274\004
-\036\366\336\335\257\374\113\252\365\333\146\142\045\001\045\202
-\336\362\227\132\020\156\335\135\251\042\261\004\251\043\163\072
-\370\161\255\035\317\204\104\353\107\321\257\155\310\174\050\253
-\307\362\067\172\164\137\137\305\002\024\212\243\132\343\033\154
-\001\343\135\216\331\150\326\364\011\033\062\334\221\265\054\365
-\040\353\214\003\155\046\111\270\223\304\205\135\330\322\233\257
-\126\152\314\005\063\314\240\102\236\064\125\104\234\153\240\324
-\022\320\053\124\315\267\211\015\345\366\353\350\373\205\001\063
-\117\172\153\361\235\162\063\226\016\367\262\204\245\245\047\304
-\047\361\121\163\051\167\272\147\156\376\114\334\264\342\241\241
-\201\057\071\111\215\103\070\023\316\320\245\134\302\207\072\000
-\147\145\102\043\361\066\131\012\035\243\121\310\274\243\224\052
-\061\337\343\074\362\235\032\074\004\260\357\261\012\060\023\163
-\266\327\363\243\114\001\165\024\205\170\300\327\212\071\130\205
-\120\372\056\346\305\276\317\213\077\257\217\066\324\045\011\055
-\322\017\254\162\223\362\277\213\324\120\263\371\025\120\233\231
-\365\024\331\373\213\221\243\062\046\046\240\370\337\073\140\201
-\206\203\171\133\053\353\023\075\051\072\301\155\335\275\236\216
-\207\326\112\256\064\227\005\356\024\246\366\334\070\176\112\351
-\044\124\007\075\227\150\067\106\153\015\307\250\041\257\023\124
-\344\011\152\361\115\106\012\311\135\373\233\117\275\336\373\267
-\124\313\270\070\234\247\071\373\152\055\300\173\215\253\245\247
-\127\354\112\222\212\063\305\341\040\134\163\330\220\222\053\200
-\325\017\206\030\151\174\071\117\204\206\274\367\114\133\363\325
-\264\312\240\302\360\067\042\312\171\122\037\123\346\252\363\220
-\260\073\335\362\050\375\254\353\305\006\044\240\311\324\057\017
-\130\375\265\236\354\017\317\262\131\320\242\004\172\070\152\256
-\162\373\275\360\045\142\224\011\247\005\013\002\003\001\000\001
-\243\202\001\141\060\202\001\135\060\110\006\003\125\035\040\004
-\101\060\077\060\075\006\004\125\035\040\000\060\065\060\063\006
-\010\053\006\001\005\005\007\002\001\026\047\150\164\164\160\072
-\057\057\167\167\167\056\144\151\147\151\156\157\164\141\162\056
-\156\154\057\143\160\163\057\160\153\151\157\166\145\162\150\145
-\151\144\060\017\006\003\125\035\023\001\001\377\004\005\060\003
-\001\001\377\060\016\006\003\125\035\017\001\001\377\004\004\003
-\002\001\006\060\201\205\006\003\125\035\043\004\176\060\174\200
-\024\071\020\213\111\222\134\333\141\022\040\315\111\235\032\216
-\332\234\147\100\271\241\136\244\134\060\132\061\013\060\011\006
-\003\125\004\006\023\002\116\114\061\036\060\034\006\003\125\004
-\012\014\025\123\164\141\141\164\040\144\145\162\040\116\145\144
-\145\162\154\141\156\144\145\156\061\053\060\051\006\003\125\004
-\003\014\042\123\164\141\141\164\040\144\145\162\040\116\145\144
-\145\162\154\141\156\144\145\156\040\122\157\157\164\040\103\101
-\040\055\040\107\062\202\004\000\230\226\364\060\111\006\003\125
-\035\037\004\102\060\100\060\076\240\074\240\072\206\070\150\164
-\164\160\072\057\057\143\162\154\056\160\153\151\157\166\145\162
-\150\145\151\144\056\156\154\057\104\157\155\117\162\147\141\156
-\151\163\141\164\151\145\114\141\164\145\163\164\103\122\114\055
-\107\062\056\143\162\154\060\035\006\003\125\035\016\004\026\004
-\024\274\135\224\073\331\253\173\003\045\163\141\302\333\055\356
-\374\253\217\145\241\060\015\006\011\052\206\110\206\367\015\001
-\001\013\005\000\003\202\002\001\000\217\374\055\114\267\331\055
-\325\037\275\357\313\364\267\150\027\165\235\116\325\367\335\234
-\361\052\046\355\237\242\266\034\003\325\123\263\354\010\317\064
-\342\343\303\364\265\026\057\310\303\276\327\323\163\253\000\066
-\371\032\112\176\326\143\351\136\106\272\245\266\216\025\267\243
-\052\330\103\035\357\135\310\037\201\205\263\213\367\377\074\364
-\331\364\106\010\077\234\274\035\240\331\250\114\315\045\122\116
-\012\261\040\367\037\351\103\331\124\106\201\023\232\300\136\164
-\154\052\230\062\352\374\167\273\015\245\242\061\230\042\176\174
-\174\347\332\244\255\354\267\056\032\031\161\370\110\120\332\103
-\217\054\204\335\301\100\047\343\265\360\025\116\226\324\370\134
-\343\206\051\106\053\327\073\007\353\070\177\310\206\127\227\323
-\357\052\063\304\027\120\325\144\151\153\053\153\105\136\135\057
-\027\312\132\116\317\303\327\071\074\365\073\237\106\271\233\347
-\016\111\227\235\326\325\343\033\017\352\217\001\116\232\023\224
-\131\012\002\007\110\113\032\140\253\177\117\355\013\330\125\015
-\150\157\125\234\151\145\025\102\354\300\334\335\154\254\303\026
-\316\013\035\126\233\244\304\304\322\056\340\017\342\104\047\053
-\120\151\244\334\142\350\212\041\051\102\154\314\000\072\226\166
-\233\357\100\300\244\136\167\204\062\154\046\052\071\146\256\135
-\343\271\271\262\054\150\037\036\232\220\003\071\360\252\263\244
-\314\111\213\030\064\351\067\311\173\051\307\204\174\157\104\025
-\057\354\141\131\004\311\105\313\242\326\122\242\174\177\051\222
-\326\112\305\213\102\250\324\376\352\330\307\207\043\030\344\235
-\172\175\163\100\122\230\240\256\156\343\005\077\005\017\340\245
-\306\155\115\355\203\067\210\234\307\363\334\102\232\152\266\327
-\041\111\066\167\362\357\030\117\305\160\331\236\351\336\267\053
-\213\364\274\176\050\337\015\100\311\205\134\256\235\305\061\377
-\320\134\016\265\250\176\360\351\057\272\257\210\256\345\265\321
-\130\245\257\234\161\247\051\001\220\203\151\067\202\005\272\374
-\011\301\010\156\214\170\073\303\063\002\200\077\104\205\010\035
-\337\125\126\010\255\054\205\055\135\261\003\341\256\252\164\305
-\244\363\116\272\067\230\173\202\271
-END
-
-# Trust for Certificate "Explicitly Distrusted DigiNotar PKIoverheid G2"
-# Issuer: CN=DigiNotar PKIoverheid CA Organisatie - G2,O=DigiNotar B.V.,C=NL
-# Serial Number: 268435455 (0xfffffff)
-# Subject: CN=DigiNotar PKIoverheid CA Organisatie - G2,O=DigiNotar B.V.,C=NL
-# Not Valid Before: Wed May 12 08:51:39 2010
-# Not Valid After : Mon Mar 23 09:50:05 2020
-# Fingerprint (MD5): 2E:61:A2:D1:78:CE:EE:BF:59:33:B0:23:14:0F:94:1C
-# Fingerprint (SHA1): D5:F2:57:A9:BF:2D:D0:3F:8B:46:57:F9:2B:C9:A4:C6:92:E1:42:42
-CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Explicitly Distrusted DigiNotar PKIoverheid G2"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\325\362\127\251\277\055\320\077\213\106\127\371\053\311\244\306
-\222\341\102\102
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\056\141\242\321\170\316\356\277\131\063\260\043\024\017\224\034
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\132\061\013\060\011\006\003\125\004\006\023\002\116\114\061
-\027\060\025\006\003\125\004\012\014\016\104\151\147\151\116\157
-\164\141\162\040\102\056\126\056\061\062\060\060\006\003\125\004
-\003\014\051\104\151\147\151\116\157\164\141\162\040\120\113\111
-\157\166\145\162\150\145\151\144\040\103\101\040\117\162\147\141
-\156\151\163\141\164\151\145\040\055\040\107\062
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\004\017\377\377\377
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_NOT_TRUSTED
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_NOT_TRUSTED
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_NOT_TRUSTED
-CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
-
-#
# Certificate "Security Communication RootCA2"
#
# Issuer: OU=Security Communication RootCA2,O="SECOM Trust Systems CO.,LTD.",C=JP
# Serial Number: 0 (0x0)
# Subject: OU=Security Communication RootCA2,O="SECOM Trust Systems CO.,LTD.",C=JP
# Not Valid Before: Fri May 29 05:00:39 2009
# Not Valid After : Tue May 29 05:00:39 2029
# Fingerprint (SHA-256): 51:3B:2C:EC:B8:10:D4:CD:E5:DD:85:39:1A:DF:C6:C2:DD:60:D8:7B:B7:36:D2:B5:21:48:4A:A4:7A:0E:BE:F6
@@ -8337,78 +8156,16 @@ END
CKA_SERIAL_NUMBER MULTILINE_OCTAL
\002\001\000
END
CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
-# Explicitly Distrust "MITM subCA 1 issued by Trustwave", Bug 724929
-# Issuer: E=ca@trustwave.com,CN="Trustwave Organization Issuing CA, Level 2",O="Trustwave Holdings, Inc.",L=Chicago,ST=Illinois,C=US
-# Serial Number: 1800000005 (0x6b49d205)
-# Not Before: Apr 7 15:37:15 2011 GMT
-# Not After : Apr 4 15:37:15 2021 GMT
-CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "MITM subCA 1 issued by Trustwave"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\253\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\021\060\017\006\003\125\004\010\023\010\111\154\154\151\156
-\157\151\163\061\020\060\016\006\003\125\004\007\023\007\103\150
-\151\143\141\147\157\061\041\060\037\006\003\125\004\012\023\030
-\124\162\165\163\164\167\141\166\145\040\110\157\154\144\151\156
-\147\163\054\040\111\156\143\056\061\063\060\061\006\003\125\004
-\003\023\052\124\162\165\163\164\167\141\166\145\040\117\162\147
-\141\156\151\172\141\164\151\157\156\040\111\163\163\165\151\156
-\147\040\103\101\054\040\114\145\166\145\154\040\062\061\037\060
-\035\006\011\052\206\110\206\367\015\001\011\001\026\020\143\141
-\100\164\162\165\163\164\167\141\166\145\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\004\153\111\322\005
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_NOT_TRUSTED
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_NOT_TRUSTED
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_NOT_TRUSTED
-CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
-
-# Explicitly Distrust "MITM subCA 2 issued by Trustwave", Bug 724929
-# Issuer: E=ca@trustwave.com,CN="Trustwave Organization Issuing CA, Level 2",O="Trustwave Holdings, Inc.",L=Chicago,ST=Illinois,C=US
-# Serial Number: 1800000006 (0x6b49d206)
-# Not Before: Apr 18 21:09:30 2011 GMT
-# Not After : Apr 15 21:09:30 2021 GMT
-CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "MITM subCA 2 issued by Trustwave"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\253\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\021\060\017\006\003\125\004\010\023\010\111\154\154\151\156
-\157\151\163\061\020\060\016\006\003\125\004\007\023\007\103\150
-\151\143\141\147\157\061\041\060\037\006\003\125\004\012\023\030
-\124\162\165\163\164\167\141\166\145\040\110\157\154\144\151\156
-\147\163\054\040\111\156\143\056\061\063\060\061\006\003\125\004
-\003\023\052\124\162\165\163\164\167\141\166\145\040\117\162\147
-\141\156\151\172\141\164\151\157\156\040\111\163\163\165\151\156
-\147\040\103\101\054\040\114\145\166\145\154\040\062\061\037\060
-\035\006\011\052\206\110\206\367\015\001\011\001\026\020\143\141
-\100\164\162\165\163\164\167\141\166\145\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\004\153\111\322\006
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_NOT_TRUSTED
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_NOT_TRUSTED
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_NOT_TRUSTED
-CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
-
#
# Certificate "Actalis Authentication Root CA"
#
# Issuer: CN=Actalis Authentication Root CA,O=Actalis S.p.A./03358520967,L=Milan,C=IT
# Serial Number:57:0a:11:97:42:c4:e3:cc
# Subject: CN=Actalis Authentication Root CA,O=Actalis S.p.A./03358520967,L=Milan,C=IT
# Not Valid Before: Thu Sep 22 11:22:02 2011
# Not Valid After : Sun Sep 22 11:22:02 2030
@@ -9042,84 +8799,16 @@ END
CKA_SERIAL_NUMBER MULTILINE_OCTAL
\002\001\001
END
CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
-# Explicitly Distrust "TURKTRUST Mis-issued Intermediate CA 1", Bug 825022
-# Issuer: O=T..RKTRUST Bilgi ..leti..im ve Bili..im G..venli..i Hizmetleri A...,C=TR,CN=T..RKTRUST Elektronik Sunucu Sertifikas.. Hizmetleri
-# Serial Number: 2087 (0x827)
-# Subject: CN=*.EGO.GOV.TR,OU=EGO BILGI ISLEM,O=EGO,L=ANKARA,ST=ANKARA,C=TR
-# Not Valid Before: Mon Aug 08 07:07:51 2011
-# Not Valid After : Tue Jul 06 07:07:51 2021
-# Fingerprint (MD5): F8:F5:25:FF:0C:31:CF:85:E1:0C:86:17:C1:CE:1F:8E
-# Fingerprint (SHA1): C6:9F:28:C8:25:13:9E:65:A6:46:C4:34:AC:A5:A1:D2:00:29:5D:B1
-CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "TURKTRUST Mis-issued Intermediate CA 1"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\254\061\075\060\073\006\003\125\004\003\014\064\124\303
-\234\122\113\124\122\125\123\124\040\105\154\145\153\164\162\157
-\156\151\153\040\123\165\156\165\143\165\040\123\145\162\164\151
-\146\151\153\141\163\304\261\040\110\151\172\155\145\164\154\145
-\162\151\061\013\060\011\006\003\125\004\006\023\002\124\122\061
-\136\060\134\006\003\125\004\012\014\125\124\303\234\122\113\124
-\122\125\123\124\040\102\151\154\147\151\040\304\260\154\145\164
-\151\305\237\151\155\040\166\145\040\102\151\154\151\305\237\151
-\155\040\107\303\274\166\145\156\154\151\304\237\151\040\110\151
-\172\155\145\164\154\145\162\151\040\101\056\305\236\056\040\050
-\143\051\040\113\141\163\304\261\155\040\040\062\060\060\065
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\002\010\047
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_NOT_TRUSTED
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_NOT_TRUSTED
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_NOT_TRUSTED
-CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
-
-# Explicitly Distrust "TURKTRUST Mis-issued Intermediate CA 2", Bug 825022
-# Issuer: O=T..RKTRUST Bilgi ..leti..im ve Bili..im G..venli..i Hizmetleri A...,C=TR,CN=T..RKTRUST Elektronik Sunucu Sertifikas.. Hizmetleri
-# Serial Number: 2148 (0x864)
-# Subject: E=ileti@kktcmerkezbankasi.org,CN=e-islem.kktcmerkezbankasi.org,O=KKTC Merkez Bankasi,L=Lefkosa,ST=Lefkosa,C=TR
-# Not Valid Before: Mon Aug 08 07:07:51 2011
-# Not Valid After : Thu Aug 05 07:07:51 2021
-# Fingerprint (MD5): BF:C3:EC:AD:0F:42:4F:B4:B5:38:DB:35:BF:AD:84:A2
-# Fingerprint (SHA1): F9:2B:E5:26:6C:C0:5D:B2:DC:0D:C3:F2:DC:74:E0:2D:EF:D9:49:CB
-CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "TURKTRUST Mis-issued Intermediate CA 2"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\254\061\075\060\073\006\003\125\004\003\014\064\124\303
-\234\122\113\124\122\125\123\124\040\105\154\145\153\164\162\157
-\156\151\153\040\123\165\156\165\143\165\040\123\145\162\164\151
-\146\151\153\141\163\304\261\040\110\151\172\155\145\164\154\145
-\162\151\061\013\060\011\006\003\125\004\006\023\002\124\122\061
-\136\060\134\006\003\125\004\012\014\125\124\303\234\122\113\124
-\122\125\123\124\040\102\151\154\147\151\040\304\260\154\145\164
-\151\305\237\151\155\040\166\145\040\102\151\154\151\305\237\151
-\155\040\107\303\274\166\145\156\154\151\304\237\151\040\110\151
-\172\155\145\164\154\145\162\151\040\101\056\305\236\056\040\050
-\143\051\040\113\141\163\304\261\155\040\040\062\060\060\065
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\002\010\144
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_NOT_TRUSTED
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_NOT_TRUSTED
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_NOT_TRUSTED
-CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
-
#
# Certificate "D-TRUST Root Class 3 CA 2 2009"
#
# Issuer: CN=D-TRUST Root Class 3 CA 2 2009,O=D-Trust GmbH,C=DE
# Serial Number: 623603 (0x983f3)
# Subject: CN=D-TRUST Root Class 3 CA 2 2009,O=D-Trust GmbH,C=DE
# Not Valid Before: Thu Nov 05 08:35:58 2009
# Not Valid After : Mon Nov 05 08:35:58 2029

170
SOURCES/nss-3.79-dont-verify-default.patch
View File

@ -1,170 +0,0 @@
diff --git a/lib/softoken/legacydb/pcertdb.c b/lib/softoken/legacydb/pcertdb.c
--- a/lib/softoken/legacydb/pcertdb.c
+++ b/lib/softoken/legacydb/pcertdb.c
@@ -4272,16 +4272,17 @@ CreateTrust(void)
{
NSSLOWCERTTrust *trust = NULL;
nsslowcert_LockFreeList();
trust = trustListHead;
if (trust) {
trustListCount--;
trustListHead = trust->next;
+ trust->next = NULL;
}
PORT_Assert(trustListCount >= 0);
nsslowcert_UnlockFreeList();
if (trust) {
return trust;
}
return PORT_ZNew(NSSLOWCERTTrust);
@@ -5155,19 +5156,21 @@ done:
}
PRBool
nsslowcert_hasTrust(NSSLOWCERTCertTrust *trust)
{
if (trust == NULL) {
return PR_FALSE;
}
- return !((trust->sslFlags & CERTDB_TRUSTED_UNKNOWN) &&
- (trust->emailFlags & CERTDB_TRUSTED_UNKNOWN) &&
- (trust->objectSigningFlags & CERTDB_TRUSTED_UNKNOWN));
+ /* if we only have CERTDB__USER and CERTDB_TRUSTED_UNKNOWN bits, then
+ * we don't have a trust record. */
+ return !(((trust->sslFlags & ~(CERTDB_USER|CERTDB_TRUSTED_UNKNOWN)) == 0) &&
+ ((trust->emailFlags & ~(CERTDB_USER|CERTDB_TRUSTED_UNKNOWN)) == 0) &&
+ ((trust->objectSigningFlags & ~(CERTDB_USER|CERTDB_TRUSTED_UNKNOWN)) == 0));
}
/*
* This function has the logic that decides if another person's cert and
* email profile from an S/MIME message should be saved. It can deal with
* the case when there is no profile.
*/
static SECStatus
diff --git a/lib/softoken/sftkdb.c b/lib/softoken/sftkdb.c
--- a/lib/softoken/sftkdb.c
+++ b/lib/softoken/sftkdb.c
@@ -119,47 +119,79 @@ sftkdb_isAuthenticatedAttribute(CK_ATTRI
case CKA_TRUST_STEP_UP_APPROVED:
case CKA_NSS_OVERRIDE_EXTENSIONS:
return PR_TRUE;
default:
break;
}
return PR_FALSE;
}
-
/*
* convert a native ULONG to a database ulong. Database ulong's
* are all 4 byte big endian values.
*/
void
sftk_ULong2SDBULong(unsigned char *data, CK_ULONG value)
{
int i;
for (i = 0; i < SDB_ULONG_SIZE; i++) {
data[i] = (value >> (SDB_ULONG_SIZE - 1 - i) * BBP) & 0xff;
}
}
/*
* convert a database ulong back to a native ULONG. (reverse of the above
- * function.
+ * function).
*/
static CK_ULONG
sftk_SDBULong2ULong(unsigned char *data)
{
int i;
CK_ULONG value = 0;
for (i = 0; i < SDB_ULONG_SIZE; i++) {
value |= (((CK_ULONG)data[i]) << (SDB_ULONG_SIZE - 1 - i) * BBP);
}
return value;
}
+/* certain trust records are default values, which are the values
+ * returned if the signature check fails anyway.
+ * In those cases, we can skip the signature check. */
+PRBool
+sftkdb_isNullTrust(const CK_ATTRIBUTE *template)
+{
+ switch (template->type) {
+ case CKA_TRUST_SERVER_AUTH:
+ case CKA_TRUST_CLIENT_AUTH:
+ case CKA_TRUST_EMAIL_PROTECTION:
+ case CKA_TRUST_CODE_SIGNING:
+ if (template->ulValueLen != SDB_ULONG_SIZE) {
+ break;
+ }
+ if (sftk_SDBULong2ULong(template->pValue) ==
+ CKT_NSS_TRUST_UNKNOWN) {
+ return PR_TRUE;
+ }
+ break;
+ case CKA_TRUST_STEP_UP_APPROVED:
+ if (template->ulValueLen != 1) {
+ break;
+ }
+ if (*((unsigned char *)(template->pValue)) == 0) {
+ return PR_TRUE;
+ }
+ break;
+ default:
+ break;
+ }
+ return PR_FALSE;
+}
+
/*
* fix up the input templates. Our fixed up ints are stored in data and must
* be freed by the caller. The new template must also be freed. If there are no
* CK_ULONG attributes, the orignal template is passed in as is.
*/
static CK_ATTRIBUTE *
sftkdb_fixupTemplateIn(const CK_ATTRIBUTE *template, int count,
unsigned char **dataOut, int *dataOutSize)
@@ -410,17 +442,18 @@ sftkdb_fixupTemplateOut(CK_ATTRIBUTE *te
}
/* copy the plain text back into the template */
PORT_Memcpy(template[i].pValue, plainText->data, plainText->len);
template[i].ulValueLen = plainText->len;
SECITEM_ZfreeItem(plainText, PR_TRUE);
}
/* make sure signed attributes are valid */
- if (checkSig && sftkdb_isAuthenticatedAttribute(ntemplate[i].type)) {
+ if (checkSig && sftkdb_isAuthenticatedAttribute(ntemplate[i].type)
+ && !sftkdb_isNullTrust(&ntemplate[i])) {
SECStatus rv;
CK_RV local_crv;
SECItem signText;
SECItem plainText;
unsigned char signData[SDB_MAX_META_DATA_LEN];
signText.data = signData;
signText.len = sizeof(signData);
@@ -2387,16 +2420,18 @@ sftkdb_mergeObject(SFTKDBHandle *handle,
crv = (*source->sdb_GetAttributeValue)(source, id,
ptemplate, max_attributes);
if (crv != CKR_OK) {
goto loser;
}
objectType = sftkdb_getULongFromTemplate(CKA_CLASS, ptemplate,
max_attributes);
+/*printf(" - merging object Type 0x%08lx id=0x%08lx updateID=%s\n", objectType, id,
+ handle->updateID?handle->updateID: "<NULL>");*/
/*
* Update Object updates the object template if necessary then returns
* whether or not we need to actually write the object out to our target
* database.
*/
if (!handle->updateID) {
crv = sftkdb_CreateObject(arena, handle, target, &newID,

522
SOURCES/nss-3.79-enable-POST-rerun.patch
View File

@ -1,522 +0,0 @@
diff --git a/cmd/bltest/blapitest.c b/cmd/bltest/blapitest.c
--- a/cmd/bltest/blapitest.c
+++ b/cmd/bltest/blapitest.c
@@ -3870,17 +3870,17 @@ main(int argc, char **argv)
rv = blapi_selftest(modesToTest, numModesToTest, inoff, outoff,
encrypt, decrypt);
PORT_Free(cipherInfo);
return rv == SECSuccess ? 0 : 1;
}
/* Do FIPS self-test */
if (bltest.commands[cmd_FIPS].activated) {
- CK_RV ckrv = sftk_FIPSEntryOK();
+ CK_RV ckrv = sftk_FIPSEntryOK(PR_FALSE);
fprintf(stdout, "CK_RV: %ld.\n", ckrv);
PORT_Free(cipherInfo);
if (ckrv == CKR_OK)
return SECSuccess;
return SECFailure;
}
/*
diff --git a/cmd/pk11mode/pk11mode.c b/cmd/pk11mode/pk11mode.c
--- a/cmd/pk11mode/pk11mode.c
+++ b/cmd/pk11mode/pk11mode.c
@@ -318,23 +318,25 @@ static PRBool verbose = PR_FALSE;
int
main(int argc, char **argv)
{
CK_C_GetFunctionList pC_GetFunctionList;
CK_FUNCTION_LIST_PTR pFunctionList;
CK_RV crv = CKR_OK;
CK_C_INITIALIZE_ARGS_NSS initArgs;
+ CK_C_INITIALIZE_ARGS_NSS initArgsRerun; /* rerun selftests */
CK_SLOT_ID *pSlotList = NULL;
CK_TOKEN_INFO tokenInfo;
CK_ULONG slotID = 0; /* slotID == 0 for FIPSMODE */
CK_UTF8CHAR *pwd = NULL;
CK_ULONG pwdLen = 0;
char *moduleSpec = NULL;
+ char *moduleSpecRerun = NULL;
char *configDir = NULL;
char *dbPrefix = NULL;
char *disableUnload = NULL;
PRBool doForkTests = PR_TRUE;
PLOptStatus os;
PLOptState *opt = PL_CreateOptState(argc, argv, "nvhf:Fd:p:");
while (PL_OPT_EOL != (os = PL_GetNextOpt(opt))) {
@@ -458,18 +460,23 @@ main(int argc, char **argv)
initArgs.CreateMutex = NULL;
initArgs.DestroyMutex = NULL;
initArgs.LockMutex = NULL;
initArgs.UnlockMutex = NULL;
initArgs.flags = CKF_OS_LOCKING_OK;
moduleSpec = PR_smprintf("configdir='%s' certPrefix='%s' "
"keyPrefix='%s' secmod='secmod.db' flags= ",
configDir, dbPrefix, dbPrefix);
+ moduleSpecRerun = PR_smprintf("configdir='%s' certPrefix='%s' "
+ "keyPrefix='%s' secmod='secmod.db' flags=forcePOST ",
+ configDir, dbPrefix, dbPrefix);
initArgs.LibraryParameters = (CK_CHAR_PTR *)moduleSpec;
initArgs.pReserved = NULL;
+ initArgsRerun = initArgs;
+ initArgsRerun.LibraryParameters = (CK_CHAR_PTR *)moduleSpecRerun;
/*DebugBreak();*/
/* FIPSMODE invokes FC_Initialize as pFunctionList->C_Initialize */
/* NSS cryptographic module library initialization for the FIPS */
/* Approved mode when FC_Initialize is envoked will perfom */
/* software integrity test, and power-up self-tests before */
/* FC_Initialize returns */
crv = pFunctionList->C_Initialize(&initArgs);
@@ -705,17 +712,17 @@ main(int argc, char **argv)
PKM_Error("PKM_HybridMode failed with 0x%08X, %-26s\n", crv,
PKM_CK_RVtoStr(crv));
goto cleanup;
}
if (doForkTests) {
/* testing one more C_Initialize / C_Finalize to exercise getpid()
* fork check code */
- crv = pFunctionList->C_Initialize(&initArgs);
+ crv = pFunctionList->C_Initialize(&initArgsRerun);
if (crv == CKR_OK) {
PKM_LogIt("C_Initialize succeeded\n");
} else {
PKM_Error("C_Initialize failed with 0x%08X, %-26s\n", crv,
PKM_CK_RVtoStr(crv));
goto cleanup;
}
crv = pFunctionList->C_Finalize(NULL);
@@ -741,16 +748,19 @@ cleanup:
free(configDir);
}
if (dbPrefix) {
free(dbPrefix);
}
if (moduleSpec) {
PR_smprintf_free(moduleSpec);
}
+ if (moduleSpecRerun) {
+ PR_smprintf_free(moduleSpecRerun);
+ }
#ifdef _WIN32
FreeLibrary(hModule);
#else
disableUnload = PR_GetEnvSecure("NSS_DISABLE_UNLOAD");
if (!disableUnload) {
PR_UnloadLibrary(lib);
}
diff --git a/lib/freebl/blapii.h b/lib/freebl/blapii.h
--- a/lib/freebl/blapii.h
+++ b/lib/freebl/blapii.h
@@ -24,17 +24,17 @@ typedef SECStatus (*freeblAeadFunc)(void
void *params, unsigned int paramsLen,
const unsigned char *aad, unsigned int aadLen,
unsigned int blocksize);
typedef void (*freeblDestroyFunc)(void *cx, PRBool freeit);
SEC_BEGIN_PROTOS
#ifndef NSS_FIPS_DISABLED
-SECStatus BL_FIPSEntryOK(PRBool freeblOnly);
+SECStatus BL_FIPSEntryOK(PRBool freeblOnly, PRBool rerun);
PRBool BL_POSTRan(PRBool freeblOnly);
#endif
#if defined(XP_UNIX) && !defined(NO_FORK_CHECK)
extern PRBool bl_parentForkedAfterC_Initialize;
#define SKIP_AFTER_FORK(x) \
diff --git a/lib/freebl/blapit.h b/lib/freebl/blapit.h
--- a/lib/freebl/blapit.h
+++ b/lib/freebl/blapit.h
@@ -223,16 +223,21 @@ typedef int __BLAPI_DEPRECATED __attribu
*
* If we arbitrarily set p = 10^-18 (1 chance in trillion trillion operation)
* we get GCMIV_RANDOM_BIRTHDAY_BITS = -(-18)/.301 -1 = 59 (.301 = log10 2)
* GCMIV_RANDOM_BIRTHDAY_BITS should be at least 59, call it a round 64. NOTE:
* the variable IV size for TLS is 64 bits, which explains why it's not safe
* to use a random value for the nonce in TLS. */
#define GCMIV_RANDOM_BIRTHDAY_BITS 64
+/* flag to tell BLAPI_Verify* to rerun the post and integrity tests */
+#define BLAPI_FIPS_RERUN_FLAG '\377' /* 0xff, 255 invalide code for UFT8/ASCII */
+#define BLAPI_FIPS_RERUN_FLAG_STRING "\377" /* The above as a C string */
+
+
/***************************************************************************
** Opaque objects
*/
struct DESContextStr;
struct RC2ContextStr;
struct RC4ContextStr;
struct RC5ContextStr;
diff --git a/lib/freebl/fipsfreebl.c b/lib/freebl/fipsfreebl.c
--- a/lib/freebl/fipsfreebl.c
+++ b/lib/freebl/fipsfreebl.c
@@ -2211,29 +2211,37 @@ bl_startup_tests(void)
}
/*
* this is called from the freebl init entry points that controll access to
* all other freebl functions. This prevents freebl from operating if our
* power on selftest failed.
*/
SECStatus
-BL_FIPSEntryOK(PRBool freebl_only)
+BL_FIPSEntryOK(PRBool freebl_only, PRBool rerun)
{
#ifdef NSS_NO_INIT_SUPPORT
/* this should only be set on platforms that can't handle one of the INIT
* schemes. This code allows those platforms to continue to function,
* though they don't meet the strict NIST requirements. If NSS_NO_INIT_SUPPORT
* is not set, and init support has not been properly enabled, freebl
* will always fail because of the test below
*/
if (!self_tests_freebl_ran) {
bl_startup_tests();
}
#endif
+ if (rerun) {
+ /* reset the flags */
+ self_tests_freebl_ran = PR_FALSE;
+ self_tests_success = PR_FALSE;
+ self_tests_success = PR_FALSE;
+ self_tests_freebl_success = PR_FALSE;
+ bl_startup_tests();
+ }
/* if the general self tests succeeded, we're done */
if (self_tests_success) {
return SECSuccess;
}
/* standalone freebl can initialize */
if (freebl_only && self_tests_freebl_success) {
return SECSuccess;
}
diff --git a/lib/freebl/nsslowhash.c b/lib/freebl/nsslowhash.c
--- a/lib/freebl/nsslowhash.c
+++ b/lib/freebl/nsslowhash.c
@@ -55,17 +55,17 @@ NSSLOW_Init(void)
#ifdef FREEBL_NO_DEPEND
(void)FREEBL_InitStubs();
#endif
#ifndef NSS_FIPS_DISABLED
/* make sure the FIPS product is installed if we are trying to
* go into FIPS mode */
if (nsslow_GetFIPSEnabled()) {
- if (BL_FIPSEntryOK(PR_TRUE) != SECSuccess) {
+ if (BL_FIPSEntryOK(PR_TRUE, PR_FALSE) != SECSuccess) {
PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
post_failed = PR_TRUE;
return NULL;
}
}
#endif
post_failed = PR_FALSE;
diff --git a/lib/freebl/shvfy.c b/lib/freebl/shvfy.c
--- a/lib/freebl/shvfy.c
+++ b/lib/freebl/shvfy.c
@@ -282,52 +282,62 @@ readItem(PRFileDesc *fd, SECItem *item)
PORT_Free(item->data);
item->data = NULL;
item->len = 0;
return SECFailure;
}
return SECSuccess;
}
-static PRBool blapi_SHVerifyFile(const char *shName, PRBool self);
+static PRBool blapi_SHVerifyFile(const char *shName, PRBool self, PRBool rerun);
static PRBool
-blapi_SHVerify(const char *name, PRFuncPtr addr, PRBool self)
+blapi_SHVerify(const char *name, PRFuncPtr addr, PRBool self, PRBool rerun)
{
PRBool result = PR_FALSE; /* if anything goes wrong,
* the signature does not verify */
/* find our shared library name */
char *shName = PR_GetLibraryFilePathname(name, addr);
if (!shName) {
goto loser;
}
- result = blapi_SHVerifyFile(shName, self);
+ result = blapi_SHVerifyFile(shName, self, rerun);
loser:
if (shName != NULL) {
PR_Free(shName);
}
return result;
}
PRBool
BLAPI_SHVerify(const char *name, PRFuncPtr addr)
{
- return blapi_SHVerify(name, addr, PR_FALSE);
+ PRBool rerun = PR_FALSE;
+ if (name && *name == BLAPI_FIPS_RERUN_FLAG) {
+ name++;
+ rerun = PR_TRUE;
+ }
+ return blapi_SHVerify(name, addr, PR_FALSE, rerun);
}
PRBool
BLAPI_SHVerifyFile(const char *shName)
{
- return blapi_SHVerifyFile(shName, PR_FALSE);
+ PRBool rerun = PR_FALSE;
+ if (shName && *shName == BLAPI_FIPS_RERUN_FLAG) {
+ shName++;
+ rerun = PR_TRUE;
+ }
+ return blapi_SHVerifyFile(shName, PR_FALSE, rerun);
}
static PRBool
-blapi_SHVerifyFile(const char *shName, PRBool self)
+blapi_SHVerifyFile(const char *shName, PRBool self, PRBool rerun)
{
char *checkName = NULL;
PRFileDesc *checkFD = NULL;
PRFileDesc *shFD = NULL;
void *hashcx = NULL;
const SECHashObject *hashObj = NULL;
SECItem signature = { 0, NULL, 0 };
SECItem hash;
@@ -346,17 +356,17 @@ blapi_SHVerifyFile(const char *shName, P
unsigned char hashBuf[HASH_LENGTH_MAX];
PORT_Memset(&key, 0, sizeof(key));
hash.data = hashBuf;
hash.len = sizeof(hashBuf);
/* If our integrity check was never ran or failed, fail any other
* integrity checks to prevent any token going into FIPS mode. */
- if (!self && (BL_FIPSEntryOK(PR_FALSE) != SECSuccess)) {
+ if (!self && (BL_FIPSEntryOK(PR_FALSE, rerun) != SECSuccess)) {
return PR_FALSE;
}
if (!shName) {
goto loser;
}
/* figure out the name of our check file */
@@ -536,17 +546,17 @@ BLAPI_VerifySelf(const char *name)
{
if (name == NULL) {
/*
* If name is NULL, freebl is statically linked into softoken.
* softoken will call BLAPI_SHVerify next to verify itself.
*/
return PR_TRUE;
}
- return blapi_SHVerify(name, (PRFuncPtr)decodeInt, PR_TRUE);
+ return blapi_SHVerify(name, (PRFuncPtr)decodeInt, PR_TRUE, PR_FALSE);
}
#else /* NSS_FIPS_DISABLED */
PRBool
BLAPI_SHVerifyFile(const char *shName)
{
return PR_FALSE;
diff --git a/lib/softoken/fipstest.c b/lib/softoken/fipstest.c
--- a/lib/softoken/fipstest.c
+++ b/lib/softoken/fipstest.c
@@ -684,22 +684,25 @@ sftk_fips_HKDF_PowerUpSelfTest(void)
static PRBool sftk_self_tests_ran = PR_FALSE;
static PRBool sftk_self_tests_success = PR_FALSE;
/*
* This function is called at dll load time, the code tha makes this
* happen is platform specific on defined above.
*/
-static void
-sftk_startup_tests(void)
+void sftk_startup_tests_with_rerun(PRBool rerun)
{
SECStatus rv;
- const char *libraryName = SOFTOKEN_LIB_NAME;
-
+ /*const char *nlibraryName = SOFTOKEN_LIB_NAME;
+ const char *rlibraryName = BLAPI_FIPS_RERUN_FLAG_STRING SOFTOKEN_LIB_NAME; */
+ const char *libraryName = rerun ?
+ BLAPI_FIPS_RERUN_FLAG_STRING SOFTOKEN_LIB_NAME :
+ SOFTOKEN_LIB_NAME;
+
PORT_Assert(!sftk_self_tests_ran);
PORT_Assert(!sftk_self_tests_success);
sftk_self_tests_ran = PR_TRUE;
sftk_self_tests_success = PR_FALSE; /* just in case */
/* need to initiallize the oid library before the RSA tests */
rv = SECOID_Init();
if (rv != SECSuccess) {
@@ -746,35 +749,46 @@ sftk_startup_tests(void)
rv = sftk_fips_pbkdf_PowerUpSelfTests();
if (rv != SECSuccess) {
return;
}
sftk_self_tests_success = PR_TRUE;
}
+static void
+sftk_startup_tests(void)
+{
+ sftk_startup_tests_with_rerun(PR_FALSE);
+}
+
/*
* this is called from nsc_Common_Initizialize entry points that gates access
* to * all other pkcs11 functions. This prevents softoken operation if our
* power on selftest failed.
*/
CK_RV
-sftk_FIPSEntryOK()
+sftk_FIPSEntryOK(PRBool rerun)
{
#ifdef NSS_NO_INIT_SUPPORT
/* this should only be set on platforms that can't handle one of the INIT
* schemes. This code allows those platforms to continue to function,
* though they don't meet the strict NIST requirements. If NSS_NO_INIT_SUPPORT
* is not set, and init support has not been properly enabled, softken
* will always fail because of the test below
*/
if (!sftk_self_tests_ran) {
sftk_startup_tests();
}
#endif
+ if (rerun) {
+ sftk_self_tests_ran = PR_FALSE;
+ sftk_self_tests_success = PR_FALSE;
+ sftk_startup_tests_with_rerun(PR_TRUE);
+ }
if (!sftk_self_tests_success) {
return CKR_DEVICE_ERROR;
}
return CKR_OK;
}
#else
#include "pkcs11t.h"
CK_RV
diff --git a/lib/softoken/fipstokn.c b/lib/softoken/fipstokn.c
--- a/lib/softoken/fipstokn.c
+++ b/lib/softoken/fipstokn.c
@@ -524,25 +524,32 @@ fc_log_init_error(CK_RV crv)
}
/* FC_Initialize initializes the PKCS #11 library. */
CK_RV
FC_Initialize(CK_VOID_PTR pReserved)
{
const char *envp;
CK_RV crv;
+ PRBool rerun;
if ((envp = PR_GetEnv("NSS_ENABLE_AUDIT")) != NULL) {
sftk_audit_enabled = (atoi(envp) == 1);
}
+ /* if we have the forcePOST flag on, rerun the integrity checks */
+ /* we need to know this before we fully parse the arguments in
+ * nsc_CommonInitialize, so read it now */
+ rerun = sftk_RawArgHasFlag("flags", "forcePost", pReserved);
+
/* At this point we should have already done post and integrity checks.
* if we haven't, it probably means the FIPS product has not been installed
- * or the tests failed. Don't let an application try to enter FIPS mode */
- crv = sftk_FIPSEntryOK();
+ * or the tests failed. Don't let an application try to enter FIPS mode. This
+ * also forces the tests to be rerun if forcePOST is set. */
+ crv = sftk_FIPSEntryOK(rerun);
if (crv != CKR_OK) {
sftk_fatalError = PR_TRUE;
fc_log_init_error(crv);
return crv;
}
sftk_ForkReset(pReserved, &crv);
diff --git a/lib/softoken/pkcs11i.h b/lib/softoken/pkcs11i.h
--- a/lib/softoken/pkcs11i.h
+++ b/lib/softoken/pkcs11i.h
@@ -869,16 +869,17 @@ extern CK_RV sftk_MechAllowsOperation(CK
* acquiring a reference to the keydb from the slot */
NSSLOWKEYPrivateKey *sftk_FindKeyByPublicKey(SFTKSlot *slot, SECItem *dbKey);
/*
* parameter parsing functions
*/
CK_RV sftk_parseParameters(char *param, sftk_parameters *parsed, PRBool isFIPS);
void sftk_freeParams(sftk_parameters *params);
+PRBool sftk_RawArgHasFlag(const char *entry, const char *flag, const void *pReserved);
/*
* narrow objects
*/
SFTKSessionObject *sftk_narrowToSessionObject(SFTKObject *);
SFTKTokenObject *sftk_narrowToTokenObject(SFTKObject *);
/*
diff --git a/lib/softoken/sftkpars.c b/lib/softoken/sftkpars.c
--- a/lib/softoken/sftkpars.c
+++ b/lib/softoken/sftkpars.c
@@ -244,8 +244,21 @@ sftk_freeParams(sftk_parameters *params)
FREE_CLEAR(params->configdir);
FREE_CLEAR(params->secmodName);
FREE_CLEAR(params->man);
FREE_CLEAR(params->libdes);
FREE_CLEAR(params->tokens);
FREE_CLEAR(params->updatedir);
FREE_CLEAR(params->updateID);
}
+
+PRBool
+sftk_RawArgHasFlag(const char *entry, const char *flag, const void *pReserved)
+{
+ CK_C_INITIALIZE_ARGS *init_args = (CK_C_INITIALIZE_ARGS *)pReserved;
+
+ /* if we don't have any params, the flag isn't set */
+ if ((!init_args || !init_args->LibraryParameters)) {
+ return PR_FALSE;
+ }
+
+ return NSSUTIL_ArgHasFlag(entry, flag, (const char *)init_args->LibraryParameters);
+}
diff --git a/lib/softoken/softoken.h b/lib/softoken/softoken.h
--- a/lib/softoken/softoken.h
+++ b/lib/softoken/softoken.h
@@ -52,17 +52,17 @@ extern unsigned char *CBC_PadBuffer(PLAr
unsigned int inlen, unsigned int *outlen,
int blockSize);
/****************************************/
/*
** Power-Up selftests are required for FIPS.
*/
/* make sure Power-up selftests have been run. */
-extern CK_RV sftk_FIPSEntryOK(void);
+extern CK_RV sftk_FIPSEntryOK(PRBool rerun);
/*
** make known fixed PKCS #11 key types to their sizes in bytes
*/
unsigned long sftk_MapKeySize(CK_KEY_TYPE keyType);
/*
** FIPS 140-2 auditing

742
SOURCES/nss-3.79-fips.patch
View File

@ -1,742 +0,0 @@
diff --git a/lib/freebl/config.mk b/lib/freebl/config.mk
--- a/lib/freebl/config.mk
+++ b/lib/freebl/config.mk
@@ -85,9 +85,13 @@ EXTRA_SHARED_LIBS += \
$(NULL)
endif
endif
ifeq ($(OS_ARCH), Darwin)
EXTRA_SHARED_LIBS += -dylib_file @executable_path/libplc4.dylib:$(DIST)/lib/libplc4.dylib -dylib_file @executable_path/libplds4.dylib:$(DIST)/lib/libplds4.dylib
endif
+ifdef NSS_FIPS_140_3
+DEFINES += -DNSS_FIPS_140_3
endif
+
+endif
diff --git a/lib/freebl/unix_urandom.c b/lib/freebl/unix_urandom.c
--- a/lib/freebl/unix_urandom.c
+++ b/lib/freebl/unix_urandom.c
@@ -20,53 +20,110 @@ RNG_SystemInfoForRNG(void)
if (!numBytes) {
/* error is set */
return;
}
RNG_RandomUpdate(bytes, numBytes);
PORT_Memset(bytes, 0, sizeof bytes);
}
+#ifdef NSS_FIPS_140_3
+#include <sys/random.h>
+#include "prinit.h"
+
+static int rng_grndFlags= 0;
+static PRCallOnceType rng_KernelFips;
+
+static PRStatus
+rng_getKernelFips()
+{
+#ifdef LINUX
+ FILE *f;
+ char d;
+ size_t size;
+
+ f = fopen("/proc/sys/crypto/fips_enabled", "r");
+ if (!f)
+ return PR_FAILURE;
+
+ size = fread(&d, 1, 1, f);
+ fclose(f);
+ if (size != 1)
+ return PR_SUCCESS;
+ if (d != '1')
+ return PR_SUCCESS;
+ /* if the kernel is in FIPS mode, set the GRND_RANDOM flag */
+ rng_grndFlags = GRND_RANDOM;
+#endif /* LINUX */
+ return PR_SUCCESS;
+}
+#endif
+
size_t
RNG_SystemRNG(void *dest, size_t maxLen)
{
+ size_t fileBytes = 0;
+ unsigned char *buffer = dest;
+#ifndef NSS_FIPS_140_3
int fd;
int bytes;
- size_t fileBytes = 0;
- unsigned char *buffer = dest;
+#else
+ PR_CallOnce(&rng_KernelFips, rng_getKernelFips);
+#endif
#if defined(__OpenBSD__) || (defined(__FreeBSD__) && __FreeBSD_version >= 1200000) || (defined(LINUX) && defined(__GLIBC__) && ((__GLIBC__ > 2) || ((__GLIBC__ == 2) && (__GLIBC_MINOR__ >= 25))))
int result;
-
while (fileBytes < maxLen) {
size_t getBytes = maxLen - fileBytes;
if (getBytes > GETENTROPY_MAX_BYTES) {
getBytes = GETENTROPY_MAX_BYTES;
}
+#ifdef NSS_FIPS_140_3
+ /* FIP 140-3 requires full kernel reseeding for chained entropy sources
+ * so we need to use getrandom with GRND_RANDOM.
+ * getrandom returns -1 on failure, otherwise returns
+ * the number of bytes, which can be less than getBytes */
+ result = getrandom(buffer, getBytes, rng_grndFlags);
+ if (result < 0) {
+ break;
+ }
+ fileBytes += result;
+ buffer += result;
+#else
+ /* get entropy returns 0 on success and always return
+ * getBytes on success */
result = getentropy(buffer, getBytes);
if (result == 0) { /* success */
fileBytes += getBytes;
buffer += getBytes;
} else {
break;
}
+#endif
}
if (fileBytes == maxLen) { /* success */
return maxLen;
}
+#ifdef NSS_FIPS_140_3
+ /* in FIPS 104-3 we don't fallback, just fail */
+ PORT_SetError(SEC_ERROR_NEED_RANDOM);
+ return 0;
+#else
/* If we failed with an error other than ENOSYS, it means the destination
* buffer is not writeable. We don't need to try writing to it again. */
if (errno != ENOSYS) {
PORT_SetError(SEC_ERROR_NEED_RANDOM);
return 0;
}
+#endif /*!NSS_FIPS_140_3 */
+#endif /* platorm has getentropy */
+#ifndef NSS_FIPS_140_3
/* ENOSYS means the kernel doesn't support getentropy()/getrandom().
* Reset the number of bytes to get and fall back to /dev/urandom. */
fileBytes = 0;
-#endif
fd = open("/dev/urandom", O_RDONLY);
if (fd < 0) {
PORT_SetError(SEC_ERROR_NEED_RANDOM);
return 0;
}
while (fileBytes < maxLen) {
bytes = read(fd, buffer, maxLen - fileBytes);
if (bytes <= 0) {
@@ -76,9 +133,10 @@ RNG_SystemRNG(void *dest, size_t maxLen)
buffer += bytes;
}
(void)close(fd);
if (fileBytes != maxLen) {
PORT_SetError(SEC_ERROR_NEED_RANDOM);
return 0;
}
return fileBytes;
+#endif
}
diff --git a/lib/softoken/config.mk b/lib/softoken/config.mk
--- a/lib/softoken/config.mk
+++ b/lib/softoken/config.mk
@@ -58,8 +58,12 @@ endif
ifdef NSS_ENABLE_FIPS_INDICATORS
DEFINES += -DNSS_ENABLE_FIPS_INDICATORS
endif
ifdef NSS_FIPS_MODULE_ID
DEFINES += -DNSS_FIPS_MODULE_ID=\"${NSS_FIPS_MODULE_ID}\"
endif
+ifdef NSS_FIPS_140_3
+DEFINES += -DNSS_FIPS_140_3
+endif
+
diff --git a/lib/softoken/fips_algorithms.h b/lib/softoken/fips_algorithms.h
--- a/lib/softoken/fips_algorithms.h
+++ b/lib/softoken/fips_algorithms.h
@@ -49,33 +49,45 @@ SFTKFIPSAlgorithmList sftk_fips_mechs[]
#define CKF_KEK (CKF_WRAP | CKF_UNWRAP)
#define CKF_KEA CKF_DERIVE
#define CKF_KDF CKF_DERIVE
#define CKF_HSH CKF_DIGEST
#define CK_MAX 0xffffffffUL
/* mechanisms using the same key types share the same key type
* limits */
#define RSA_FB_KEY 2048, 4096 /* min, max */
-#define RSA_FB_STEP 1024
+#define RSA_FB_STEP 1
+#define RSA_LEGACY_FB_KEY 1024, 1792 /* min, max */
+#define RSA_LEGACY_FB_STEP 256
+
#define DSA_FB_KEY 2048, 4096 /* min, max */
#define DSA_FB_STEP 1024
#define DH_FB_KEY 2048, 4096 /* min, max */
#define DH_FB_STEP 1024
#define EC_FB_KEY 256, 521 /* min, max */
#define EC_FB_STEP 1 /* key limits handled by special operation */
#define AES_FB_KEY 128, 256
#define AES_FB_STEP 64
{ CKM_RSA_PKCS_KEY_PAIR_GEN, { RSA_FB_KEY, CKF_KPG }, RSA_FB_STEP, SFTKFIPSNone },
{ CKM_RSA_PKCS_PSS, { RSA_FB_KEY, CKF_SGN }, RSA_FB_STEP, SFTKFIPSNone },
- { CKM_RSA_PKCS_OAEP, { RSA_FB_KEY, CKF_ENC }, RSA_FB_STEP, SFTKFIPSNone },
+ { CKM_RSA_PKCS_PSS, { RSA_LEGACY_FB_KEY, CKF_VERIFY }, RSA_LEGACY_FB_STEP, SFTKFIPSNone },
+
/* -------------- RSA Multipart Signing Operations -------------------- */
{ CKM_SHA224_RSA_PKCS, { RSA_FB_KEY, CKF_SGN }, RSA_FB_STEP, SFTKFIPSNone },
{ CKM_SHA256_RSA_PKCS, { RSA_FB_KEY, CKF_SGN }, RSA_FB_STEP, SFTKFIPSNone },
{ CKM_SHA384_RSA_PKCS, { RSA_FB_KEY, CKF_SGN }, RSA_FB_STEP, SFTKFIPSNone },
{ CKM_SHA512_RSA_PKCS, { RSA_FB_KEY, CKF_SGN }, RSA_FB_STEP, SFTKFIPSNone },
+ { CKM_SHA224_RSA_PKCS, { RSA_LEGACY_FB_KEY, CKF_VERIFY }, RSA_LEGACY_FB_STEP, SFTKFIPSNone },
+ { CKM_SHA256_RSA_PKCS, { RSA_LEGACY_FB_KEY, CKF_VERIFY }, RSA_LEGACY_FB_STEP, SFTKFIPSNone },
+ { CKM_SHA384_RSA_PKCS, { RSA_LEGACY_FB_KEY, CKF_VERIFY }, RSA_LEGACY_FB_STEP, SFTKFIPSNone },
+ { CKM_SHA512_RSA_PKCS, { RSA_LEGACY_FB_KEY, CKF_VERIFY }, RSA_LEGACY_FB_STEP, SFTKFIPSNone },
+ { CKM_SHA224_RSA_PKCS_PSS, { RSA_LEGACY_FB_KEY, CKF_VERIFY }, RSA_LEGACY_FB_STEP, SFTKFIPSNone },
+ { CKM_SHA256_RSA_PKCS_PSS, { RSA_LEGACY_FB_KEY, CKF_VERIFY }, RSA_LEGACY_FB_STEP, SFTKFIPSNone },
+ { CKM_SHA384_RSA_PKCS_PSS, { RSA_LEGACY_FB_KEY, CKF_VERIFY }, RSA_LEGACY_FB_STEP, SFTKFIPSNone },
+ { CKM_SHA512_RSA_PKCS_PSS, { RSA_LEGACY_FB_KEY, CKF_VERIFY }, RSA_LEGACY_FB_STEP, SFTKFIPSNone },
{ CKM_SHA224_RSA_PKCS_PSS, { RSA_FB_KEY, CKF_SGN }, RSA_FB_STEP, SFTKFIPSNone },
{ CKM_SHA256_RSA_PKCS_PSS, { RSA_FB_KEY, CKF_SGN }, RSA_FB_STEP, SFTKFIPSNone },
{ CKM_SHA384_RSA_PKCS_PSS, { RSA_FB_KEY, CKF_SGN }, RSA_FB_STEP, SFTKFIPSNone },
{ CKM_SHA512_RSA_PKCS_PSS, { RSA_FB_KEY, CKF_SGN }, RSA_FB_STEP, SFTKFIPSNone },
/* ------------------------- DSA Operations --------------------------- */
{ CKM_DSA_KEY_PAIR_GEN, { DSA_FB_KEY, CKF_KPG }, DSA_FB_STEP, SFTKFIPSNone },
{ CKM_DSA, { DSA_FB_KEY, CKF_SGN }, DSA_FB_STEP, SFTKFIPSNone },
{ CKM_DSA_PARAMETER_GEN, { DSA_FB_KEY, CKF_KPG }, DSA_FB_STEP, SFTKFIPSNone },
@@ -95,76 +107,73 @@ SFTKFIPSAlgorithmList sftk_fips_mechs[]
{ CKM_ECDSA_SHA256, { EC_FB_KEY, CKF_SGN }, EC_FB_STEP, SFTKFIPSECC },
{ CKM_ECDSA_SHA384, { EC_FB_KEY, CKF_SGN }, EC_FB_STEP, SFTKFIPSECC },
{ CKM_ECDSA_SHA512, { EC_FB_KEY, CKF_SGN }, EC_FB_STEP, SFTKFIPSECC },
/* ------------------------- RC2 Operations --------------------------- */
/* ------------------------- AES Operations --------------------------- */
{ CKM_AES_KEY_GEN, { AES_FB_KEY, CKF_GEN }, AES_FB_STEP, SFTKFIPSNone },
{ CKM_AES_ECB, { AES_FB_KEY, CKF_ENC }, AES_FB_STEP, SFTKFIPSNone },
{ CKM_AES_CBC, { AES_FB_KEY, CKF_ENC }, AES_FB_STEP, SFTKFIPSNone },
- { CKM_AES_MAC, { AES_FB_KEY, CKF_SGN }, AES_FB_STEP, SFTKFIPSNone },
- { CKM_AES_MAC_GENERAL, { AES_FB_KEY, CKF_SGN }, AES_FB_STEP, SFTKFIPSNone },
{ CKM_AES_CMAC, { AES_FB_KEY, CKF_SGN }, AES_FB_STEP, SFTKFIPSNone },
{ CKM_AES_CMAC_GENERAL, { AES_FB_KEY, CKF_SGN }, AES_FB_STEP, SFTKFIPSNone },
{ CKM_AES_CBC_PAD, { AES_FB_KEY, CKF_ENC }, AES_FB_STEP, SFTKFIPSNone },
{ CKM_AES_CTS, { AES_FB_KEY, CKF_ENC }, AES_FB_STEP, SFTKFIPSNone },
{ CKM_AES_CTR, { AES_FB_KEY, CKF_ENC }, AES_FB_STEP, SFTKFIPSNone },
{ CKM_AES_GCM, { AES_FB_KEY, CKF_ENC }, AES_FB_STEP, SFTKFIPSAEAD },
{ CKM_AES_KEY_WRAP, { AES_FB_KEY, CKF_ENC }, AES_FB_STEP, SFTKFIPSNone },
{ CKM_AES_KEY_WRAP_PAD, { AES_FB_KEY, CKF_ENC }, AES_FB_STEP, SFTKFIPSNone },
{ CKM_AES_KEY_WRAP_KWP, { AES_FB_KEY, CKF_ENC }, AES_FB_STEP, SFTKFIPSNone },
- { CKM_AES_XCBC_MAC_96, { 96, 96, CKF_SGN }, 1, SFTKFIPSNone },
- { CKM_AES_XCBC_MAC, { 128, 128, CKF_SGN }, 1, SFTKFIPSNone },
/* ------------------------- Hashing Operations ----------------------- */
{ CKM_SHA224, { 0, 0, CKF_HSH }, 1, SFTKFIPSNone },
{ CKM_SHA224_HMAC, { 112, 224, CKF_SGN }, 1, SFTKFIPSNone },
{ CKM_SHA224_HMAC_GENERAL, { 112, 224, CKF_SGN }, 1, SFTKFIPSNone },
{ CKM_SHA256, { 0, 0, CKF_HSH }, 1, SFTKFIPSNone },
- { CKM_SHA256_HMAC, { 128, 256, CKF_SGN }, 1, SFTKFIPSNone },
- { CKM_SHA256_HMAC_GENERAL, { 128, 256, CKF_SGN }, 1, SFTKFIPSNone },
+ { CKM_SHA256_HMAC, { 112, 256, CKF_SGN }, 1, SFTKFIPSNone },
+ { CKM_SHA256_HMAC_GENERAL, { 112, 256, CKF_SGN }, 1, SFTKFIPSNone },
{ CKM_SHA384, { 0, 0, CKF_HSH }, 1, SFTKFIPSNone },
- { CKM_SHA384_HMAC, { 192, 384, CKF_SGN }, 1, SFTKFIPSNone },
- { CKM_SHA384_HMAC_GENERAL, { 192, 384, CKF_SGN }, 1, SFTKFIPSNone },
+ { CKM_SHA384_HMAC, { 112, 384, CKF_SGN }, 1, SFTKFIPSNone },
+ { CKM_SHA384_HMAC_GENERAL, { 112, 384, CKF_SGN }, 1, SFTKFIPSNone },
{ CKM_SHA512, { 0, 0, CKF_HSH }, 1, SFTKFIPSNone },
- { CKM_SHA512_HMAC, { 256, 512, CKF_SGN }, 1, SFTKFIPSNone },
- { CKM_SHA512_HMAC_GENERAL, { 256, 512, CKF_SGN }, 1, SFTKFIPSNone },
+ { CKM_SHA512_HMAC, { 112, 512, CKF_SGN }, 1, SFTKFIPSNone },
+ { CKM_SHA512_HMAC_GENERAL, { 112, 512, CKF_SGN }, 1, SFTKFIPSNone },
/* --------------------- Secret Key Operations ------------------------ */
- { CKM_GENERIC_SECRET_KEY_GEN, { 8, 256, CKF_GEN }, 1, SFTKFIPSNone },
+ { CKM_GENERIC_SECRET_KEY_GEN, { 112, 256, CKF_GEN }, 1, SFTKFIPSNone },
/* ---------------------- SSL/TLS operations ------------------------- */
{ CKM_SHA224_KEY_DERIVATION, { 112, 224, CKF_KDF }, 1, SFTKFIPSNone },
- { CKM_SHA256_KEY_DERIVATION, { 128, 256, CKF_KDF }, 1, SFTKFIPSNone },
- { CKM_SHA384_KEY_DERIVATION, { 192, 284, CKF_KDF }, 1, SFTKFIPSNone },
- { CKM_SHA512_KEY_DERIVATION, { 256, 512, CKF_KDF }, 1, SFTKFIPSNone },
+ { CKM_SHA256_KEY_DERIVATION, { 112, 256, CKF_KDF }, 1, SFTKFIPSNone },
+ { CKM_SHA384_KEY_DERIVATION, { 112, 284, CKF_KDF }, 1, SFTKFIPSNone },
+ { CKM_SHA512_KEY_DERIVATION, { 112, 512, CKF_KDF }, 1, SFTKFIPSNone },
+ { CKM_SSL3_PRE_MASTER_KEY_GEN, { 384, 384, CKF_GEN }, 1, SFTKFIPSNone },
{ CKM_TLS12_MASTER_KEY_DERIVE, { 384, 384, CKF_KDF }, 1, SFTKFIPSNone },
{ CKM_TLS12_MASTER_KEY_DERIVE_DH, { DH_FB_KEY, CKF_KDF }, 1, SFTKFIPSNone },
{ CKM_TLS12_KEY_AND_MAC_DERIVE, { 384, 384, CKF_KDF }, 1, SFTKFIPSNone },
- { CKM_TLS_PRF_GENERAL, { 8, 512, CKF_SGN }, 1, SFTKFIPSNone },
- { CKM_TLS_MAC, { 8, 512, CKF_SGN }, 1, SFTKFIPSNone },
+ { CKM_TLS_PRF_GENERAL, { 112, 512, CKF_SGN }, 1, SFTKFIPSNone },
+ { CKM_TLS_MAC, { 112, 512, CKF_SGN }, 1, SFTKFIPSNone },
/* sigh, is this algorithm really tested. ssl doesn't seem to have a
* way of turning the extension off */
{ CKM_NSS_TLS_EXTENDED_MASTER_KEY_DERIVE, { 192, 1024, CKF_KDF }, 1, SFTKFIPSNone },
{ CKM_NSS_TLS_EXTENDED_MASTER_KEY_DERIVE_DH, { 192, 1024, CKF_DERIVE }, 1, SFTKFIPSNone },
/* ------------------------- HKDF Operations -------------------------- */
- { CKM_HKDF_DERIVE, { 8, 255 * 64 * 8, CKF_KDF }, 1, SFTKFIPSNone },
- { CKM_HKDF_DATA, { 8, 255 * 64 * 8, CKF_KDF }, 1, SFTKFIPSNone },
+ { CKM_HKDF_DERIVE, { 112, 255 * 64 * 8, CKF_KDF }, 1, SFTKFIPSNone },
+ { CKM_HKDF_DATA, { 112, 255 * 64 * 8, CKF_KDF }, 1, SFTKFIPSNone },
{ CKM_HKDF_KEY_GEN, { 160, 224, CKF_GEN }, 1, SFTKFIPSNone },
{ CKM_HKDF_KEY_GEN, { 256, 512, CKF_GEN }, 128, SFTKFIPSNone },
/* ------------------ NIST 800-108 Key Derivations ------------------- */
- { CKM_SP800_108_COUNTER_KDF, { 0, CK_MAX, CKF_KDF }, 1, SFTKFIPSNone },
- { CKM_SP800_108_FEEDBACK_KDF, { 0, CK_MAX, CKF_KDF }, 1, SFTKFIPSNone },
- { CKM_SP800_108_DOUBLE_PIPELINE_KDF, { 0, CK_MAX, CKF_KDF }, 1, SFTKFIPSNone },
- { CKM_NSS_SP800_108_COUNTER_KDF_DERIVE_DATA, { 0, CK_MAX, CKF_KDF }, 1, SFTKFIPSNone },
- { CKM_NSS_SP800_108_FEEDBACK_KDF_DERIVE_DATA, { 0, CK_MAX, CKF_KDF }, 1, SFTKFIPSNone },
- { CKM_NSS_SP800_108_DOUBLE_PIPELINE_KDF_DERIVE_DATA, { 0, CK_MAX, CKF_KDF }, 1, SFTKFIPSNone },
+ { CKM_SP800_108_COUNTER_KDF, { 112, CK_MAX, CKF_KDF }, 1, SFTKFIPSNone },
+ { CKM_SP800_108_FEEDBACK_KDF, { 112, CK_MAX, CKF_KDF }, 1, SFTKFIPSNone },
+ { CKM_SP800_108_DOUBLE_PIPELINE_KDF, { 112, CK_MAX, CKF_KDF }, 1, SFTKFIPSNone },
+ { CKM_NSS_SP800_108_COUNTER_KDF_DERIVE_DATA, { 112, CK_MAX, CKF_KDF }, 1, SFTKFIPSNone },
+ { CKM_NSS_SP800_108_FEEDBACK_KDF_DERIVE_DATA, { 112, CK_MAX, CKF_KDF }, 1, SFTKFIPSNone },
+ { CKM_NSS_SP800_108_DOUBLE_PIPELINE_KDF_DERIVE_DATA, { 112, CK_MAX, CKF_KDF }, 1, SFTKFIPSNone },
/* --------------------IPSEC ----------------------- */
- { CKM_NSS_IKE_PRF_PLUS_DERIVE, { 8, 255 * 64, CKF_KDF }, 1, SFTKFIPSNone },
- { CKM_NSS_IKE_PRF_DERIVE, { 8, 64, CKF_KDF }, 1, SFTKFIPSNone },
- { CKM_NSS_IKE1_PRF_DERIVE, { 8, 64, CKF_KDF }, 1, SFTKFIPSNone },
- { CKM_NSS_IKE1_APP_B_PRF_DERIVE, { 8, 255 * 64, CKF_KDF }, 1, SFTKFIPSNone },
+ { CKM_NSS_IKE_PRF_PLUS_DERIVE, { 112, 255 * 64, CKF_KDF }, 1, SFTKFIPSNone },
+ { CKM_NSS_IKE_PRF_DERIVE, { 112, 64, CKF_KDF }, 1, SFTKFIPSNone },
+ { CKM_NSS_IKE1_PRF_DERIVE, { 112, 64, CKF_KDF }, 1, SFTKFIPSNone },
+ { CKM_NSS_IKE1_APP_B_PRF_DERIVE, { 112, 255 * 64, CKF_KDF }, 1, SFTKFIPSNone },
/* ------------------ PBE Key Derivations ------------------- */
- { CKM_PKCS5_PBKD2, { 1, 256, CKF_GEN }, 1, SFTKFIPSNone },
+ { CKM_PKCS5_PBKD2, { 112, 256, CKF_GEN }, 1, SFTKFIPSNone },
{ CKM_NSS_PKCS12_PBE_SHA224_HMAC_KEY_GEN, { 224, 224, CKF_GEN }, 1, SFTKFIPSNone },
{ CKM_NSS_PKCS12_PBE_SHA256_HMAC_KEY_GEN, { 256, 256, CKF_GEN }, 1, SFTKFIPSNone },
{ CKM_NSS_PKCS12_PBE_SHA384_HMAC_KEY_GEN, { 384, 384, CKF_GEN }, 1, SFTKFIPSNone },
{ CKM_NSS_PKCS12_PBE_SHA512_HMAC_KEY_GEN, { 512, 512, CKF_GEN }, 1, SFTKFIPSNone }
};
const int SFTK_NUMBER_FIPS_ALGORITHMS = PR_ARRAY_SIZE(sftk_fips_mechs);
diff --git a/lib/softoken/lowpbe.c b/lib/softoken/lowpbe.c
--- a/lib/softoken/lowpbe.c
+++ b/lib/softoken/lowpbe.c
@@ -1765,27 +1765,29 @@ SECStatus
sftk_fips_pbkdf_PowerUpSelfTests(void)
{
SECItem *result;
SECItem inKey;
NSSPKCS5PBEParameter pbe_params;
unsigned char iteration_count = 5;
unsigned char keyLen = 64;
char *inKeyData = TEST_KEY;
- static const unsigned char saltData[] =
- { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 };
+ static const unsigned char saltData[] = {
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
+ };
static const unsigned char pbkdf_known_answer[] = {
- 0x31, 0xf0, 0xe5, 0x39, 0x9f, 0x39, 0xb9, 0x29,
- 0x68, 0xac, 0xf2, 0xe9, 0x53, 0x9b, 0xb4, 0x9c,
- 0x28, 0x59, 0x8b, 0x5c, 0xd8, 0xd4, 0x02, 0x37,
- 0x18, 0x22, 0xc1, 0x92, 0xd0, 0xfa, 0x72, 0x90,
- 0x2c, 0x8d, 0x19, 0xd4, 0x56, 0xfb, 0x16, 0xfa,
- 0x8d, 0x5c, 0x06, 0x33, 0xd1, 0x5f, 0x17, 0xb1,
- 0x22, 0xd9, 0x9c, 0xaf, 0x5e, 0x3f, 0xf3, 0x66,
- 0xc6, 0x14, 0xfe, 0x83, 0xfa, 0x1a, 0x2a, 0xc5
+ 0x73, 0x8c, 0xfa, 0x02, 0xe8, 0xdb, 0x43, 0xe4,
+ 0x99, 0xc5, 0xfd, 0xd9, 0x4d, 0x8e, 0x3e, 0x7b,
+ 0xc4, 0xda, 0x22, 0x1b, 0xe1, 0xae, 0x23, 0x7a,
+ 0x21, 0x27, 0xbd, 0xcc, 0x78, 0xc4, 0xe6, 0xc5,
+ 0x33, 0x38, 0x35, 0xe0, 0x68, 0x1a, 0x1e, 0x06,
+ 0xad, 0xaf, 0x7f, 0xd7, 0x3f, 0x0e, 0xc0, 0x90,
+ 0x17, 0x97, 0x73, 0x75, 0x7b, 0x88, 0x49, 0xd8,
+ 0x6f, 0x78, 0x5a, 0xde, 0x50, 0x20, 0x55, 0x33
};
sftk_PBELockInit();
inKey.data = (unsigned char *)inKeyData;
inKey.len = sizeof(TEST_KEY) - 1;
pbe_params.salt.data = (unsigned char *)saltData;
diff --git a/lib/softoken/pkcs11c.c b/lib/softoken/pkcs11c.c
--- a/lib/softoken/pkcs11c.c
+++ b/lib/softoken/pkcs11c.c
@@ -4609,16 +4609,17 @@ NSC_GenerateKey(CK_SESSION_HANDLE hSessi
goto loser;
}
/* make sure we don't have any class, key_type, or value fields */
sftk_DeleteAttributeType(key, CKA_CLASS);
sftk_DeleteAttributeType(key, CKA_KEY_TYPE);
sftk_DeleteAttributeType(key, CKA_VALUE);
+
/* Now Set up the parameters to generate the key (based on mechanism) */
key_gen_type = nsc_bulk; /* bulk key by default */
switch (pMechanism->mechanism) {
case CKM_CDMF_KEY_GEN:
case CKM_DES_KEY_GEN:
case CKM_DES2_KEY_GEN:
case CKM_DES3_KEY_GEN:
checkWeak = PR_TRUE;
@@ -4812,16 +4813,19 @@ NSC_GenerateKey(CK_SESSION_HANDLE hSessi
crv = sftk_handleObject(key, session);
sftk_FreeSession(session);
if (crv == CKR_OK && sftk_isTrue(key, CKA_SENSITIVE)) {
crv = sftk_forceAttribute(key, CKA_ALWAYS_SENSITIVE, &cktrue, sizeof(CK_BBOOL));
}
if (crv == CKR_OK && !sftk_isTrue(key, CKA_EXTRACTABLE)) {
crv = sftk_forceAttribute(key, CKA_NEVER_EXTRACTABLE, &cktrue, sizeof(CK_BBOOL));
}
+ /* we need to do this check at the end, so we can check the generated key length against
+ * fips requirements */
+ key->isFIPS = sftk_operationIsFIPS(slot, pMechanism, CKA_NSS_GENERATE, key);
if (crv == CKR_OK) {
*phKey = key->handle;
}
loser:
PORT_Memset(buf, 0, sizeof buf);
sftk_FreeObject(key);
return crv;
}
@@ -5780,16 +5784,19 @@ NSC_GenerateKeyPair(CK_SESSION_HANDLE hS
if (crv != CKR_OK) {
NSC_DestroyObject(hSession, publicKey->handle);
sftk_FreeObject(publicKey);
NSC_DestroyObject(hSession, privateKey->handle);
sftk_FreeObject(privateKey);
return crv;
}
+ /* we need to do this check at the end to make sure the generated key meets the key length requirements */
+ privateKey->isFIPS = sftk_operationIsFIPS(slot, pMechanism, CKA_NSS_GENERATE_KEY_PAIR, privateKey);
+ publicKey->isFIPS = privateKey->isFIPS;
*phPrivateKey = privateKey->handle;
*phPublicKey = publicKey->handle;
sftk_FreeObject(publicKey);
sftk_FreeObject(privateKey);
return CKR_OK;
}
@@ -6990,16 +6997,17 @@ sftk_HKDF(CK_HKDF_PARAMS_PTR params, CK_
}
/* HKDF-Extract(salt, base key value) */
if (params->bExtract) {
CK_BYTE *salt;
CK_ULONG saltLen;
HMACContext *hmac;
unsigned int bufLen;
+ SFTKSource saltKeySource = SFTK_SOURCE_DEFAULT;
switch (params->ulSaltType) {
case CKF_HKDF_SALT_NULL:
saltLen = hashLen;
salt = hashbuf;
memset(salt, 0, saltLen);
break;
case CKF_HKDF_SALT_DATA:
@@ -7026,29 +7034,54 @@ sftk_HKDF(CK_HKDF_PARAMS_PTR params, CK_
if (isFIPS && (key->isFIPS == 0) && (saltKey->isFIPS == 1)) {
CK_MECHANISM mech;
mech.mechanism = CKM_HKDF_DERIVE;
mech.pParameter = params;
mech.ulParameterLen = sizeof(*params);
key->isFIPS = sftk_operationIsFIPS(saltKey->slot, &mech,
CKA_DERIVE, saltKey);
}
+ saltKeySource = saltKey->source;
saltKey_att = sftk_FindAttribute(saltKey, CKA_VALUE);
if (saltKey_att == NULL) {
sftk_FreeObject(saltKey);
return CKR_KEY_HANDLE_INVALID;
}
/* save the resulting salt */
salt = saltKey_att->attrib.pValue;
saltLen = saltKey_att->attrib.ulValueLen;
break;
default:
return CKR_MECHANISM_PARAM_INVALID;
break;
}
+ /* only TLS style usage is FIPS approved,
+ * turn off the FIPS indicator for other usages */
+ if (isFIPS && key && sourceKey) {
+ PRBool fipsOK = PR_FALSE;
+ /* case one: mix the kea with a previous or default
+ * salt */
+ if ((sourceKey->source == SFTK_SOURCE_KEA) &&
+ (saltKeySource == SFTK_SOURCE_HKDF_EXPAND) &&
+ (saltLen == rawHash->length)) {
+ fipsOK = PR_TRUE;
+ }
+ /* case two: restart, remix the previous secret as a salt */
+ if ((sourceKey->objclass == CKO_DATA) &&
+ (NSS_SecureMemcmpZero(sourceKeyBytes, sourceKeyLen) == 0) &&
+ (sourceKeyLen == rawHash->length) &&
+ (saltKeySource == SFTK_SOURCE_HKDF_EXPAND) &&
+ (saltLen == rawHash->length)) {
+ fipsOK = PR_TRUE;
+ }
+ if (!fipsOK) {
+ key->isFIPS = PR_FALSE;
+ }
+ }
+ if (key) key->source = SFTK_SOURCE_HKDF_EXTRACT;
hmac = HMAC_Create(rawHash, salt, saltLen, isFIPS);
if (saltKey_att) {
sftk_FreeAttribute(saltKey_att);
}
if (saltKey) {
sftk_FreeObject(saltKey);
}
@@ -7076,16 +7109,40 @@ sftk_HKDF(CK_HKDF_PARAMS_PTR params, CK_
/* T(1) = HMAC-Hash(prk, "" | info | 0x01)
* T(n) = HMAC-Hash(prk, T(n-1) | info | n
* key material = T(1) | ... | T(n)
*/
HMACContext *hmac;
CK_BYTE bi;
unsigned iterations;
+ /* only TLS style usage is FIPS approved,
+ * turn off the FIPS indicator for other usages */
+ if (isFIPS && key && key->isFIPS && sourceKey) {
+ unsigned char *info=&params->pInfo[3];
+ /* only one case,
+ * 1) Expand only
+ * 2) with a key whose source was
+ * SFTK_SOURCE_HKDF_EXPAND or SFTK_SOURCE_HKDF_EXTRACT
+ * 3) source key length == rawHash->length
+ * 4) Info has tls or dtls
+ * If any of those conditions aren't met, then we turn
+ * off the fips indicator */
+ if (params->bExtract ||
+ ((sourceKey->source != SFTK_SOURCE_HKDF_EXTRACT) &&
+ (sourceKey->source != SFTK_SOURCE_HKDF_EXPAND)) ||
+ (sourceKeyLen != rawHash->length) ||
+ (params->ulInfoLen < 7) ||
+ ((PORT_Memcmp(info,"tls",3) != 0) &&
+ (PORT_Memcmp(info,"dtls",4) != 0))) {
+ key->isFIPS = PR_FALSE;
+ }
+ }
+ if (key) key->source = SFTK_SOURCE_HKDF_EXPAND;
+
genLen = PR_ROUNDUP(keySize, hashLen);
iterations = genLen / hashLen;
if (genLen > sizeof(keyBlock)) {
keyBlockAlloc = PORT_Alloc(genLen);
if (keyBlockAlloc == NULL) {
return CKR_HOST_MEMORY;
}
@@ -8434,16 +8491,17 @@ NSC_DeriveKey(CK_SESSION_HANDLE hSession
/* calculate private value - oct */
rv = DH_Derive(&dhPublic, &dhPrime, &dhValue, &derived, keySize);
SECITEM_ZfreeItem(&dhPrime, PR_FALSE);
SECITEM_ZfreeItem(&dhValue, PR_FALSE);
if (rv == SECSuccess) {
+ key->source = SFTK_SOURCE_KEA;
sftk_forceAttribute(key, CKA_VALUE, derived.data, derived.len);
SECITEM_ZfreeItem(&derived, PR_FALSE);
crv = CKR_OK;
} else
crv = CKR_HOST_MEMORY;
break;
}
@@ -8564,16 +8622,17 @@ NSC_DeriveKey(CK_SESSION_HANDLE hSession
}
PORT_Memcpy(&keyData[keySize - secretlen], secret, secretlen);
secret = keyData;
} else {
secret += (secretlen - keySize);
}
secretlen = keySize;
}
+ key->source = SFTK_SOURCE_KEA;
sftk_forceAttribute(key, CKA_VALUE, secret, secretlen);
PORT_ZFree(tmp.data, tmp.len);
if (keyData) {
PORT_ZFree(keyData, keySize);
}
break;
diff --git a/lib/softoken/pkcs11i.h b/lib/softoken/pkcs11i.h
--- a/lib/softoken/pkcs11i.h
+++ b/lib/softoken/pkcs11i.h
@@ -147,16 +147,26 @@ typedef enum {
*/
typedef enum {
SFTK_DestroyFailure,
SFTK_Destroyed,
SFTK_Busy
} SFTKFreeStatus;
/*
+ * Source of various objects
+ */
+typedef enum {
+ SFTK_SOURCE_DEFAULT=0,
+ SFTK_SOURCE_KEA,
+ SFTK_SOURCE_HKDF_EXPAND,
+ SFTK_SOURCE_HKDF_EXTRACT
+} SFTKSource;
+
+/*
* attribute values of an object.
*/
struct SFTKAttributeStr {
SFTKAttribute *next;
SFTKAttribute *prev;
PRBool freeAttr;
PRBool freeData;
/*must be called handle to make sftkqueue_find work */
@@ -189,16 +199,17 @@ struct SFTKObjectStr {
CK_OBJECT_CLASS objclass;
CK_OBJECT_HANDLE handle;
int refCount;
PZLock *refLock;
SFTKSlot *slot;
void *objectInfo;
SFTKFree infoFree;
PRBool isFIPS;
+ SFTKSource source;
};
struct SFTKTokenObjectStr {
SFTKObject obj;
SECItem dbKey;
};
struct SFTKSessionObjectStr {
diff --git a/lib/softoken/pkcs11u.c b/lib/softoken/pkcs11u.c
--- a/lib/softoken/pkcs11u.c
+++ b/lib/softoken/pkcs11u.c
@@ -1090,16 +1090,17 @@ sftk_NewObject(SFTKSlot *slot)
sessObject->attrList[i].freeData = PR_FALSE;
}
sessObject->optimizeSpace = slot->optimizeSpace;
object->handle = 0;
object->next = object->prev = NULL;
object->slot = slot;
object->isFIPS = sftk_isFIPS(slot->slotID);
+ object->source = SFTK_SOURCE_DEFAULT;
object->refCount = 1;
sessObject->sessionList.next = NULL;
sessObject->sessionList.prev = NULL;
sessObject->sessionList.parent = object;
sessObject->session = NULL;
sessObject->wasDerived = PR_FALSE;
if (!hasLocks)
@@ -1674,16 +1675,17 @@ fail:
CK_RV
sftk_CopyObject(SFTKObject *destObject, SFTKObject *srcObject)
{
SFTKAttribute *attribute;
SFTKSessionObject *src_so = sftk_narrowToSessionObject(srcObject);
unsigned int i;
destObject->isFIPS = srcObject->isFIPS;
+ destObject->source = srcObject->source;
if (src_so == NULL) {
return sftk_CopyTokenObject(destObject, srcObject);
}
PZ_Lock(src_so->attributeLock);
for (i = 0; i < src_so->hashSize; i++) {
attribute = src_so->head[i];
do {
@@ -2059,16 +2061,17 @@ sftk_NewTokenObject(SFTKSlot *slot, SECI
/* every object must have a class, if we can't get it, the object
* doesn't exist */
crv = handleToClass(slot, handle, &object->objclass);
if (crv != CKR_OK) {
goto loser;
}
object->slot = slot;
object->isFIPS = sftk_isFIPS(slot->slotID);
+ object->source = SFTK_SOURCE_DEFAULT;
object->objectInfo = NULL;
object->infoFree = NULL;
if (!hasLocks) {
object->refLock = PZ_NewLock(nssILockRefLock);
}
if (object->refLock == NULL) {
goto loser;
}
@@ -2225,16 +2228,25 @@ sftk_AttributeToFlags(CK_ATTRIBUTE_TYPE
break;
case CKA_DERIVE:
flags = CKF_DERIVE;
break;
/* fake attribute to select digesting */
case CKA_DIGEST:
flags = CKF_DIGEST;
break;
+ /* fake attribute to select key gen */
+ case CKA_NSS_GENERATE:
+ flags = CKF_GENERATE;
+ break;
+ /* fake attribute to select key pair gen */
+ case CKA_NSS_GENERATE_KEY_PAIR:
+ flags = CKF_GENERATE_KEY_PAIR;
+ break;
+ /* fake attributes to to handle MESSAGE* flags */
case CKA_NSS_MESSAGE | CKA_ENCRYPT:
flags = CKF_MESSAGE_ENCRYPT;
break;
case CKA_NSS_MESSAGE | CKA_DECRYPT:
flags = CKF_MESSAGE_DECRYPT;
break;
case CKA_NSS_MESSAGE | CKA_SIGN:
flags = CKF_MESSAGE_SIGN;
@@ -2278,17 +2290,17 @@ sftk_quickGetECCCurveOid(SFTKObject *sou
}
/* This function currently only returns valid lengths for
* FIPS approved ECC curves. If we want to make this generic
* in the future, that Curve determination can be done in
* the sftk_handleSpecial. Since it's currently only used
* in FIPS indicators, it's currently only compiled with
* the FIPS indicator code */
-static int
+static CK_ULONG
sftk_getKeyLength(SFTKObject *source)
{
CK_KEY_TYPE keyType = CK_INVALID_HANDLE;
CK_ATTRIBUTE_TYPE keyAttribute;
CK_ULONG keyLength = 0;
SFTKAttribute *attribute;
CK_RV crv;
diff --git a/lib/util/pkcs11n.h b/lib/util/pkcs11n.h
--- a/lib/util/pkcs11n.h
+++ b/lib/util/pkcs11n.h
@@ -58,16 +58,18 @@
/*
* NSS-defined certificate types
*
*/
#define CKC_NSS (CKC_VENDOR_DEFINED | NSSCK_VENDOR_NSS)
/* FAKE PKCS #11 defines */
#define CKA_DIGEST 0x81000000L
+#define CKA_NSS_GENERATE 0x81000001L
+#define CKA_NSS_GENERATE_KEY_PAIR 0x81000002L
#define CKA_NSS_MESSAGE 0x82000000L
#define CKA_NSS_MESSAGE_MASK 0xff000000L
#define CKA_FLAGS_ONLY 0 /* CKA_CLASS */
/*
* NSS-defined object attributes
*
*/

23
SOURCES/nss-3.79-fix-client-cert-crash.patch
View File

@ -1,23 +0,0 @@
diff --git a/lib/ssl/authcert.c b/lib/ssl/authcert.c
--- a/lib/ssl/authcert.c
+++ b/lib/ssl/authcert.c
@@ -201,16 +201,19 @@ NSS_GetClientAuthData(void *arg,
/* otherwise look through the cache based on usage
* if chosenNickname is set, we ignore the expiration date */
if (certList == NULL) {
certList = CERT_FindUserCertsByUsage(CERT_GetDefaultCertDB(),
certUsageSSLClient,
PR_FALSE, chosenNickName == NULL,
pw_arg);
+ if (certList == NULL) {
+ return SECFailure;
+ }
/* filter only the certs that meet the nickname requirements */
if (chosenNickName) {
rv = CERT_FilterCertListByNickname(certList, chosenNickName,
pw_arg);
} else {
int nnames = 0;
char **names = ssl_DistNamesToStrings(caNames, &nnames);
rv = CERT_FilterCertListByCANames(certList, nnames, names,

22
SOURCES/nss-3.79-increase-pbe-cache.patch
View File

@ -1,22 +0,0 @@
diff --git a/lib/softoken/lowpbe.c b/lib/softoken/lowpbe.c
--- a/lib/softoken/lowpbe.c
+++ b/lib/softoken/lowpbe.c
@@ -565,17 +565,17 @@ struct KDFCacheItemStr {
int iterations;
int keyLen;
};
typedef struct KDFCacheItemStr KDFCacheItem;
/* Bug 1606992 - Cache the hash result for the common case that we're
* asked to repeatedly compute the key for the same password item,
* hash, iterations and salt. */
-#define KDF2_CACHE_COUNT 3
+#define KDF2_CACHE_COUNT 150
static struct {
PZLock *lock;
struct {
KDFCacheItem common;
int ivLen;
PRBool faulty3DES;
} cacheKDF1;
struct {

25
SOURCES/nss-3.79-pkcs12-fips-defaults.patch Normal file
View File

@ -0,0 +1,25 @@
diff -up ./cmd/pk12util/pk12util.c.pkcs12_fips_defaults ./cmd/pk12util/pk12util.c
--- ./cmd/pk12util/pk12util.c.pkcs12_fips_defaults 2022-07-20 13:40:24.152212683 -0700
+++ ./cmd/pk12util/pk12util.c 2022-07-20 13:42:40.031094190 -0700
@@ -1146,6 +1146,11 @@ main(int argc, char **argv)
goto done;
}
+ if (PK11_IsFIPS()) {
+ cipher = SEC_OID_AES_256_CBC;
+ certCipher = SEC_OID_AES_128_CBC;
+ }
+
if (pk12util.options[opt_Cipher].activated) {
char *cipherString = pk12util.options[opt_Cipher].arg;
@@ -1160,9 +1165,6 @@ main(int argc, char **argv)
}
}
- if (PK11_IsFIPS()) {
- certCipher = SEC_OID_UNKNOWN;
- }
if (pk12util.options[opt_CertCipher].activated) {
char *cipherString = pk12util.options[opt_CertCipher].arg;

21
SOURCES/nss-3.79-pkcs12-fix-null-password.patch
View File

@ -1,21 +0,0 @@
diff -up ./lib/pkcs12/p12local.c.fix_null_password ./lib/pkcs12/p12local.c
--- ./lib/pkcs12/p12local.c.fix_null_password 2022-07-20 14:15:45.081009438 -0700
+++ ./lib/pkcs12/p12local.c 2022-07-20 14:19:40.856546963 -0700
@@ -968,15 +968,14 @@ sec_pkcs12_convert_item_to_unicode(PLAre
if (zeroTerm) {
/* unicode adds two nulls at the end */
if (toUnicode) {
- if ((dest->len >= 2) &&
- (dest->data[dest->len - 1] || dest->data[dest->len - 2])) {
+ if ((dest->len < 2) || dest->data[dest->len - 1] || dest->data[dest->len - 2]) {
/* we've already allocated space for these new NULLs */
PORT_Assert(dest->len + 2 <= bufferSize);
dest->len += 2;
dest->data[dest->len - 1] = dest->data[dest->len - 2] = 0;
}
/* ascii/utf-8 adds just 1 */
- } else if ((dest->len >= 1) && dest->data[dest->len - 1]) {
+ } else if (!dest->len || dest->data[dest->len - 1]) {
PORT_Assert(dest->len + 1 <= bufferSize);
dest->len++;
dest->data[dest->len - 1] = 0;

335
SOURCES/nss-3.79-revert-distrusted-certs.patch Normal file
View File

@ -0,0 +1,335 @@
diff -up ./lib/ckfw/builtins/certdata.txt.revert-distrusted ./lib/ckfw/builtins/certdata.txt
--- ./lib/ckfw/builtins/certdata.txt.revert-distrusted 2022-05-26 02:54:33.000000000 -0700
+++ ./lib/ckfw/builtins/certdata.txt 2022-06-24 10:51:32.035207662 -0700
@@ -7668,6 +7668,187 @@ CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_
CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
#
+# Certificate "Explicitly Distrusted DigiNotar PKIoverheid G2"
+#
+# Issuer: CN=DigiNotar PKIoverheid CA Organisatie - G2,O=DigiNotar B.V.,C=NL
+# Serial Number: 268435455 (0xfffffff)
+# Subject: CN=DigiNotar PKIoverheid CA Organisatie - G2,O=DigiNotar B.V.,C=NL
+# Not Valid Before: Wed May 12 08:51:39 2010
+# Not Valid After : Mon Mar 23 09:50:05 2020
+# Fingerprint (MD5): 2E:61:A2:D1:78:CE:EE:BF:59:33:B0:23:14:0F:94:1C
+# Fingerprint (SHA1): D5:F2:57:A9:BF:2D:D0:3F:8B:46:57:F9:2B:C9:A4:C6:92:E1:42:42
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Explicitly Distrusted DigiNotar PKIoverheid G2"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\132\061\013\060\011\006\003\125\004\006\023\002\116\114\061
+\027\060\025\006\003\125\004\012\014\016\104\151\147\151\116\157
+\164\141\162\040\102\056\126\056\061\062\060\060\006\003\125\004
+\003\014\051\104\151\147\151\116\157\164\141\162\040\120\113\111
+\157\166\145\162\150\145\151\144\040\103\101\040\117\162\147\141
+\156\151\163\141\164\151\145\040\055\040\107\062
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\132\061\013\060\011\006\003\125\004\006\023\002\116\114\061
+\027\060\025\006\003\125\004\012\014\016\104\151\147\151\116\157
+\164\141\162\040\102\056\126\056\061\062\060\060\006\003\125\004
+\003\014\051\104\151\147\151\116\157\164\141\162\040\120\113\111
+\157\166\145\162\150\145\151\144\040\103\101\040\117\162\147\141
+\156\151\163\141\164\151\145\040\055\040\107\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\004\017\377\377\377
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\006\225\060\202\004\175\240\003\002\001\002\002\004\017
+\377\377\377\060\015\006\011\052\206\110\206\367\015\001\001\013
+\005\000\060\132\061\013\060\011\006\003\125\004\006\023\002\116
+\114\061\027\060\025\006\003\125\004\012\014\016\104\151\147\151
+\116\157\164\141\162\040\102\056\126\056\061\062\060\060\006\003
+\125\004\003\014\051\104\151\147\151\116\157\164\141\162\040\120
+\113\111\157\166\145\162\150\145\151\144\040\103\101\040\117\162
+\147\141\156\151\163\141\164\151\145\040\055\040\107\062\060\036
+\027\015\061\060\060\065\061\062\060\070\065\061\063\071\132\027
+\015\062\060\060\063\062\063\060\071\065\060\060\065\132\060\132
+\061\013\060\011\006\003\125\004\006\023\002\116\114\061\027\060
+\025\006\003\125\004\012\014\016\104\151\147\151\116\157\164\141
+\162\040\102\056\126\056\061\062\060\060\006\003\125\004\003\014
+\051\104\151\147\151\116\157\164\141\162\040\120\113\111\157\166
+\145\162\150\145\151\144\040\103\101\040\117\162\147\141\156\151
+\163\141\164\151\145\040\055\040\107\062\060\202\002\042\060\015
+\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202\002
+\017\000\060\202\002\012\002\202\002\001\000\261\023\031\017\047
+\346\154\324\125\206\113\320\354\211\212\105\221\170\254\107\275
+\107\053\344\374\105\353\117\264\046\163\133\067\323\303\177\366
+\343\336\327\243\370\055\150\305\010\076\113\224\326\344\207\045
+\066\153\204\265\030\164\363\050\130\163\057\233\152\317\274\004
+\036\366\336\335\257\374\113\252\365\333\146\142\045\001\045\202
+\336\362\227\132\020\156\335\135\251\042\261\004\251\043\163\072
+\370\161\255\035\317\204\104\353\107\321\257\155\310\174\050\253
+\307\362\067\172\164\137\137\305\002\024\212\243\132\343\033\154
+\001\343\135\216\331\150\326\364\011\033\062\334\221\265\054\365
+\040\353\214\003\155\046\111\270\223\304\205\135\330\322\233\257
+\126\152\314\005\063\314\240\102\236\064\125\104\234\153\240\324
+\022\320\053\124\315\267\211\015\345\366\353\350\373\205\001\063
+\117\172\153\361\235\162\063\226\016\367\262\204\245\245\047\304
+\047\361\121\163\051\167\272\147\156\376\114\334\264\342\241\241
+\201\057\071\111\215\103\070\023\316\320\245\134\302\207\072\000
+\147\145\102\043\361\066\131\012\035\243\121\310\274\243\224\052
+\061\337\343\074\362\235\032\074\004\260\357\261\012\060\023\163
+\266\327\363\243\114\001\165\024\205\170\300\327\212\071\130\205
+\120\372\056\346\305\276\317\213\077\257\217\066\324\045\011\055
+\322\017\254\162\223\362\277\213\324\120\263\371\025\120\233\231
+\365\024\331\373\213\221\243\062\046\046\240\370\337\073\140\201
+\206\203\171\133\053\353\023\075\051\072\301\155\335\275\236\216
+\207\326\112\256\064\227\005\356\024\246\366\334\070\176\112\351
+\044\124\007\075\227\150\067\106\153\015\307\250\041\257\023\124
+\344\011\152\361\115\106\012\311\135\373\233\117\275\336\373\267
+\124\313\270\070\234\247\071\373\152\055\300\173\215\253\245\247
+\127\354\112\222\212\063\305\341\040\134\163\330\220\222\053\200
+\325\017\206\030\151\174\071\117\204\206\274\367\114\133\363\325
+\264\312\240\302\360\067\042\312\171\122\037\123\346\252\363\220
+\260\073\335\362\050\375\254\353\305\006\044\240\311\324\057\017
+\130\375\265\236\354\017\317\262\131\320\242\004\172\070\152\256
+\162\373\275\360\045\142\224\011\247\005\013\002\003\001\000\001
+\243\202\001\141\060\202\001\135\060\110\006\003\125\035\040\004
+\101\060\077\060\075\006\004\125\035\040\000\060\065\060\063\006
+\010\053\006\001\005\005\007\002\001\026\047\150\164\164\160\072
+\057\057\167\167\167\056\144\151\147\151\156\157\164\141\162\056
+\156\154\057\143\160\163\057\160\153\151\157\166\145\162\150\145
+\151\144\060\017\006\003\125\035\023\001\001\377\004\005\060\003
+\001\001\377\060\016\006\003\125\035\017\001\001\377\004\004\003
+\002\001\006\060\201\205\006\003\125\035\043\004\176\060\174\200
+\024\071\020\213\111\222\134\333\141\022\040\315\111\235\032\216
+\332\234\147\100\271\241\136\244\134\060\132\061\013\060\011\006
+\003\125\004\006\023\002\116\114\061\036\060\034\006\003\125\004
+\012\014\025\123\164\141\141\164\040\144\145\162\040\116\145\144
+\145\162\154\141\156\144\145\156\061\053\060\051\006\003\125\004
+\003\014\042\123\164\141\141\164\040\144\145\162\040\116\145\144
+\145\162\154\141\156\144\145\156\040\122\157\157\164\040\103\101
+\040\055\040\107\062\202\004\000\230\226\364\060\111\006\003\125
+\035\037\004\102\060\100\060\076\240\074\240\072\206\070\150\164
+\164\160\072\057\057\143\162\154\056\160\153\151\157\166\145\162
+\150\145\151\144\056\156\154\057\104\157\155\117\162\147\141\156
+\151\163\141\164\151\145\114\141\164\145\163\164\103\122\114\055
+\107\062\056\143\162\154\060\035\006\003\125\035\016\004\026\004
+\024\274\135\224\073\331\253\173\003\045\163\141\302\333\055\356
+\374\253\217\145\241\060\015\006\011\052\206\110\206\367\015\001
+\001\013\005\000\003\202\002\001\000\217\374\055\114\267\331\055
+\325\037\275\357\313\364\267\150\027\165\235\116\325\367\335\234
+\361\052\046\355\237\242\266\034\003\325\123\263\354\010\317\064
+\342\343\303\364\265\026\057\310\303\276\327\323\163\253\000\066
+\371\032\112\176\326\143\351\136\106\272\245\266\216\025\267\243
+\052\330\103\035\357\135\310\037\201\205\263\213\367\377\074\364
+\331\364\106\010\077\234\274\035\240\331\250\114\315\045\122\116
+\012\261\040\367\037\351\103\331\124\106\201\023\232\300\136\164
+\154\052\230\062\352\374\167\273\015\245\242\061\230\042\176\174
+\174\347\332\244\255\354\267\056\032\031\161\370\110\120\332\103
+\217\054\204\335\301\100\047\343\265\360\025\116\226\324\370\134
+\343\206\051\106\053\327\073\007\353\070\177\310\206\127\227\323
+\357\052\063\304\027\120\325\144\151\153\053\153\105\136\135\057
+\027\312\132\116\317\303\327\071\074\365\073\237\106\271\233\347
+\016\111\227\235\326\325\343\033\017\352\217\001\116\232\023\224
+\131\012\002\007\110\113\032\140\253\177\117\355\013\330\125\015
+\150\157\125\234\151\145\025\102\354\300\334\335\154\254\303\026
+\316\013\035\126\233\244\304\304\322\056\340\017\342\104\047\053
+\120\151\244\334\142\350\212\041\051\102\154\314\000\072\226\166
+\233\357\100\300\244\136\167\204\062\154\046\052\071\146\256\135
+\343\271\271\262\054\150\037\036\232\220\003\071\360\252\263\244
+\314\111\213\030\064\351\067\311\173\051\307\204\174\157\104\025
+\057\354\141\131\004\311\105\313\242\326\122\242\174\177\051\222
+\326\112\305\213\102\250\324\376\352\330\307\207\043\030\344\235
+\172\175\163\100\122\230\240\256\156\343\005\077\005\017\340\245
+\306\155\115\355\203\067\210\234\307\363\334\102\232\152\266\327
+\041\111\066\167\362\357\030\117\305\160\331\236\351\336\267\053
+\213\364\274\176\050\337\015\100\311\205\134\256\235\305\061\377
+\320\134\016\265\250\176\360\351\057\272\257\210\256\345\265\321
+\130\245\257\234\161\247\051\001\220\203\151\067\202\005\272\374
+\011\301\010\156\214\170\073\303\063\002\200\077\104\205\010\035
+\337\125\126\010\255\054\205\055\135\261\003\341\256\252\164\305
+\244\363\116\272\067\230\173\202\271
+END
+
+# Trust for Certificate "Explicitly Distrusted DigiNotar PKIoverheid G2"
+# Issuer: CN=DigiNotar PKIoverheid CA Organisatie - G2,O=DigiNotar B.V.,C=NL
+# Serial Number: 268435455 (0xfffffff)
+# Subject: CN=DigiNotar PKIoverheid CA Organisatie - G2,O=DigiNotar B.V.,C=NL
+# Not Valid Before: Wed May 12 08:51:39 2010
+# Not Valid After : Mon Mar 23 09:50:05 2020
+# Fingerprint (MD5): 2E:61:A2:D1:78:CE:EE:BF:59:33:B0:23:14:0F:94:1C
+# Fingerprint (SHA1): D5:F2:57:A9:BF:2D:D0:3F:8B:46:57:F9:2B:C9:A4:C6:92:E1:42:42
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Explicitly Distrusted DigiNotar PKIoverheid G2"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\325\362\127\251\277\055\320\077\213\106\127\371\053\311\244\306
+\222\341\102\102
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\056\141\242\321\170\316\356\277\131\063\260\043\024\017\224\034
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\132\061\013\060\011\006\003\125\004\006\023\002\116\114\061
+\027\060\025\006\003\125\004\012\014\016\104\151\147\151\116\157
+\164\141\162\040\102\056\126\056\061\062\060\060\006\003\125\004
+\003\014\051\104\151\147\151\116\157\164\141\162\040\120\113\111
+\157\166\145\162\150\145\151\144\040\103\101\040\117\162\147\141
+\156\151\163\141\164\151\145\040\055\040\107\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\004\017\377\377\377
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
# Certificate "Security Communication RootCA2"
#
# Issuer: OU=Security Communication RootCA2,O="SECOM Trust Systems CO.,LTD.",C=JP
@@ -8161,6 +8342,68 @@ CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_
CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+# Explicitly Distrust "MITM subCA 1 issued by Trustwave", Bug 724929
+# Issuer: E=ca@trustwave.com,CN="Trustwave Organization Issuing CA, Level 2",O="Trustwave Holdings, Inc.",L=Chicago,ST=Illinois,C=US
+# Serial Number: 1800000005 (0x6b49d205)
+# Not Before: Apr 7 15:37:15 2011 GMT
+# Not After : Apr 4 15:37:15 2021 GMT
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "MITM subCA 1 issued by Trustwave"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\253\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\021\060\017\006\003\125\004\010\023\010\111\154\154\151\156
+\157\151\163\061\020\060\016\006\003\125\004\007\023\007\103\150
+\151\143\141\147\157\061\041\060\037\006\003\125\004\012\023\030
+\124\162\165\163\164\167\141\166\145\040\110\157\154\144\151\156
+\147\163\054\040\111\156\143\056\061\063\060\061\006\003\125\004
+\003\023\052\124\162\165\163\164\167\141\166\145\040\117\162\147
+\141\156\151\172\141\164\151\157\156\040\111\163\163\165\151\156
+\147\040\103\101\054\040\114\145\166\145\154\040\062\061\037\060
+\035\006\011\052\206\110\206\367\015\001\011\001\026\020\143\141
+\100\164\162\165\163\164\167\141\166\145\056\143\157\155
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\004\153\111\322\005
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+# Explicitly Distrust "MITM subCA 2 issued by Trustwave", Bug 724929
+# Issuer: E=ca@trustwave.com,CN="Trustwave Organization Issuing CA, Level 2",O="Trustwave Holdings, Inc.",L=Chicago,ST=Illinois,C=US
+# Serial Number: 1800000006 (0x6b49d206)
+# Not Before: Apr 18 21:09:30 2011 GMT
+# Not After : Apr 15 21:09:30 2021 GMT
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "MITM subCA 2 issued by Trustwave"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\253\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\021\060\017\006\003\125\004\010\023\010\111\154\154\151\156
+\157\151\163\061\020\060\016\006\003\125\004\007\023\007\103\150
+\151\143\141\147\157\061\041\060\037\006\003\125\004\012\023\030
+\124\162\165\163\164\167\141\166\145\040\110\157\154\144\151\156
+\147\163\054\040\111\156\143\056\061\063\060\061\006\003\125\004
+\003\023\052\124\162\165\163\164\167\141\166\145\040\117\162\147
+\141\156\151\172\141\164\151\157\156\040\111\163\163\165\151\156
+\147\040\103\101\054\040\114\145\166\145\154\040\062\061\037\060
+\035\006\011\052\206\110\206\367\015\001\011\001\026\020\143\141
+\100\164\162\165\163\164\167\141\166\145\056\143\157\155
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\004\153\111\322\006
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
#
# Certificate "Actalis Authentication Root CA"
#
@@ -8804,6 +9047,74 @@ CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_
CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+# Explicitly Distrust "TURKTRUST Mis-issued Intermediate CA 1", Bug 825022
+# Issuer: O=T..RKTRUST Bilgi ..leti..im ve Bili..im G..venli..i Hizmetleri A...,C=TR,CN=T..RKTRUST Elektronik Sunucu Sertifikas.. Hizmetleri
+# Serial Number: 2087 (0x827)
+# Subject: CN=*.EGO.GOV.TR,OU=EGO BILGI ISLEM,O=EGO,L=ANKARA,ST=ANKARA,C=TR
+# Not Valid Before: Mon Aug 08 07:07:51 2011
+# Not Valid After : Tue Jul 06 07:07:51 2021
+# Fingerprint (MD5): F8:F5:25:FF:0C:31:CF:85:E1:0C:86:17:C1:CE:1F:8E
+# Fingerprint (SHA1): C6:9F:28:C8:25:13:9E:65:A6:46:C4:34:AC:A5:A1:D2:00:29:5D:B1
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "TURKTRUST Mis-issued Intermediate CA 1"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\254\061\075\060\073\006\003\125\004\003\014\064\124\303
+\234\122\113\124\122\125\123\124\040\105\154\145\153\164\162\157
+\156\151\153\040\123\165\156\165\143\165\040\123\145\162\164\151
+\146\151\153\141\163\304\261\040\110\151\172\155\145\164\154\145
+\162\151\061\013\060\011\006\003\125\004\006\023\002\124\122\061
+\136\060\134\006\003\125\004\012\014\125\124\303\234\122\113\124
+\122\125\123\124\040\102\151\154\147\151\040\304\260\154\145\164
+\151\305\237\151\155\040\166\145\040\102\151\154\151\305\237\151
+\155\040\107\303\274\166\145\156\154\151\304\237\151\040\110\151
+\172\155\145\164\154\145\162\151\040\101\056\305\236\056\040\050
+\143\051\040\113\141\163\304\261\155\040\040\062\060\060\065
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\002\010\047
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+# Explicitly Distrust "TURKTRUST Mis-issued Intermediate CA 2", Bug 825022
+# Issuer: O=T..RKTRUST Bilgi ..leti..im ve Bili..im G..venli..i Hizmetleri A...,C=TR,CN=T..RKTRUST Elektronik Sunucu Sertifikas.. Hizmetleri
+# Serial Number: 2148 (0x864)
+# Subject: E=ileti@kktcmerkezbankasi.org,CN=e-islem.kktcmerkezbankasi.org,O=KKTC Merkez Bankasi,L=Lefkosa,ST=Lefkosa,C=TR
+# Not Valid Before: Mon Aug 08 07:07:51 2011
+# Not Valid After : Thu Aug 05 07:07:51 2021
+# Fingerprint (MD5): BF:C3:EC:AD:0F:42:4F:B4:B5:38:DB:35:BF:AD:84:A2
+# Fingerprint (SHA1): F9:2B:E5:26:6C:C0:5D:B2:DC:0D:C3:F2:DC:74:E0:2D:EF:D9:49:CB
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "TURKTRUST Mis-issued Intermediate CA 2"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\254\061\075\060\073\006\003\125\004\003\014\064\124\303
+\234\122\113\124\122\125\123\124\040\105\154\145\153\164\162\157
+\156\151\153\040\123\165\156\165\143\165\040\123\145\162\164\151
+\146\151\153\141\163\304\261\040\110\151\172\155\145\164\154\145
+\162\151\061\013\060\011\006\003\125\004\006\023\002\124\122\061
+\136\060\134\006\003\125\004\012\014\125\124\303\234\122\113\124
+\122\125\123\124\040\102\151\154\147\151\040\304\260\154\145\164
+\151\305\237\151\155\040\166\145\040\102\151\154\151\305\237\151
+\155\040\107\303\274\166\145\156\154\151\304\237\151\040\110\151
+\172\155\145\164\154\145\162\151\040\101\056\305\236\056\040\050
+\143\051\040\113\141\163\304\261\155\040\040\062\060\060\065
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\002\010\144
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
#
# Certificate "D-TRUST Root Class 3 CA 2 2009"
#

672
SOURCES/nss-3.79-rhel-9-fips-signature-policy.patch
View File

@ -1,672 +0,0 @@
diff -up ./cmd/crmftest/testcrmf.c.signature-policy ./cmd/crmftest/testcrmf.c
--- ./cmd/crmftest/testcrmf.c.signature-policy 2022-05-26 02:54:33.000000000 -0700
+++ ./cmd/crmftest/testcrmf.c 2022-06-21 09:16:23.916905015 -0700
@@ -85,7 +85,7 @@
#include "sechash.h"
#endif
-#define MAX_KEY_LEN 512
+#define MAX_KEY_LEN 1024
#define PATH_LEN 150
#define BUFF_SIZE 150
#define UID_BITS 800
diff -up ./gtests/pk11_gtest/pk11_rsapkcs1_unittest.cc.signature-policy ./gtests/pk11_gtest/pk11_rsapkcs1_unittest.cc
--- ./gtests/pk11_gtest/pk11_rsapkcs1_unittest.cc.signature-policy 2022-05-26 02:54:33.000000000 -0700
+++ ./gtests/pk11_gtest/pk11_rsapkcs1_unittest.cc 2022-06-21 09:16:23.916905015 -0700
@@ -16,6 +16,7 @@
#include "secerr.h"
#include "sechash.h"
#include "pk11_signature_test.h"
+#include "blapit.h"
#include "testvectors/rsa_signature_2048_sha224-vectors.h"
#include "testvectors/rsa_signature_2048_sha256-vectors.h"
@@ -109,7 +110,11 @@ class Pkcs11RsaPkcs1WycheproofTest
* Use 6 as the invalid value since modLen % 16 must be zero.
*/
TEST(RsaPkcs1Test, Pkcs1MinimumPadding) {
- const size_t kRsaShortKeyBits = 736;
+#define RSA_SHORT_KEY_LENGTH 736
+/* if our minimum supported key length is big enough to handle
+ * our largest Hash function, we can't test a short length */
+#if RSA_MIN_MODULUS_BITS < RSA_SHORT_KEY_LENGTH
+ const size_t kRsaShortKeyBits = RSA_SHORT_KEY_LENGTH;
const size_t kRsaKeyBits = 752;
static const std::vector<uint8_t> kMsg{'T', 'E', 'S', 'T'};
static const std::vector<uint8_t> kSha512DigestInfo{
@@ -209,6 +214,9 @@ TEST(RsaPkcs1Test, Pkcs1MinimumPadding)
SEC_OID_PKCS1_RSA_ENCRYPTION, SEC_OID_SHA512,
nullptr);
EXPECT_EQ(SECSuccess, rv);
+#else
+ GTEST_SKIP();
+#endif
}
TEST(RsaPkcs1Test, RequireNullParameter) {
diff -up ./gtests/ssl_gtest/tls_subcerts_unittest.cc.signature-policy ./gtests/ssl_gtest/tls_subcerts_unittest.cc
--- ./gtests/ssl_gtest/tls_subcerts_unittest.cc.signature-policy 2022-06-21 09:16:23.901904919 -0700
+++ ./gtests/ssl_gtest/tls_subcerts_unittest.cc 2022-06-21 09:19:12.482981408 -0700
@@ -9,6 +9,8 @@
#include "prtime.h"
#include "secerr.h"
#include "ssl.h"
+#include "nss.h"
+#include "blapit.h"
#include "gtest_utils.h"
#include "tls_agent.h"
@@ -357,9 +359,14 @@ static void GenerateWeakRsaKey(ScopedSEC
ScopedPK11SlotInfo slot(PK11_GetInternalSlot());
ASSERT_TRUE(slot);
PK11RSAGenParams rsaparams;
- // The absolute minimum size of RSA key that we can use with SHA-256 is
- // 256bit (hash) + 256bit (salt) + 8 (start byte) + 8 (end byte) = 528.
+// The absolute minimum size of RSA key that we can use with SHA-256 is
+// 256bit (hash) + 256bit (salt) + 8 (start byte) + 8 (end byte) = 528.
+#define RSA_WEAK_KEY 528
+#if RSA_MIN_MODULUS_BITS < RSA_WEAK_KEY
rsaparams.keySizeInBits = 528;
+#else
+ rsaparams.keySizeInBits = RSA_MIN_MODULUS_BITS + 1;
+#endif
rsaparams.pe = 65537;
// Bug 1012786: PK11_GenerateKeyPair can fail if there is insufficient
@@ -399,6 +406,18 @@ TEST_P(TlsConnectTls13, DCWeakKey) {
ssl_sig_rsa_pss_pss_sha256};
client_->SetSignatureSchemes(kSchemes, PR_ARRAY_SIZE(kSchemes));
server_->SetSignatureSchemes(kSchemes, PR_ARRAY_SIZE(kSchemes));
+#if RSA_MIN_MODULUS_BITS > RSA_WEAK_KEY
+ // save the MIN POLICY length.
+ PRInt32 minRsa;
+
+ ASSERT_EQ(SECSuccess, NSS_OptionGet(NSS_RSA_MIN_KEY_SIZE, &minRsa));
+#if RSA_MIN_MODULUS_BITS >= 2048
+ ASSERT_EQ(SECSuccess,
+ NSS_OptionSet(NSS_RSA_MIN_KEY_SIZE, RSA_MIN_MODULUS_BITS + 1024));
+#else
+ ASSERT_EQ(SECSuccess, NSS_OptionSet(NSS_RSA_MIN_KEY_SIZE, 2048));
+#endif
+#endif
ScopedSECKEYPrivateKey dc_priv;
ScopedSECKEYPublicKey dc_pub;
@@ -421,6 +440,9 @@ TEST_P(TlsConnectTls13, DCWeakKey) {
auto cfilter = MakeTlsFilter<TlsExtensionCapture>(
client_, ssl_delegated_credentials_xtn);
ConnectExpectAlert(client_, kTlsAlertInsufficientSecurity);
+#if RSA_MIN_MODULUS_BITS > RSA_WEAK_KEY
+ ASSERT_EQ(SECSuccess, NSS_OptionSet(NSS_RSA_MIN_KEY_SIZE, minRsa));
+#endif
}
class ReplaceDCSigScheme : public TlsHandshakeFilter {
diff -up ./lib/cryptohi/keyhi.h.signature-policy ./lib/cryptohi/keyhi.h
--- ./lib/cryptohi/keyhi.h.signature-policy 2022-05-26 02:54:33.000000000 -0700
+++ ./lib/cryptohi/keyhi.h 2022-06-21 09:16:23.917905021 -0700
@@ -53,6 +53,11 @@ extern unsigned SECKEY_PublicKeyStrength
extern unsigned SECKEY_PublicKeyStrengthInBits(const SECKEYPublicKey *pubk);
/*
+** Return the strength of the private key in bits
+*/
+extern unsigned SECKEY_PrivateKeyStrengthInBits(const SECKEYPrivateKey *privk);
+
+/*
** Return the length of the signature in bytes
*/
extern unsigned SECKEY_SignatureLen(const SECKEYPublicKey *pubk);
diff -up ./lib/cryptohi/keyi.h.signature-policy ./lib/cryptohi/keyi.h
--- ./lib/cryptohi/keyi.h.signature-policy 2022-05-26 02:54:33.000000000 -0700
+++ ./lib/cryptohi/keyi.h 2022-06-21 09:16:23.917905021 -0700
@@ -4,6 +4,7 @@
#ifndef _KEYI_H_
#define _KEYI_H_
+#include "secerr.h"
SEC_BEGIN_PROTOS
/* NSS private functions */
@@ -36,6 +37,9 @@ SECStatus sec_DecodeRSAPSSParamsToMechan
const SECItem *params,
CK_RSA_PKCS_PSS_PARAMS *mech);
+/* make sure the key length matches the policy for keyType */
+SECStatus seckey_EnforceKeySize(KeyType keyType, unsigned keyLength,
+ SECErrorCodes error);
SEC_END_PROTOS
#endif /* _KEYHI_H_ */
diff -up ./lib/cryptohi/seckey.c.signature-policy ./lib/cryptohi/seckey.c
--- ./lib/cryptohi/seckey.c.signature-policy 2022-05-26 02:54:33.000000000 -0700
+++ ./lib/cryptohi/seckey.c 2022-06-21 09:16:23.917905021 -0700
@@ -14,6 +14,7 @@
#include "secdig.h"
#include "prtime.h"
#include "keyi.h"
+#include "nss.h"
SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate)
SEC_ASN1_MKSUB(SEC_IntegerTemplate)
@@ -1042,6 +1043,62 @@ SECKEY_PublicKeyStrengthInBits(const SEC
return bitSize;
}
+unsigned
+SECKEY_PrivateKeyStrengthInBits(const SECKEYPrivateKey *privk)
+{
+ unsigned bitSize = 0;
+ CK_ATTRIBUTE_TYPE attribute = CKT_INVALID_TYPE;
+ SECItem params;
+ SECStatus rv;
+
+ if (!privk) {
+ PORT_SetError(SEC_ERROR_INVALID_KEY);
+ return 0;
+ }
+
+ /* interpret modulus length as key strength */
+ switch (privk->keyType) {
+ case rsaKey:
+ case rsaPssKey:
+ case rsaOaepKey:
+ /* some tokens don't export CKA_MODULUS on the private key,
+ * PK11_SignatureLen works around this if necessary */
+ bitSize = PK11_SignatureLen((SECKEYPrivateKey *)privk) * PR_BITS_PER_BYTE;
+ if (bitSize == -1) {
+ bitSize = 0;
+ }
+ return bitSize;
+ case dsaKey:
+ case fortezzaKey:
+ case dhKey:
+ case keaKey:
+ attribute = CKA_PRIME;
+ break;
+ case ecKey:
+ rv = PK11_ReadAttribute(privk->pkcs11Slot, privk->pkcs11ID,
+ CKA_EC_PARAMS, NULL, &params);
+ if ((rv != SECSuccess) || (params.data == NULL)) {
+ return 0;
+ }
+ bitSize = SECKEY_ECParamsToKeySize(&params);
+ PORT_Free(params.data);
+ return bitSize;
+ default:
+ PORT_SetError(SEC_ERROR_INVALID_KEY);
+ return 0;
+ }
+ PORT_Assert(attribute != CKT_INVALID_TYPE);
+ rv = PK11_ReadAttribute(privk->pkcs11Slot, privk->pkcs11ID,
+ attribute, NULL, &params);
+ if ((rv != SECSuccess) || (params.data == NULL)) {
+ PORT_SetError(SEC_ERROR_INVALID_KEY);
+ return 0;
+ }
+ bitSize = SECKEY_BigIntegerBitLength(&params);
+ PORT_Free(params.data);
+ return bitSize;
+}
+
/* returns signature length in bytes (not bits) */
unsigned
SECKEY_SignatureLen(const SECKEYPublicKey *pubk)
@@ -1212,6 +1269,51 @@ SECKEY_CopyPublicKey(const SECKEYPublicK
}
/*
+ * Check that a given key meets the policy limits for the given key
+ * size.
+ */
+SECStatus
+seckey_EnforceKeySize(KeyType keyType, unsigned keyLength, SECErrorCodes error)
+{
+ PRInt32 opt = -1;
+ PRInt32 optVal;
+ SECStatus rv;
+
+ switch (keyType) {
+ case rsaKey:
+ case rsaPssKey:
+ case rsaOaepKey:
+ opt = NSS_RSA_MIN_KEY_SIZE;
+ break;
+ case dsaKey:
+ case fortezzaKey:
+ opt = NSS_DSA_MIN_KEY_SIZE;
+ break;
+ case dhKey:
+ case keaKey:
+ opt = NSS_DH_MIN_KEY_SIZE;
+ break;
+ case ecKey:
+ opt = NSS_ECC_MIN_KEY_SIZE;
+ break;
+ case nullKey:
+ default:
+ PORT_SetError(SEC_ERROR_INVALID_KEY);
+ return SECFailure;
+ }
+ PORT_Assert(opt != -1);
+ rv = NSS_OptionGet(opt, &optVal);
+ if (rv != SECSuccess) {
+ return rv;
+ }
+ if (optVal < keyLength) {
+ PORT_SetError(error);
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+/*
* Use the private key to find a public key handle. The handle will be on
* the same slot as the private key.
*/
diff -up ./lib/cryptohi/secsign.c.signature-policy ./lib/cryptohi/secsign.c
--- ./lib/cryptohi/secsign.c.signature-policy 2022-05-26 02:54:33.000000000 -0700
+++ ./lib/cryptohi/secsign.c 2022-06-21 09:16:23.917905021 -0700
@@ -15,6 +15,7 @@
#include "pk11func.h"
#include "secerr.h"
#include "keyi.h"
+#include "nss.h"
struct SGNContextStr {
SECOidTag signalg;
@@ -32,6 +33,7 @@ sgn_NewContext(SECOidTag alg, SECItem *p
SECOidTag hashalg, signalg;
KeyType keyType;
PRUint32 policyFlags;
+ PRInt32 optFlags;
SECStatus rv;
/* OK, map a PKCS #7 hash and encrypt algorithm into
@@ -56,6 +58,16 @@ sgn_NewContext(SECOidTag alg, SECItem *p
PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
return NULL;
}
+ if (NSS_OptionGet(NSS_KEY_SIZE_POLICY_FLAGS, &optFlags) != SECFailure) {
+ if (optFlags & NSS_KEY_SIZE_POLICY_SIGN_FLAG) {
+ rv = seckey_EnforceKeySize(key->keyType,
+ SECKEY_PrivateKeyStrengthInBits(key),
+ SEC_ERROR_SIGNATURE_ALGORITHM_DISABLED);
+ if (rv != SECSuccess) {
+ return NULL;
+ }
+ }
+ }
/* check the policy on the hash algorithm */
if ((NSS_GetAlgorithmPolicy(hashalg, &policyFlags) == SECFailure) ||
!(policyFlags & NSS_USE_ALG_IN_ANY_SIGNATURE)) {
@@ -467,9 +479,20 @@ SGN_Digest(SECKEYPrivateKey *privKey,
SGNDigestInfo *di = 0;
SECOidTag enctag;
PRUint32 policyFlags;
+ PRInt32 optFlags;
result->data = 0;
+ if (NSS_OptionGet(NSS_KEY_SIZE_POLICY_FLAGS, &optFlags) != SECFailure) {
+ if (optFlags & NSS_KEY_SIZE_POLICY_SIGN_FLAG) {
+ rv = seckey_EnforceKeySize(privKey->keyType,
+ SECKEY_PrivateKeyStrengthInBits(privKey),
+ SEC_ERROR_SIGNATURE_ALGORITHM_DISABLED);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ }
+ }
/* check the policy on the hash algorithm */
if ((NSS_GetAlgorithmPolicy(algtag, &policyFlags) == SECFailure) ||
!(policyFlags & NSS_USE_ALG_IN_ANY_SIGNATURE)) {
diff -up ./lib/cryptohi/secvfy.c.signature-policy ./lib/cryptohi/secvfy.c
--- ./lib/cryptohi/secvfy.c.signature-policy 2022-05-26 02:54:33.000000000 -0700
+++ ./lib/cryptohi/secvfy.c 2022-06-21 09:16:23.918905028 -0700
@@ -16,6 +16,7 @@
#include "secdig.h"
#include "secerr.h"
#include "keyi.h"
+#include "nss.h"
/*
** Recover the DigestInfo from an RSA PKCS#1 signature.
@@ -467,6 +468,7 @@ vfy_CreateContext(const SECKEYPublicKey
unsigned int sigLen;
KeyType type;
PRUint32 policyFlags;
+ PRInt32 optFlags;
/* make sure the encryption algorithm matches the key type */
/* RSA-PSS algorithm can be used with both rsaKey and rsaPssKey */
@@ -476,7 +478,16 @@ vfy_CreateContext(const SECKEYPublicKey
PORT_SetError(SEC_ERROR_PKCS7_KEYALG_MISMATCH);
return NULL;
}
-
+ if (NSS_OptionGet(NSS_KEY_SIZE_POLICY_FLAGS, &optFlags) != SECFailure) {
+ if (optFlags & NSS_KEY_SIZE_POLICY_VERIFY_FLAG) {
+ rv = seckey_EnforceKeySize(key->keyType,
+ SECKEY_PublicKeyStrengthInBits(key),
+ SEC_ERROR_SIGNATURE_ALGORITHM_DISABLED);
+ if (rv != SECSuccess) {
+ return NULL;
+ }
+ }
+ }
/* check the policy on the encryption algorithm */
if ((NSS_GetAlgorithmPolicy(encAlg, &policyFlags) == SECFailure) ||
!(policyFlags & NSS_USE_ALG_IN_ANY_SIGNATURE)) {
diff -up ./lib/freebl/blapit.h.signature-policy ./lib/freebl/blapit.h
--- ./lib/freebl/blapit.h.signature-policy 2022-05-26 02:54:33.000000000 -0700
+++ ./lib/freebl/blapit.h 2022-06-21 09:16:23.918905028 -0700
@@ -135,7 +135,7 @@ typedef int __BLAPI_DEPRECATED __attribu
* These values come from the initial key size limits from the PKCS #11
* module. They may be arbitrarily adjusted to any value freebl supports.
*/
-#define RSA_MIN_MODULUS_BITS 128
+#define RSA_MIN_MODULUS_BITS 1023 /* 128 */
#define RSA_MAX_MODULUS_BITS 16384
#define RSA_MAX_EXPONENT_BITS 64
#define DH_MIN_P_BITS 128
diff -up ./lib/nss/nss.h.signature-policy ./lib/nss/nss.h
--- ./lib/nss/nss.h.signature-policy 2022-05-26 02:54:33.000000000 -0700
+++ ./lib/nss/nss.h 2022-06-21 09:16:23.918905028 -0700
@@ -302,6 +302,28 @@ SECStatus NSS_UnregisterShutdown(NSS_Shu
#define NSS_DEFAULT_LOCKS 0x00d /* lock default values */
#define NSS_DEFAULT_SSL_LOCK 1 /* lock the ssl default values */
+/* NSS_KEY_SIZE_POLICY controls what kinds of operations are subject to
+ * the NSS_XXX_MIN_KEY_SIZE values.
+ * NSS_KEY_SIZE_POLICY_FLAGS sets and clears all the flags to the input
+ * value
+ * On get it returns all the flags
+ * NSS_KEY_SIZE_POLICY_SET_FLAGS sets only the flags=1 in theinput value and
+ * does not affect the other flags
+ * On get it returns all the flags
+ * NSS_KEY_SIZE_POLICY_CLEAR_FLAGS clears only the flags=1 in the input
+ * value and does not affect the other flags
+ * On get it returns all the compliment of all the flags
+ * (cleared flags == 1) */
+#define NSS_KEY_SIZE_POLICY_FLAGS 0x00e
+#define NSS_KEY_SIZE_POLICY_SET_FLAGS 0x00f
+#define NSS_KEY_SIZE_POLICY_CLEAR_FLAGS 0x010
+/* currently defined flags */
+#define NSS_KEY_SIZE_POLICY_SSL_FLAG 1
+#define NSS_KEY_SIZE_POLICY_VERIFY_FLAG 2
+#define NSS_KEY_SIZE_POLICY_SIGN_FLAG 4
+
+#define NSS_ECC_MIN_KEY_SIZE 0x011
+
/*
* Set and get global options for the NSS library.
*/
diff -up ./lib/nss/nssoptions.c.signature-policy ./lib/nss/nssoptions.c
--- ./lib/nss/nssoptions.c.signature-policy 2022-05-26 02:54:33.000000000 -0700
+++ ./lib/nss/nssoptions.c 2022-06-21 09:16:23.918905028 -0700
@@ -26,6 +26,8 @@ struct nssOps {
PRInt32 dtlsVersionMaxPolicy;
PRInt32 pkcs12DecodeForceUnicode;
PRInt32 defaultLocks;
+ PRInt32 keySizePolicyFlags;
+ PRInt32 eccMinKeySize;
};
static struct nssOps nss_ops = {
@@ -37,7 +39,9 @@ static struct nssOps nss_ops = {
1,
0xffff,
PR_FALSE,
- 0
+ 0,
+ NSS_KEY_SIZE_POLICY_SSL_FLAG,
+ SSL_ECC_MIN_CURVE_BITS
};
SECStatus
@@ -78,6 +82,18 @@ NSS_OptionSet(PRInt32 which, PRInt32 val
case NSS_DEFAULT_LOCKS:
nss_ops.defaultLocks = value;
break;
+ case NSS_KEY_SIZE_POLICY_FLAGS:
+ nss_ops.keySizePolicyFlags = value;
+ break;
+ case NSS_KEY_SIZE_POLICY_SET_FLAGS:
+ nss_ops.keySizePolicyFlags |= value;
+ break;
+ case NSS_KEY_SIZE_POLICY_CLEAR_FLAGS:
+ nss_ops.keySizePolicyFlags &= ~value;
+ break;
+ case NSS_ECC_MIN_KEY_SIZE:
+ nss_ops.eccMinKeySize = value;
+ break;
default:
PORT_SetError(SEC_ERROR_INVALID_ARGS);
rv = SECFailure;
@@ -119,6 +135,16 @@ NSS_OptionGet(PRInt32 which, PRInt32 *va
case NSS_DEFAULT_LOCKS:
*value = nss_ops.defaultLocks;
break;
+ case NSS_KEY_SIZE_POLICY_FLAGS:
+ case NSS_KEY_SIZE_POLICY_SET_FLAGS:
+ *value = nss_ops.keySizePolicyFlags;
+ break;
+ case NSS_KEY_SIZE_POLICY_CLEAR_FLAGS:
+ *value = ~nss_ops.keySizePolicyFlags;
+ break;
+ case NSS_ECC_MIN_KEY_SIZE:
+ *value = nss_ops.eccMinKeySize;
+ break;
default:
rv = SECFailure;
}
diff -up ./lib/nss/nssoptions.h.signature-policy ./lib/nss/nssoptions.h
--- ./lib/nss/nssoptions.h.signature-policy 2022-05-26 02:54:33.000000000 -0700
+++ ./lib/nss/nssoptions.h 2022-06-21 09:16:23.918905028 -0700
@@ -18,3 +18,5 @@
* happens because NSS used to count bit lengths incorrectly. */
#define SSL_DH_MIN_P_BITS 1023
#define SSL_DSA_MIN_P_BITS 1023
+/* not really used by SSL, but define it here for consistency */
+#define SSL_ECC_MIN_CURVE_BITS 256
diff -up ./lib/pk11wrap/pk11kea.c.signature-policy ./lib/pk11wrap/pk11kea.c
--- ./lib/pk11wrap/pk11kea.c.signature-policy 2022-05-26 02:54:33.000000000 -0700
+++ ./lib/pk11wrap/pk11kea.c 2022-06-21 09:16:23.918905028 -0700
@@ -78,15 +78,14 @@ pk11_KeyExchange(PK11SlotInfo *slot, CK_
if (privKeyHandle == CK_INVALID_HANDLE) {
PK11RSAGenParams rsaParams;
- if (symKeyLength > 53) /* bytes */ {
- /* we'd have to generate an RSA key pair > 512 bits long,
+ if (symKeyLength > 120) /* bytes */ {
+ /* we'd have to generate an RSA key pair > 1024 bits long,
** and that's too costly. Don't even try.
*/
PORT_SetError(SEC_ERROR_CANNOT_MOVE_SENSITIVE_KEY);
goto rsa_failed;
}
- rsaParams.keySizeInBits =
- (symKeyLength > 21 || symKeyLength == 0) ? 512 : 256;
+ rsaParams.keySizeInBits = 1024;
rsaParams.pe = 0x10001;
privKey = PK11_GenerateKeyPair(slot, CKM_RSA_PKCS_KEY_PAIR_GEN,
&rsaParams, &pubKey, PR_FALSE, PR_TRUE, symKey->cx);
diff -up ./lib/pk11wrap/pk11pars.c.signature-policy ./lib/pk11wrap/pk11pars.c
--- ./lib/pk11wrap/pk11pars.c.signature-policy 2022-06-21 09:16:23.898904900 -0700
+++ ./lib/pk11wrap/pk11pars.c 2022-06-21 09:16:23.918905028 -0700
@@ -430,12 +430,21 @@ static const optionFreeDef sslOptList[]
{ CIPHER_NAME("DTLS1.3"), 0x304 },
};
+static const optionFreeDef keySizeFlagsList[] = {
+ { CIPHER_NAME("KEY-SIZE-SSL"), NSS_KEY_SIZE_POLICY_SSL_FLAG },
+ { CIPHER_NAME("KEY-SIZE-SIGN"), NSS_KEY_SIZE_POLICY_SIGN_FLAG },
+ { CIPHER_NAME("KEY-SIZE-VERIFY"), NSS_KEY_SIZE_POLICY_VERIFY_FLAG },
+};
+
static const optionFreeDef freeOptList[] = {
/* Restrictions for asymetric keys */
{ CIPHER_NAME("RSA-MIN"), NSS_RSA_MIN_KEY_SIZE },
{ CIPHER_NAME("DH-MIN"), NSS_DH_MIN_KEY_SIZE },
{ CIPHER_NAME("DSA-MIN"), NSS_DSA_MIN_KEY_SIZE },
+ { CIPHER_NAME("ECC-MIN"), NSS_ECC_MIN_KEY_SIZE },
+ /* what operations doe the key size apply to */
+ { CIPHER_NAME("KEY-SIZE-FLAGS"), NSS_KEY_SIZE_POLICY_FLAGS },
/* constraints on SSL Protocols */
{ CIPHER_NAME("TLS-VERSION-MIN"), NSS_TLS_VERSION_MIN_POLICY },
{ CIPHER_NAME("TLS-VERSION-MAX"), NSS_TLS_VERSION_MAX_POLICY },
@@ -543,6 +552,7 @@ secmod_getPolicyOptValue(const char *pol
*result = val;
return SECSuccess;
}
+ /* handle any ssl strings */
for (i = 0; i < PR_ARRAY_SIZE(sslOptList); i++) {
if (policyValueLength == sslOptList[i].name_size &&
PORT_Strncasecmp(sslOptList[i].name, policyValue,
@@ -551,7 +561,29 @@ secmod_getPolicyOptValue(const char *pol
return SECSuccess;
}
}
- return SECFailure;
+ /* handle key_size flags. Each flag represents a bit, which
+ * gets or'd together. They can be separated by , | or + */
+ val = 0;
+ while (*policyValue) {
+ PRBool found = PR_FALSE;
+ for (i = 0; i < PR_ARRAY_SIZE(keySizeFlagsList); i++) {
+ if (PORT_Strncasecmp(keySizeFlagsList[i].name, policyValue,
+ keySizeFlagsList[i].name_size) == 0) {
+ val |= keySizeFlagsList[i].option;
+ found = PR_TRUE;
+ policyValue += keySizeFlagsList[i].name_size;
+ break;
+ }
+ }
+ if (!found) {
+ return SECFailure;
+ }
+ if (*policyValue == ',' || *policyValue == '|' || *policyValue == '+') {
+ policyValue++;
+ }
+ }
+ *result = val;
+ return SECSuccess;
}
/* Policy operations:
diff -up ./lib/ssl/ssl3con.c.signature-policy ./lib/ssl/ssl3con.c
--- ./lib/ssl/ssl3con.c.signature-policy 2022-05-26 02:54:33.000000000 -0700
+++ ./lib/ssl/ssl3con.c 2022-06-21 09:16:23.920905040 -0700
@@ -7409,6 +7409,8 @@ ssl_HandleDHServerKeyExchange(sslSocket
unsigned dh_p_bits;
unsigned dh_g_bits;
PRInt32 minDH;
+ PRInt32 optval;
+ PRBool usePolicyLength = PR_FALSE;
SSL3Hashes hashes;
SECItem signature = { siBuffer, NULL, 0 };
@@ -7419,8 +7421,13 @@ ssl_HandleDHServerKeyExchange(sslSocket
if (rv != SECSuccess) {
goto loser; /* malformed. */
}
+ rv = NSS_OptionGet(NSS_KEY_SIZE_POLICY_FLAGS, &optval);
+ if (rv == SECSuccess) {
+ usePolicyLength = (PRBool)((optval & NSS_KEY_SIZE_POLICY_SSL_FLAG) == NSS_KEY_SIZE_POLICY_SSL_FLAG);
+ }
- rv = NSS_OptionGet(NSS_DH_MIN_KEY_SIZE, &minDH);
+ rv = usePolicyLength ? NSS_OptionGet(NSS_DH_MIN_KEY_SIZE, &minDH)
+ : SECFailure;
if (rv != SECSuccess || minDH <= 0) {
minDH = SSL_DH_MIN_P_BITS;
}
@@ -11411,13 +11418,20 @@ ssl_SetAuthKeyBits(sslSocket *ss, const
SECStatus rv;
PRUint32 minKey;
PRInt32 optval;
+ PRBool usePolicyLength = PR_TRUE;
+
+ rv = NSS_OptionGet(NSS_KEY_SIZE_POLICY_FLAGS, &optval);
+ if (rv == SECSuccess) {
+ usePolicyLength = (PRBool)((optval & NSS_KEY_SIZE_POLICY_SSL_FLAG) == NSS_KEY_SIZE_POLICY_SSL_FLAG);
+ }
ss->sec.authKeyBits = SECKEY_PublicKeyStrengthInBits(pubKey);
switch (SECKEY_GetPublicKeyType(pubKey)) {
case rsaKey:
case rsaPssKey:
case rsaOaepKey:
- rv = NSS_OptionGet(NSS_RSA_MIN_KEY_SIZE, &optval);
+ rv = usePolicyLength ? NSS_OptionGet(NSS_RSA_MIN_KEY_SIZE, &optval)
+ : SECFailure;
if (rv == SECSuccess && optval > 0) {
minKey = (PRUint32)optval;
} else {
@@ -11426,7 +11440,8 @@ ssl_SetAuthKeyBits(sslSocket *ss, const
break;
case dsaKey:
- rv = NSS_OptionGet(NSS_DSA_MIN_KEY_SIZE, &optval);
+ rv = usePolicyLength ? NSS_OptionGet(NSS_DSA_MIN_KEY_SIZE, &optval)
+ : SECFailure;
if (rv == SECSuccess && optval > 0) {
minKey = (PRUint32)optval;
} else {
@@ -11435,7 +11450,8 @@ ssl_SetAuthKeyBits(sslSocket *ss, const
break;
case dhKey:
- rv = NSS_OptionGet(NSS_DH_MIN_KEY_SIZE, &optval);
+ rv = usePolicyLength ? NSS_OptionGet(NSS_DH_MIN_KEY_SIZE, &optval)
+ : SECFailure;
if (rv == SECSuccess && optval > 0) {
minKey = (PRUint32)optval;
} else {
@@ -11444,9 +11460,15 @@ ssl_SetAuthKeyBits(sslSocket *ss, const
break;
case ecKey:
- /* Don't check EC strength here on the understanding that we only
- * support curves we like. */
- minKey = ss->sec.authKeyBits;
+ rv = usePolicyLength ? NSS_OptionGet(NSS_ECC_MIN_KEY_SIZE, &optval)
+ : SECFailure;
+ if (rv == SECSuccess && optval > 0) {
+ minKey = (PRUint32)optval;
+ } else {
+ /* Don't check EC strength here on the understanding that we
+ * only support curves we like. */
+ minKey = ss->sec.authKeyBits;
+ }
break;
default:
diff -up ./tests/policy/crypto-policy.txt.signature-policy ./tests/policy/crypto-policy.txt
--- ./tests/policy/crypto-policy.txt.signature-policy 2022-05-26 02:54:33.000000000 -0700
+++ ./tests/policy/crypto-policy.txt 2022-06-21 09:16:23.920905040 -0700
@@ -6,6 +6,8 @@
0 disallow=ALL_allow=HMAC-SHA256:HMAC-SHA1:HMAC-SHA384:HMAC-SHA512:SECP256R1:SECP384R1:SECP521R1:aes256-gcm:chacha20-poly1305:aes256-cbc:camellia256-cbc:aes128-gcm:aes128-cbc:camellia128-cbc:SHA256:SHA384:SHA512:SHA1:ECDHE-RSA:ECDHE-ECDSA:RSA:DHE-RSA:rsa-pkcs:rsa-pss:ecdsa:tls-version-min=tls1.0:dtls-version-min=dtls1.0:DH-MIN=1023:DSA-MIN=2048:RSA-MIN=2048 NSS-POLICY-INFO.*LOADED-SUCCESSFULLY Standard policy
0 disallow=ALL_allow=HMAC-SHA1:HMAC-SHA256:HMAC-SHA384:HMAC-SHA512:SECP256R1:SECP384R1:SECP521R1:aes256-gcm:chacha20-poly1305:aes256-cbc:camellia256-cbc:aes128-gcm:aes128-cbc:camellia128-cbc:des-ede3-cbc:rc4:SHA256:SHA384:SHA512:SHA1:ECDHE-RSA:ECDHE-ECDSA:RSA:DHE-RSA:DHE-DSS:rsa-pkcs:rsa-pss:ecdsa:tls-version-min=tls1.0:dtls-version-min=tls1.0:DH-MIN=1023:DSA-MIN=1023:RSA-MIN=1023 NSS-POLICY-INFO.*LOADED-SUCCESSFULLY Legacy policy
0 disallow=ALL_allow=HMAC-SHA256:HMAC-SHA384:HMAC-SHA512:SECP384R1:SECP521R1:aes256-gcm:chacha20-poly1305:SHA384:SHA512:ECDHE-RSA:ECDHE-ECDSA:RSA:DHE-RSA:rsa-pkcs:rsa-pss:ecdsa:tls-version-min=tls1.2:dtls-version-min=dtls1.2:DH-MIN=3072:DSA-MIN=3072:RSA-MIN=3072 NSS-POLICY-INFO.*LOADED-SUCCESSFULLY Reduced policy
+0 disallow=ALL_allow=HMAC-SHA256:HMAC-SHA384:HMAC-SHA512:SECP384R1:SECP521R1:aes256-gcm:chacha20-poly1305:SHA384:SHA512:ECDHE-RSA:ECDHE-ECDSA:RSA:DHE-RSA:rsa-pkcs:rsa-pss:ecdsa:tls-version-min=tls1.2:dtls-version-min=dtls1.2:DH-MIN=3072:DSA-MIN=3072:RSA-MIN=3072:KEY-SIZE-FLAGS=KEY-SIZE-SSL,KEY-SIZE-SIGN,KEY-SIZE-VERIFY NSS-POLICY-INFO.*LOADED-SUCCESSFULLY Valid key size
+2 disallow=ALL_allow=HMAC-SHA256:HMAC-SHA384:HMAC-SHA512:SECP384R1:SECP521R1:aes256-gcm:chacha20-poly1305:SHA384:SHA512:ECDHE-RSA:ECDHE-ECDSA:RSA:DHE-RSA:rsa-pkcs:rsa-pss:ecdsa:tls-version-min=tls1.2:dtls-version-min=dtls1.2:DH-MIN=3072:DSA-MIN=3072:RSA-MIN=3072:KEY-SIZE-FLAGS=UNKNOWN,KEY-SIZE-SIGN,KEY-SIZE-VERIFY NSS-POLICY-FAIL.*unknown.* Invalid key size
2 disallow=ALL_allow=dtls-version-min=:dtls-version-max= NSS-POLICY-FAIL Missing value
2 disallow=ALL_allow=RSA-MIN=whatever NSS-POLICY-FAIL Invalid value
2 disallow=ALL_allow=flower NSS-POLICY-FAIL Invalid identifier
diff -up ./tests/ssl/sslpolicy.txt.signature-policy ./tests/ssl/sslpolicy.txt
--- ./tests/ssl/sslpolicy.txt.signature-policy 2022-05-26 02:54:33.000000000 -0700
+++ ./tests/ssl/sslpolicy.txt 2022-06-21 09:16:23.920905040 -0700
@@ -194,6 +194,10 @@
1 noECC SSL3 d disallow=all_allow=md2/all:md4/all:md5/all:sha1/all:sha256/all:sha384/all:sha512/all:rsa-pkcs/all:rsa-pss/all:ecdsa/all:dsa/all:hmac-sha1/all:hmac-sha224/all:hmac-sha256/all:hmac-sha384/all:hmac-sha512/all:hmac-md5/all:camellia128-cbc/all:camellia192-cbc/all:camellia256-cbc/all:seed-cbc/all:des-ede3-cbc/all:des-40-cbc/all:des-cbc/all:null-cipher/all:rc2/all:rc4/all:idea/all:rsa/all:rsa-export/all:dhe-rsa/all:dhe-dss/all:ecdhe-ecdsa/all:ecdhe-rsa/all:ecdh-ecdsa/all:ecdh-rsa/all:tls-version-min=tls1.0:tls-version-max=tls1.2 Disallow Version Implicitly
0 noECC SSL3 d disallow=dsa Disallow DSA Signatures Explicitly
1 noECC SSL3 d disallow=rsa-pkcs Disallow RSA PKCS 1 Signatures Explicitly
+ 1 noECC SSL3 d allow=rsa-min=16384:key-size-flags=key-size-verify Restrict RSA keys on signature verification
+ 1 noECC SSL3 d allow=rsa-min=16384:key-size-flags=key-size-sign Restrict RSA keys on signing
+ 1 noECC SSL3 d allow=rsa-min=16384:key-size-flags=key-size-ssl Restrict RSA keys when used in SSL
+ 0 noECC SSL3 d allow=rsa-min=1023 Restrict RSA keys when used in SSL
# test default settings
# NOTE: tstclient will attempt to overide the defaults, so we detect we
# were successful by locking in our settings

90
SOURCES/nss-3.90-dh-test-update.patch Normal file
View File

@ -0,0 +1,90 @@
diff -up ./lib/freebl/fipsfreebl.c.dh_test ./lib/freebl/fipsfreebl.c
--- ./lib/freebl/fipsfreebl.c.dh_test 2024-01-18 08:34:45.936944401 -0800
+++ ./lib/freebl/fipsfreebl.c 2024-01-18 09:20:57.555980326 -0800
@@ -1816,38 +1816,39 @@ freebl_fips_DH_PowerUpSelfTest(void)
{
/* DH Known P (2048-bits) */
static const PRUint8 dh_known_P[] = {
- 0xc2, 0x79, 0xbb, 0x76, 0x32, 0x0d, 0x43, 0xfd,
- 0x1b, 0x8c, 0xa2, 0x3c, 0x00, 0xdd, 0x6d, 0xef,
- 0xf8, 0x1a, 0xd9, 0xc1, 0xa2, 0xf5, 0x73, 0x2b,
- 0xdb, 0x1a, 0x3e, 0x84, 0x90, 0xeb, 0xe7, 0x8e,
- 0x5f, 0x5c, 0x6b, 0xb6, 0x61, 0x89, 0xd1, 0x03,
- 0xb0, 0x5f, 0x91, 0xe4, 0xd2, 0x82, 0x90, 0xfc,
- 0x3c, 0x49, 0x69, 0x59, 0xc1, 0x51, 0x6a, 0x85,
- 0x71, 0xe7, 0x5d, 0x72, 0x5a, 0x45, 0xad, 0x01,
- 0x6f, 0x82, 0xae, 0xec, 0x91, 0x08, 0x2e, 0x7c,
- 0x64, 0x93, 0x46, 0x1c, 0x68, 0xef, 0xc2, 0x03,
- 0x28, 0x1d, 0x75, 0x3a, 0xeb, 0x9c, 0x46, 0xf0,
- 0xc9, 0xdb, 0x99, 0x95, 0x13, 0x66, 0x4d, 0xd5,
- 0x1a, 0x78, 0x92, 0x51, 0x89, 0x72, 0x28, 0x7f,
- 0x20, 0x70, 0x41, 0x49, 0xa2, 0x86, 0xe9, 0xf9,
- 0x78, 0x5f, 0x8d, 0x2e, 0x5d, 0xfa, 0xdb, 0x57,
- 0xd4, 0x71, 0xdf, 0x66, 0xe3, 0x9e, 0x88, 0x70,
- 0xa4, 0x21, 0x44, 0x6a, 0xc7, 0xae, 0x30, 0x2c,
- 0x9c, 0x1f, 0x91, 0x57, 0xc8, 0x24, 0x34, 0x2d,
- 0x7a, 0x4a, 0x43, 0xc2, 0x5f, 0xab, 0x64, 0x2e,
- 0xaa, 0x28, 0x32, 0x95, 0x42, 0x7b, 0xa0, 0xcc,
- 0xdf, 0xfd, 0x22, 0xc8, 0x56, 0x84, 0xc1, 0x62,
- 0x15, 0xb2, 0x77, 0x86, 0x81, 0xfc, 0xa5, 0x12,
- 0x3c, 0xca, 0x28, 0x17, 0x8f, 0x03, 0x16, 0x6e,
- 0xb8, 0x24, 0xfa, 0x1b, 0x15, 0x02, 0xfd, 0x8b,
- 0xb6, 0x0a, 0x1a, 0xf7, 0x47, 0x41, 0xc5, 0x2b,
- 0x37, 0x3e, 0xa1, 0xbf, 0x68, 0xda, 0x1c, 0x55,
- 0x44, 0xc3, 0xee, 0xa1, 0x63, 0x07, 0x11, 0x3b,
- 0x5f, 0x00, 0x84, 0xb4, 0xc4, 0xe4, 0xa7, 0x97,
- 0x29, 0xf8, 0xce, 0xab, 0xfc, 0x27, 0x3e, 0x34,
- 0xe4, 0xc7, 0x81, 0x52, 0x32, 0x0e, 0x27, 0x3c,
- 0xa6, 0x70, 0x3f, 0x4a, 0x54, 0xda, 0xdd, 0x60,
- 0x26, 0xb3, 0x6e, 0x45, 0x26, 0x19, 0x41, 0x6f
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A,
+ 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1,
+ 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95,
+ 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB,
+ 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9,
+ 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8,
+ 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A,
+ 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61,
+ 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0,
+ 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3,
+ 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35,
+ 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77,
+ 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72,
+ 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35,
+ 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A,
+ 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61,
+ 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB,
+ 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68,
+ 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4,
+ 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19,
+ 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70,
+ 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC,
+ 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61,
+ 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF,
+ 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83,
+ 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73,
+ 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05,
+ 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2,
+ 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA,
+ 0x88, 0x6B, 0x42, 0x38, 0x61, 0x28, 0x5C, 0x97,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
+
};
static const PRUint8 dh_known_Y_1[] = {
@@ -1893,10 +1894,10 @@ freebl_fips_DH_PowerUpSelfTest(void)
};
static const PRUint8 dh_known_hash_result[] = {
- 0x93, 0xa2, 0x89, 0x1c, 0x8a, 0xc3, 0x70, 0xbf,
- 0xa7, 0xdf, 0xb6, 0xd7, 0x82, 0xfb, 0x87, 0x81,
- 0x09, 0x47, 0xf3, 0x9f, 0x5a, 0xbf, 0x4f, 0x3f,
- 0x8e, 0x5e, 0x06, 0xca, 0x30, 0xa7, 0xaf, 0x10
+ 0x40, 0xe3, 0x7a, 0x34, 0x83, 0x2d, 0x94, 0x57,
+ 0x99, 0x3d, 0x66, 0xec, 0x54, 0xdf, 0x82, 0x4a,
+ 0x37, 0x0d, 0xf9, 0x01, 0xb3, 0xbc, 0x54, 0xe5,
+ 0x5e, 0x63, 0xd3, 0x46, 0x4e, 0xa3, 0xe2, 0x8a
};
/* DH variables. */

65
SOURCES/nss-3.90-ppc_no_init.patch Normal file
View File

@ -0,0 +1,65 @@
diff -up ./lib/freebl/Makefile.ppc_no_init ./lib/freebl/Makefile
--- ./lib/freebl/Makefile.ppc_no_init 2024-06-03 14:12:24.216755903 -0700
+++ ./lib/freebl/Makefile 2024-06-03 14:11:36.464234903 -0700
@@ -303,7 +303,7 @@ endif
ifeq ($(CPU_ARCH),ppc)
EXTRA_SRCS += gcm-ppc.c
ifdef USE_64
- DEFINES += -DNSS_NO_INIT_SUPPORT
+# DEFINES += -DNSS_NO_INIT_SUPPORT
PPC_ABI := $(shell $(CC) -dM -E - < /dev/null | awk '$$2 == "_CALL_ELF" {print $$3}')
ifeq ($(PPC_ABI),2)
ASFILES += sha512-p8.s
diff -up ./lib/softoken/Makefile.ppc_no_init ./lib/softoken/Makefile
--- ./lib/softoken/Makefile.ppc_no_init 2024-06-03 14:12:44.664979003 -0700
+++ ./lib/softoken/Makefile 2024-06-03 14:10:26.703473806 -0700
@@ -23,13 +23,13 @@ include $(CORE_DEPTH)/coreconf/config.mk
ifdef NSS_NO_INIT_SUPPORT
DEFINES += -DNSS_NO_INIT_SUPPORT
endif
-ifeq ($(OS_TARGET),Linux)
-ifeq ($(CPU_ARCH),ppc)
-ifdef USE_64
- DEFINES += -DNSS_NO_INIT_SUPPORT
-endif # USE_64
-endif # ppc
-endif # Linux
+#ifeq ($(OS_TARGET),Linux)
+#ifeq ($(CPU_ARCH),ppc)
+#ifdef USE_64
+# DEFINES += -DNSS_NO_INIT_SUPPORT
+#endif # USE_64
+#endif # ppc
+#endif # Linux
#######################################################################
diff -up ./lib/softoken/legacydb/Makefile.ppc_no_init ./lib/softoken/legacydb/Makefile
--- ./lib/softoken/legacydb/Makefile.ppc_no_init 2024-11-12 11:51:16.535343581 +0100
+++ ./lib/softoken/legacydb/Makefile 2024-11-12 12:09:58.968187800 +0100
@@ -23,16 +23,17 @@ include $(CORE_DEPTH)/coreconf/config.mk
ifdef NSS_NO_INIT_SUPPORT
DEFINES += -DNSS_NO_INIT_SUPPORT
endif
-ifeq ($(OS_TARGET),Linux)
-ifeq ($(CPU_ARCH),ppc)
-ifdef USE_64
- DEFINES += -DNSS_NO_INIT_SUPPORT
-endif # USE_64
-endif # ppc
-else # !Linux
+#ifeq ($(OS_TARGET),Linux)
+#ifeq ($(CPU_ARCH),ppc)
+#ifdef USE_64
+# DEFINES += -DNSS_NO_INIT_SUPPORT
+#endif # USE_64
+#endif # ppc
+#else # !Linux
+ifneq ($(OS_TARGET),Linux)
# turn off no init support everywhere for now
DEFINES += -DNSS_NO_INIT_SUPPORT
-endif # Linux
+endif # !Linux
#######################################################################
# (4) Include "local" platform-dependent assignments (OPTIONAL). #

32
SOURCES/nss-disable-dc.patch
View File

@ -1,32 +0,0 @@
diff -up ./gtests/ssl_gtest/manifest.mn.orig ./gtests/ssl_gtest/manifest.mn
--- ./gtests/ssl_gtest/manifest.mn.orig 2021-06-02 15:40:48.677355426 -0700
+++ ./gtests/ssl_gtest/manifest.mn 2021-06-02 15:42:31.248977261 -0700
@@ -57,7 +57,6 @@ CPPSRCS = \
tls_filter.cc \
tls_protect.cc \
tls_psk_unittest.cc \
- tls_subcerts_unittest.cc \
tls_ech_unittest.cc \
$(SSLKEYLOGFILE_FILES) \
$(NULL)
diff -up ./lib/ssl/sslsock.c.orig ./lib/ssl/sslsock.c
--- ./lib/ssl/sslsock.c.orig 2021-05-28 02:50:43.000000000 -0700
+++ ./lib/ssl/sslsock.c 2021-06-02 15:40:48.676355420 -0700
@@ -819,7 +819,7 @@ SSL_OptionSet(PRFileDesc *fd, PRInt32 wh
break;
case SSL_ENABLE_DELEGATED_CREDENTIALS:
- ss->opt.enableDelegatedCredentials = val;
+ /* disable it for now */
break;
case SSL_ENABLE_NPN:
@@ -1337,7 +1337,7 @@ SSL_OptionSetDefault(PRInt32 which, PRIn
break;
case SSL_ENABLE_DELEGATED_CREDENTIALS:
- ssl_defaults.enableDelegatedCredentials = val;
+ /* disable it for now */
break;
case SSL_ENABLE_NPN:

41
SOURCES/nss-disable-md5.patch
View File

@ -1,41 +0,0 @@
diff -r 699541a7793b lib/pk11wrap/pk11pars.c
--- a/lib/pk11wrap/pk11pars.c 2021-04-16 14:43:41.668835607 -0700
+++ b/lib/pk11wrap/pk11pars.c 2021-04-16 14:43:50.585888411 -0700
@@ -324,11 +324,11 @@ static const oidValDef curveOptList[] =
static const oidValDef hashOptList[] = {
/* Hashes */
{ CIPHER_NAME("MD2"), SEC_OID_MD2,
- NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_SIGNATURE },
+ 0 },
{ CIPHER_NAME("MD4"), SEC_OID_MD4,
- NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_SIGNATURE },
+ 0 },
{ CIPHER_NAME("MD5"), SEC_OID_MD5,
- NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_SIGNATURE },
+ 0 },
{ CIPHER_NAME("SHA1"), SEC_OID_SHA1,
NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_SIGNATURE },
{ CIPHER_NAME("SHA224"), SEC_OID_SHA224,
diff -r 699541a7793b lib/util/secoid.c
--- a/lib/util/secoid.c Tue Jun 16 23:03:22 2020 +0000
+++ b/lib/util/secoid.c Thu Jun 25 14:33:09 2020 +0200
@@ -2042,6 +2042,19 @@
int i;
for (i = 1; i < SEC_OID_TOTAL; i++) {
+ switch (i) {
+ case SEC_OID_MD2:
+ case SEC_OID_MD4:
+ case SEC_OID_MD5:
+ case SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION:
+ case SEC_OID_PKCS1_MD4_WITH_RSA_ENCRYPTION:
+ case SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION:
+ case SEC_OID_PKCS5_PBE_WITH_MD2_AND_DES_CBC:
+ case SEC_OID_PKCS5_PBE_WITH_MD5_AND_DES_CBC:
+ continue;
+ default:
+ break;
+ }
if (oids[i].desc && strstr(arg, oids[i].desc)) {
xOids[i].notPolicyFlags = notEnable |
(xOids[i].notPolicyFlags & ~(DEF_FLAGS));

21
SOURCES/nss-gcm-param-default-pkcs11v2.patch Normal file
View File

@ -0,0 +1,21 @@
diff -up ./lib/util/pkcs11n.h.aes_gcm_pkcs11_v2 ./lib/util/pkcs11n.h
--- ./lib/util/pkcs11n.h.aes_gcm_pkcs11_v2 2020-05-13 13:44:11.312405744 -0700
+++ ./lib/util/pkcs11n.h 2020-05-13 13:45:23.951723660 -0700
@@ -605,7 +605,7 @@ typedef struct CK_NSS_GCM_PARAMS {
typedef CK_NSS_GCM_PARAMS CK_PTR CK_NSS_GCM_PARAMS_PTR;
/* deprecated #defines. Drop in future NSS releases */
-#ifdef NSS_PKCS11_2_0_COMPAT
+#ifndef NSS_PKCS11_3_0_STRICT
/* defines that were changed between NSS's PKCS #11 and the Oasis headers */
#define CKF_EC_FP CKF_EC_F_P
@@ -664,7 +664,7 @@ typedef CK_NSS_GCM_PARAMS CK_PTR CK_GCM_
#define CKT_NETSCAPE_VALID CKT_NSS_VALID
#define CKT_NETSCAPE_VALID_DELEGATOR CKT_NSS_VALID_DELEGATOR
#else
-/* use the new CK_GCM_PARAMS if NSS_PKCS11_2_0_COMPAT is not defined */
+/* use the new CK_GCM_PARAMS if NSS_PKCS11_3_0_STRICT is defined */
typedef struct CK_GCM_PARAMS_V3 CK_GCM_PARAMS;
typedef CK_GCM_PARAMS_V3 CK_PTR CK_GCM_PARAMS_PTR;
#endif

120
SOURCES/nss-no-dbm-man-page.patch
View File

@ -1,120 +0,0 @@
diff -up ./doc/certutil.xml.no-dbm ./doc/certutil.xml
--- ./doc/certutil.xml.no-dbm 2021-05-29 10:26:21.853386165 -0700
+++ ./doc/certutil.xml 2021-05-29 10:31:15.057058619 -0700
@@ -205,8 +205,7 @@ If this option is not used, the validity
<para><command>certutil</command> supports two types of databases: the legacy security databases (<filename>cert8.db</filename>, <filename>key3.db</filename>, and <filename>secmod.db</filename>) and new SQLite databases (<filename>cert9.db</filename>, <filename>key4.db</filename>, and <filename>pkcs11.txt</filename>). </para>
<para>NSS recognizes the following prefixes:</para>
<itemizedlist>
- <listitem><para><command>sql:</command> requests the newer database</para></listitem>
- <listitem><para><command>dbm:</command> requests the legacy database</para></listitem>
+ <listitem><para><command>sql:</command> requests the sql-lite database</para></listitem>
</itemizedlist>
<para>If no prefix is specified the default type is retrieved from NSS_DEFAULT_DB_TYPE. If NSS_DEFAULT_DB_TYPE is not set then <command>sql:</command> is the default.</para>
</listitem>
@@ -1205,17 +1204,9 @@ BerkeleyDB. These new databases provide
</listitem>
</itemizedlist>
-<para>Because the SQLite databases are designed to be shared, these are the <emphasis>shared</emphasis> database type. The shared database type is preferred; the legacy format is included for backward compatibility.</para>
+<para>Because the SQLite databases are designed to be shared, these are the <emphasis>shared</emphasis> database type. </para>
-<para>By default, the tools (<command>certutil</command>, <command>pk12util</command>, <command>modutil</command>) assume that the given security databases use the SQLite type.
-Using the legacy databases must be manually specified by using the <command>dbm:</command> prefix with the given security directory. For example:</para>
-
-<programlisting>$ certutil -L -d dbm:/home/my/sharednssdb</programlisting>
-
-<para>To set the legacy database type as the default type for the tools, set the <envar>NSS_DEFAULT_DB_TYPE</envar> environment variable to <envar>dbm</envar>:</para>
-<programlisting>export NSS_DEFAULT_DB_TYPE="dbm"</programlisting>
-
-<para>This line can be set added to the <filename>~/.bashrc</filename> file to make the change permanent.</para>
+<para>By default, the tools (<command>certutil</command>, <command>pk12util</command>, <command>modutil</command>) assume that the given security databases use the SQLite type.</para>
<itemizedlist>
<listitem>
diff -up ./doc/modutil.xml.no-dbm ./doc/modutil.xml
--- ./doc/modutil.xml.no-dbm 2021-05-29 10:26:21.854386171 -0700
+++ ./doc/modutil.xml 2021-05-29 10:28:23.293078869 -0700
@@ -151,7 +151,7 @@
<varlistentry>
<term>-dbdir directory</term>
<listitem><para>Specify the database directory in which to access or create security module database files.</para>
- <para><command>modutil</command> supports two types of databases: the legacy security databases (<filename>cert8.db</filename>, <filename>key3.db</filename>, and <filename>secmod.db</filename>) and SQLite databases (<filename>cert9.db</filename>, <filename>key4.db</filename>, and <filename>pkcs11.txt</filename>). If the prefix <command>dbm:</command> is not used, then the tool assumes that the given databases are in SQLite format.</para></listitem>
+ <para><command>modutil</command> supports SQLite databases (<filename>cert9.db</filename>, <filename>key4.db</filename>, and <filename>pkcs11.txt</filename>). </para></listitem>
</varlistentry>
<varlistentry>
@@ -689,15 +689,7 @@ BerkleyDB. These new databases provide m
<para>Because the SQLite databases are designed to be shared, these are the <emphasis>shared</emphasis> database type. The shared database type is preferred; the legacy format is included for backward compatibility.</para>
-<para>By default, the tools (<command>certutil</command>, <command>pk12util</command>, <command>modutil</command>) assume that the given security databases use the SQLite type.
-Using the legacy databases must be manually specified by using the <command>dbm:</command> prefix with the given security directory. For example:</para>
-
-<programlisting>modutil -create -dbdir dbm:/home/my/sharednssdb</programlisting>
-
-<para>To set the legacy database type as the default type for the tools, set the <envar>NSS_DEFAULT_DB_TYPE</envar> environment variable to <envar>dbm</envar>:</para>
-<programlisting>export NSS_DEFAULT_DB_TYPE="dbm"</programlisting>
-
-<para>This line can be added to the <filename>~/.bashrc</filename> file to make the change permanent for the user.</para>
+<para>By default, the tools (<command>certutil</command>, <command>pk12util</command>, <command>modutil</command>) assume that the given security databases use the SQLite type. </para>
<itemizedlist>
<listitem>
diff -up ./doc/pk12util.xml.no-dbm ./doc/pk12util.xml
--- ./doc/pk12util.xml.no-dbm 2021-05-29 10:26:21.854386171 -0700
+++ ./doc/pk12util.xml 2021-05-29 10:28:23.293078869 -0700
@@ -90,7 +90,7 @@
<varlistentry>
<term>-d directory</term>
<listitem><para>Specify the database directory into which to import to or export from certificates and keys.</para>
- <para><command>pk12util</command> supports two types of databases: the legacy security databases (<filename>cert8.db</filename>, <filename>key3.db</filename>, and <filename>secmod.db</filename>) and new SQLite databases (<filename>cert9.db</filename>, <filename>key4.db</filename>, and <filename>pkcs11.txt</filename>). If the prefix <command>dbm:</command> is not used, then the tool assumes that the given databases are in the SQLite format.</para></listitem>
+ <para><command>pk12util</command> supports SQLite databases (<filename>cert9.db</filename>, <filename>key4.db</filename>, and <filename>pkcs11.txt</filename>). </para></listitem>
</varlistentry>
<varlistentry>
@@ -394,15 +394,7 @@ BerkleyDB. These new databases provide m
<para>Because the SQLite databases are designed to be shared, these are the <emphasis>shared</emphasis> database type. The shared database type is preferred; the legacy format is included for backward compatibility.</para>
-<para>By default, the tools (<command>certutil</command>, <command>pk12util</command>, <command>modutil</command>) assume that the given security databases use the SQLite type
-Using the legacy databases must be manually specified by using the <command>dbm:</command> prefix with the given security directory. For example:</para>
-
-<programlisting># pk12util -i /tmp/cert-files/users.p12 -d dbm:/home/my/sharednssdb</programlisting>
-
-<para>To set the legacy database type as the default type for the tools, set the <envar>NSS_DEFAULT_DB_TYPE</envar> environment variable to <envar>dbm</envar>:</para>
-<programlisting>export NSS_DEFAULT_DB_TYPE="dbm"</programlisting>
-
-<para>This line can be set added to the <filename>~/.bashrc</filename> file to make the change permanent.</para>
+<para>By default, the tools (<command>certutil</command>, <command>pk12util</command>, <command>modutil</command>) assume that the given security databases use the SQLite type. </para>
<itemizedlist>
<listitem>
diff -up ./doc/signver.xml.no-dbm ./doc/signver.xml
--- ./doc/signver.xml.no-dbm 2021-05-29 10:26:21.854386171 -0700
+++ ./doc/signver.xml 2021-05-29 10:28:23.293078869 -0700
@@ -66,7 +66,7 @@
<varlistentry>
<term>-d <emphasis>directory</emphasis></term>
<listitem><para>Specify the database directory which contains the certificates and keys.</para>
- <para><command>signver</command> supports two types of databases: the legacy security databases (<filename>cert8.db</filename>, <filename>key3.db</filename>, and <filename>secmod.db</filename>) and new SQLite databases (<filename>cert9.db</filename>, <filename>key4.db</filename>, and <filename>pkcs11.txt</filename>). If the prefix <command>dbm:</command> is not used, then the tool assumes that the given databases are in the SQLite format.</para></listitem>
+ <para><command>signver</command> supports SQLite databases (<filename>cert9.db</filename>, <filename>key4.db</filename>, and <filename>pkcs11.txt</filename>). </para></listitem>
</varlistentry>
<varlistentry>
<term>-a</term>
@@ -155,15 +155,7 @@ BerkleyDB. These new databases provide m
<para>Because the SQLite databases are designed to be shared, these are the <emphasis>shared</emphasis> database type. The shared database type is preferred; the legacy format is included for backward compatibility.</para>
-<para>By default, the tools (<command>certutil</command>, <command>pk12util</command>, <command>modutil</command>) assume that the given security databases use the SQLite type
-Using the legacy databases must be manually specified by using the <command>dbm:</command> prefix with the given security directory. For example:</para>
-
-<programlisting># signver -A -s <replaceable>signature</replaceable> -d dbm:/home/my/sharednssdb</programlisting>
-
-<para>To set the legacy database type as the default type for the tools, set the <envar>NSS_DEFAULT_DB_TYPE</envar> environment variable to <envar>dbm</envar>:</para>
-<programlisting>export NSS_DEFAULT_DB_TYPE="dbm"</programlisting>
-
-<para>This line can be added to the <filename>~/.bashrc</filename> file to make the change permanent for the user.</para>
+<para>By default, the tools (<command>certutil</command>, <command>pk12util</command>, <command>modutil</command>) assume that the given security databases use the SQLite type.</para>
<itemizedlist>
<listitem>

85
SOURCES/nss-signtool-format.patch
View File

@ -1,85 +0,0 @@
diff --git a/cmd/modutil/install.c b/cmd/modutil/install.c
--- a/cmd/modutil/install.c
+++ b/cmd/modutil/install.c
@@ -825,17 +825,20 @@ rm_dash_r(char *path)
dir = PR_OpenDir(path);
if (!dir) {
return -1;
}
/* Recursively delete all entries in the directory */
while ((entry = PR_ReadDir(dir, PR_SKIP_BOTH)) != NULL) {
- sprintf(filename, "%s/%s", path, entry->name);
+ if (snprintf(filename, sizeof(filename), "%s/%s", path, entry->name) >= sizeof(filename)) {
+ PR_CloseDir(dir);
+ return -1;
+ }
if (rm_dash_r(filename)) {
PR_CloseDir(dir);
return -1;
}
}
if (PR_CloseDir(dir) != PR_SUCCESS) {
return -1;
diff --git a/cmd/signtool/util.c b/cmd/signtool/util.c
--- a/cmd/signtool/util.c
+++ b/cmd/signtool/util.c
@@ -138,6 +138,12 @@ rm_dash_r(char *path)
/* Recursively delete all entries in the directory */
while ((entry = PR_ReadDir(dir, PR_SKIP_BOTH)) != NULL) {
sprintf(filename, "%s/%s", path, entry->name);
+ if (snprintf(filename, sizeof(filename), "%s/%s", path, entry->name
+) >= sizeof(filename)) {
+ errorCount++;
+ PR_CloseDir(dir);
+ return -1;
+ }
if (rm_dash_r(filename)) {
PR_CloseDir(dir);
return -1;
diff --git a/lib/libpkix/pkix/util/pkix_list.c b/lib/libpkix/pkix/util/pkix_list.c
--- a/lib/libpkix/pkix/util/pkix_list.c
+++ b/lib/libpkix/pkix/util/pkix_list.c
@@ -1530,17 +1530,17 @@ cleanup:
*/
PKIX_Error *
PKIX_List_SetItem(
PKIX_List *list,
PKIX_UInt32 index,
PKIX_PL_Object *item,
void *plContext)
{
- PKIX_List *element;
+ PKIX_List *element = NULL;
PKIX_ENTER(LIST, "PKIX_List_SetItem");
PKIX_NULLCHECK_ONE(list);
if (list->immutable){
PKIX_ERROR(PKIX_OPERATIONNOTPERMITTEDONIMMUTABLELIST);
}
diff --git a/lib/libpkix/pkix_pl_nss/system/pkix_pl_oid.c b/lib/libpkix/pkix_pl_nss/system/pkix_pl_oid.c
--- a/lib/libpkix/pkix_pl_nss/system/pkix_pl_oid.c
+++ b/lib/libpkix/pkix_pl_nss/system/pkix_pl_oid.c
@@ -102,17 +102,17 @@ cleanup:
*/
static PKIX_Error *
pkix_pl_OID_Equals(
PKIX_PL_Object *first,
PKIX_PL_Object *second,
PKIX_Boolean *pResult,
void *plContext)
{
- PKIX_Int32 cmpResult;
+ PKIX_Int32 cmpResult = 0;
PKIX_ENTER(OID, "pkix_pl_OID_Equals");
PKIX_NULLCHECK_THREE(first, second, pResult);
PKIX_CHECK(pkix_pl_OID_Comparator
(first, second, &cmpResult, plContext),
PKIX_OIDCOMPARATORFAILED);

12
SOURCES/nss-skip-sysinit-gtests.patch Normal file
View File

@ -0,0 +1,12 @@
Index: nss/gtests/manifest.mn
===================================================================
--- nss.orig/gtests/manifest.mn
+++ nss/gtests/manifest.mn
@@ -31,7 +31,6 @@ NSS_SRCDIRS = \
smime_gtest \
softoken_gtest \
ssl_gtest \
- $(SYSINIT_GTEST) \
nss_bogo_shim \
pkcs11testmodule \
$(NULL)

106
SOURCES/nss-sysinit-userdb.patch Normal file
View File

@ -0,0 +1,106 @@
Index: nss/lib/sysinit/nsssysinit.c
===================================================================
--- nss.orig/lib/sysinit/nsssysinit.c
+++ nss/lib/sysinit/nsssysinit.c
@@ -36,41 +36,9 @@ testdir(char *dir)
return S_ISDIR(buf.st_mode);
}
-/**
- * Append given @dir to @path and creates the directory with mode @mode.
- * Returns 0 if successful, -1 otherwise.
- * Assumes that the allocation for @path has sufficient space for @dir
- * to be added.
- */
-static int
-appendDirAndCreate(char *path, char *dir, mode_t mode)
-{
- PORT_Strcat(path, dir);
- if (!testdir(path)) {
- if (mkdir(path, mode)) {
- return -1;
- }
- }
- return 0;
-}
-
-#define XDG_NSS_USER_PATH1 "/.local"
-#define XDG_NSS_USER_PATH2 "/share"
-#define XDG_NSS_USER_PATH3 "/pki"
-
#define NSS_USER_PATH1 "/.pki"
#define NSS_USER_PATH2 "/nssdb"
-
-/**
- * Return the path to user's NSS database.
- * We search in the following dirs in order:
- * (1) $HOME/.pki/nssdb;
- * (2) $XDG_DATA_HOME/pki/nssdb if XDG_DATA_HOME is set;
- * (3) $HOME/.local/share/pki/nssdb (default XDG_DATA_HOME value).
- * If (1) does not exist, then the returned dir will be set to either
- * (2) or (3), depending if XDG_DATA_HOME is set.
- */
-char *
+static char *
getUserDB(void)
{
char *userdir = PR_GetEnvSecure("HOME");
@@ -81,47 +49,22 @@ getUserDB(void)
}
nssdir = PORT_Alloc(strlen(userdir) + sizeof(NSS_USER_PATH1) + sizeof(NSS_USER_PATH2));
+ if (nssdir == NULL) {
+ return NULL;
+ }
PORT_Strcpy(nssdir, userdir);
- PORT_Strcat(nssdir, NSS_USER_PATH1 NSS_USER_PATH2);
- if (testdir(nssdir)) {
- /* $HOME/.pki/nssdb exists */
- return nssdir;
- } else {
- /* either $HOME/.pki or $HOME/.pki/nssdb does not exist */
+ /* verify it exists */
+ if (!testdir(nssdir)) {
PORT_Free(nssdir);
- }
- int size = 0;
- char *xdguserdatadir = PR_GetEnvSecure("XDG_DATA_HOME");
- if (xdguserdatadir) {
- size = strlen(xdguserdatadir);
- } else {
- size = strlen(userdir) + sizeof(XDG_NSS_USER_PATH1) + sizeof(XDG_NSS_USER_PATH2);
- }
- size += sizeof(XDG_NSS_USER_PATH3) + sizeof(NSS_USER_PATH2);
-
- nssdir = PORT_Alloc(size);
- if (nssdir == NULL) {
return NULL;
}
-
- if (xdguserdatadir) {
- PORT_Strcpy(nssdir, xdguserdatadir);
- if (!testdir(nssdir)) {
- PORT_Free(nssdir);
- return NULL;
- }
-
- } else {
- PORT_Strcpy(nssdir, userdir);
- if (appendDirAndCreate(nssdir, XDG_NSS_USER_PATH1, 0755) ||
- appendDirAndCreate(nssdir, XDG_NSS_USER_PATH2, 0755)) {
- PORT_Free(nssdir);
- return NULL;
- }
+ PORT_Strcat(nssdir, NSS_USER_PATH1);
+ if (!testdir(nssdir) && mkdir(nssdir, 0760)) {
+ PORT_Free(nssdir);
+ return NULL;
}
- /* ${XDG_DATA_HOME:-$HOME/.local/share}/pki/nssdb */
- if (appendDirAndCreate(nssdir, XDG_NSS_USER_PATH3, 0760) ||
- appendDirAndCreate(nssdir, NSS_USER_PATH2, 0760)) {
+ PORT_Strcat(nssdir, NSS_USER_PATH2);
+ if (!testdir(nssdir) && mkdir(nssdir, 0760)) {
PORT_Free(nssdir);
return NULL;
}

14
SOURCES/rhbz1185708-enable-ecc-3des-ciphers-by-default.patch Normal file
View File

@ -0,0 +1,14 @@
diff -up nss/lib/ssl/ssl3con.c.1185708_3des nss/lib/ssl/ssl3con.c
--- nss/lib/ssl/ssl3con.c.1185708_3des 2018-12-11 18:28:06.736592552 +0100
+++ nss/lib/ssl/ssl3con.c 2018-12-11 18:29:06.273314692 +0100
@@ -106,8 +106,8 @@ static ssl3CipherSuiteCfg cipherSuites[s
{ TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
{ TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, SSL_ALLOWED, PR_FALSE, PR_FALSE},
{ TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, SSL_ALLOWED, PR_FALSE, PR_FALSE},
- { TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
- { TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
+ { TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
+ { TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
{ TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
{ TLS_ECDHE_RSA_WITH_RC4_128_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},

63
SOURCES/secmod.db.xml Normal file
View File

@ -0,0 +1,63 @@
<?xml version='1.0' encoding='utf-8'?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
<!ENTITY date SYSTEM "date.xml">
<!ENTITY version SYSTEM "version.xml">
]>
<refentry id="secmod.db">
<refentryinfo>
<date>&date;</date>
<title>Network Security Services</title>
<productname>nss</productname>
<productnumber>&version;</productnumber>
</refentryinfo>
<refmeta>
<refentrytitle>secmod.db</refentrytitle>
<manvolnum>5</manvolnum>
</refmeta>
<refnamediv>
<refname>secmod.db</refname>
<refpurpose>Legacy NSS security modules database</refpurpose>
</refnamediv>
<refsection id="description">
<title>Description</title>
<para><emphasis>secmod.db</emphasis> is an NSS security modules database.</para>
<para>The security modules database is used to keep track of the NSS security modules. The NSS security modules export their services via the PKCS #11 API which NSS uses as its Services Provider Interface.
</para>
<para>The command line utility <emphasis>modutil</emphasis> is used for managing PKCS #11 module information both within secmod.db files and within hardware tokens.
</para>
<para>For new applications the recommended way of tracking security modules is via the pkcs11.txt configuration file used in conjunction the new sqlite-based shared database format for certificate and key databases.
</para>
</refsection>
<refsection>
<title>Files</title>
<para><filename>/etc/pki/nssdb/secmod.db</filename></para>
</refsection>
<refsection>
<title>See also</title>
<para>modutil(1), cert8.db(5), cert9.db(5), key3.db(5), key4.db(5), pkcs11.txt(5)</para>
</refsection>
<refsection id="authors">
<title>Authors</title>
<para>The nss libraries were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google.</para>
<para>Authors: Elio Maldonado &lt;emaldona@redhat.com>.</para>
</refsection>
<!-- don't change -->
<refsection id="license">
<title>LICENSE</title>
<para>Licensed under the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/.
</para>
</refsection>
</refentry>

1004
SPECS/nss.spec
View File

File diff suppressed because it is too large Load Diff