diff --git a/mozilla-nss.changes b/mozilla-nss.changes index 6ec8044..09c992f 100644 --- a/mozilla-nss.changes +++ b/mozilla-nss.changes @@ -1,3 +1,18 @@ +------------------------------------------------------------------- +Tue Aug 13 07:08:55 UTC 2024 - Martin Sirringhaus + +- update to NSS 3.103 + * bmo#1908623 - move list size check after lock acquisition in sftk_PutObjectToList. + * bmo#1899542: Add fuzzing support for SSL_ENABLE_POST_HANDSHAKE_AUTH, + * bmo#1909638 - Follow-up to fix test for presence of file nspr.patch. + * bmo#1903783: Adjust libFuzzer size limits + * bmo#1899542: Add fuzzing support for SSL_SetCertificateCompressionAlgorithm, SSL_SetClientEchConfigs, SSL_VersionRangeSet and SSL_AddExternalPsk + * bmo#1899542: Add fuzzing support for SSL_ENABLE_GREASE and SSL_ENABLE_CH_EXTENSION_PERMUTATION +- Add nss-reproducible-builds.patch to make the rpms reproducible, + by using a hardcoded, static key to generate the checksums (*.chk-files) +- Updated nss-fips-approved-crypto-non-ec.patch to enforce + approved curves with the CKK_EC_MONTGOMERY key type (bsc#1224113). + ------------------------------------------------------------------- Fri Aug 2 08:04:51 UTC 2024 - Martin Sirringhaus diff --git a/mozilla-nss.spec b/mozilla-nss.spec index 6e14677..9d23626 100644 --- a/mozilla-nss.spec +++ b/mozilla-nss.spec @@ -17,15 +17,15 @@ # -%global nss_softokn_fips_version 3.102.1 +%global nss_softokn_fips_version 3.103 %define NSPR_min_version 4.35 %define nspr_ver %(rpm -q --queryformat '%%{VERSION}' mozilla-nspr) %define nssdbdir %{_sysconfdir}/pki/nssdb %global crypto_policies_version 20210218 Name: mozilla-nss -Version: 3.102.1 +Version: 3.103 Release: 0 -%define underscore_version 3_102_1 +%define underscore_version 3_103 Summary: Network Security Services License: MPL-2.0 Group: System/Libraries @@ -83,6 +83,7 @@ Patch49: nss-allow-slow-tests-s390x.patch Patch50: nss-fips-bsc1223724.patch Patch51: nss-fips-aes-gcm-restrict.patch Patch52: nss-fips-safe-memset.patch +Patch53: nss-reproducible-builds.patch %if 0%{?sle_version} >= 120000 && 0%{?sle_version} < 150000 # aarch64 + gcc4.8 fails to build on SLE-12 due to undefined references BuildRequires: gcc9-c++ @@ -253,6 +254,7 @@ cd nss # glibc on SLE-12 is too old and doesn't have explicit_bzero yet. %patch -P 52 -p1 %endif +%patch -P 53 -p1 # additional CA certificates #cd security/nss/lib/ckfw/builtins @@ -459,15 +461,15 @@ install -m 744 %{SOURCE6} %{buildroot}%{_sbindir}/ install -m 644 %{SOURCE7} %{buildroot}%{nssdbdir} install -m 644 %{SOURCE8} %{buildroot}%{nssdbdir} install -m 644 %{SOURCE9} %{buildroot}%{nssdbdir} -# create shlib sigs after extracting debuginfo +# create shlib sigs after extracting debuginfo with a hard-coded key to produce reproducible checksums, using the same key that openssl uses. %define __spec_install_post \ %{?__debug_package:%{__debug_install_post}} \ %{__arch_install_post} \ %__os_install_post \ - LD_LIBRARY_PATH=:%{buildroot}%{_libdir} %{buildroot}%{_libexecdir}/nss/shlibsign -i %{buildroot}%{_libdir}/libsoftokn3.so \ - LD_LIBRARY_PATH=:%{buildroot}%{_libdir} %{buildroot}%{_libexecdir}/nss/shlibsign -i %{buildroot}%{_libdir}/libnssdbm3.so \ - LD_LIBRARY_PATH=:%{buildroot}%{_libdir} %{buildroot}%{_libexecdir}/nss/shlibsign -i %{buildroot}/%{_libdir}/libfreebl3.so \ - LD_LIBRARY_PATH=:%{buildroot}%{_libdir} %{buildroot}%{_libexecdir}/nss/shlibsign -i %{buildroot}/%{_libdir}/libfreeblpriv3.so \ + LD_LIBRARY_PATH=:%{buildroot}%{_libdir} %{buildroot}%{_libexecdir}/nss/shlibsign -K f4556650ac31d35461610bac4ed81b1a181b2d8a43ea2854cbae22ca74560813 -i %{buildroot}%{_libdir}/libsoftokn3.so \ + LD_LIBRARY_PATH=:%{buildroot}%{_libdir} %{buildroot}%{_libexecdir}/nss/shlibsign -K f4556650ac31d35461610bac4ed81b1a181b2d8a43ea2854cbae22ca74560813 -i %{buildroot}%{_libdir}/libnssdbm3.so \ + LD_LIBRARY_PATH=:%{buildroot}%{_libdir} %{buildroot}%{_libexecdir}/nss/shlibsign -K f4556650ac31d35461610bac4ed81b1a181b2d8a43ea2854cbae22ca74560813 -i %{buildroot}/%{_libdir}/libfreebl3.so \ + LD_LIBRARY_PATH=:%{buildroot}%{_libdir} %{buildroot}%{_libexecdir}/nss/shlibsign -K f4556650ac31d35461610bac4ed81b1a181b2d8a43ea2854cbae22ca74560813 -i %{buildroot}/%{_libdir}/libfreeblpriv3.so \ %{nil} %post -p /sbin/ldconfig diff --git a/nss-3.102.1.tar.gz b/nss-3.102.1.tar.gz deleted file mode 100644 index 2bd3650..0000000 --- a/nss-3.102.1.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:54982d3587e41579c94f2036ba084438b073f8456bbd873b7a942c057e9737cc -size 76460182 diff --git a/nss-3.103.tar.gz b/nss-3.103.tar.gz new file mode 100644 index 0000000..4b60276 --- /dev/null +++ b/nss-3.103.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:7b4ab657f772dc7520c46e8d481940b292dcfc6a4c90150a7c26672384cee962 +size 76470174 diff --git a/nss-fips-aes-gcm-restrict.patch b/nss-fips-aes-gcm-restrict.patch index 6386ee0..600e0b7 100644 --- a/nss-fips-aes-gcm-restrict.patch +++ b/nss-fips-aes-gcm-restrict.patch @@ -2,7 +2,7 @@ Index: nss/lib/softoken/sftkmessage.c =================================================================== --- nss.orig/lib/softoken/sftkmessage.c +++ nss/lib/softoken/sftkmessage.c -@@ -151,6 +151,37 @@ sftk_CryptMessage(CK_SESSION_HANDLE hSes +@@ -183,6 +183,37 @@ sftk_CryptMessage(CK_SESSION_HANDLE hSes if (crv != CKR_OK) return crv; diff --git a/nss-fips-approved-crypto-non-ec.patch b/nss-fips-approved-crypto-non-ec.patch index 39eff16..51399cb 100644 --- a/nss-fips-approved-crypto-non-ec.patch +++ b/nss-fips-approved-crypto-non-ec.patch @@ -349,9 +349,9 @@ Index: nss/lib/freebl/rawhash.c #include "secerr.h" +#include "fips.h" - static void * - null_hash_new_context(void) -@@ -190,7 +191,11 @@ const SECHashObject SECRawHashObjects[] + #define RawHashBase(ctxtype, mmm) \ + static void * \ +@@ -236,7 +237,11 @@ const SECHashObject SECRawHashObjects[] const SECHashObject * HASH_GetRawHashObject(HASH_HashType hashType) { @@ -368,7 +368,7 @@ Index: nss/lib/softoken/pkcs11c.c =================================================================== --- nss.orig/lib/softoken/pkcs11c.c +++ nss/lib/softoken/pkcs11c.c -@@ -452,7 +452,7 @@ sftk_InitGeneric(SFTKSession *session, C +@@ -538,7 +538,7 @@ sftk_InitGeneric(SFTKSession *session, C context->blockSize = 0; context->maxLen = 0; context->isFIPS = sftk_operationIsFIPS(session->slot, pMechanism, @@ -377,7 +377,7 @@ Index: nss/lib/softoken/pkcs11c.c *contextPtr = context; return CKR_OK; } -@@ -4877,6 +4877,10 @@ NSC_GenerateKey(CK_SESSION_HANDLE hSessi +@@ -4989,6 +4989,10 @@ NSC_GenerateKey(CK_SESSION_HANDLE hSessi goto loser; } @@ -388,7 +388,7 @@ Index: nss/lib/softoken/pkcs11c.c /* * handle the base object stuff */ -@@ -4891,6 +4895,7 @@ NSC_GenerateKey(CK_SESSION_HANDLE hSessi +@@ -5003,6 +5007,7 @@ NSC_GenerateKey(CK_SESSION_HANDLE hSessi if (crv == CKR_OK) { *phKey = key->handle; } @@ -396,7 +396,7 @@ Index: nss/lib/softoken/pkcs11c.c loser: PORT_Memset(buf, 0, sizeof buf); sftk_FreeObject(key); -@@ -5318,7 +5323,7 @@ NSC_GenerateKeyPair(CK_SESSION_HANDLE hS +@@ -5432,7 +5437,7 @@ NSC_GenerateKeyPair(CK_SESSION_HANDLE hS CK_OBJECT_CLASS privClass = CKO_PRIVATE_KEY; int i; SFTKSlot *slot = sftk_SlotFromSessionHandle(hSession); @@ -405,7 +405,7 @@ Index: nss/lib/softoken/pkcs11c.c /* RSA */ int public_modulus_bits = 0; -@@ -5921,11 +5926,11 @@ NSC_GenerateKeyPair(CK_SESSION_HANDLE hS +@@ -6036,11 +6041,11 @@ NSC_GenerateKeyPair(CK_SESSION_HANDLE hS * created and linked. */ crv = sftk_handleObject(publicKey, session); @@ -418,7 +418,7 @@ Index: nss/lib/softoken/pkcs11c.c return crv; } if (sftk_isTrue(privateKey, CKA_SENSITIVE)) { -@@ -5969,13 +5974,19 @@ NSC_GenerateKeyPair(CK_SESSION_HANDLE hS +@@ -6084,13 +6089,19 @@ NSC_GenerateKeyPair(CK_SESSION_HANDLE hS sftk_FreeObject(publicKey); NSC_DestroyObject(hSession, privateKey->handle); sftk_FreeObject(privateKey); @@ -438,7 +438,7 @@ Index: nss/lib/softoken/pkcs11c.c return CKR_OK; } -@@ -7167,6 +7178,14 @@ sftk_HKDF(CK_HKDF_PARAMS_PTR params, CK_ +@@ -7282,6 +7293,14 @@ sftk_HKDF(CK_HKDF_PARAMS_PTR params, CK_ return CKR_TEMPLATE_INCONSISTENT; } @@ -453,7 +453,7 @@ Index: nss/lib/softoken/pkcs11c.c /* sourceKey is NULL if we are called from the POST, skip the * sensitiveCheck */ if (sourceKey != NULL) { -@@ -7215,7 +7234,8 @@ sftk_HKDF(CK_HKDF_PARAMS_PTR params, CK_ +@@ -7330,7 +7349,8 @@ sftk_HKDF(CK_HKDF_PARAMS_PTR params, CK_ mech.pParameter = params; mech.ulParameterLen = sizeof(*params); key->isFIPS = sftk_operationIsFIPS(saltKey->slot, &mech, @@ -463,7 +463,7 @@ Index: nss/lib/softoken/pkcs11c.c } saltKey_att = sftk_FindAttribute(saltKey, CKA_VALUE); if (saltKey_att == NULL) { -@@ -7257,7 +7277,7 @@ sftk_HKDF(CK_HKDF_PARAMS_PTR params, CK_ +@@ -7372,7 +7392,7 @@ sftk_HKDF(CK_HKDF_PARAMS_PTR params, CK_ /* HKDF-Expand */ if (!params->bExpand) { okm = prk; @@ -472,7 +472,7 @@ Index: nss/lib/softoken/pkcs11c.c } else { /* T(1) = HMAC-Hash(prk, "" | info | 0x01) * T(n) = HMAC-Hash(prk, T(n-1) | info | n -@@ -7480,7 +7500,8 @@ NSC_DeriveKey(CK_SESSION_HANDLE hSession +@@ -7595,7 +7615,8 @@ NSC_DeriveKey(CK_SESSION_HANDLE hSession return CKR_KEY_HANDLE_INVALID; } } @@ -482,7 +482,7 @@ Index: nss/lib/softoken/pkcs11c.c switch (mechanism) { /* get a public key from a private key. nsslowkey_ConvertToPublickey() -@@ -7681,7 +7702,7 @@ NSC_DeriveKey(CK_SESSION_HANDLE hSession +@@ -7796,7 +7817,7 @@ NSC_DeriveKey(CK_SESSION_HANDLE hSession } else { /* now allocate the hash contexts */ md5 = MD5_NewContext(); @@ -491,7 +491,7 @@ Index: nss/lib/softoken/pkcs11c.c PORT_Memset(crsrdata, 0, sizeof crsrdata); crv = CKR_HOST_MEMORY; break; -@@ -8070,6 +8091,7 @@ NSC_DeriveKey(CK_SESSION_HANDLE hSession +@@ -8185,6 +8206,7 @@ NSC_DeriveKey(CK_SESSION_HANDLE hSession PORT_Assert(i <= sizeof key_block); } @@ -820,7 +820,7 @@ Index: nss/lib/softoken/pkcs11u.c =================================================================== --- nss.orig/lib/softoken/pkcs11u.c +++ nss/lib/softoken/pkcs11u.c -@@ -2248,6 +2248,12 @@ sftk_AttributeToFlags(CK_ATTRIBUTE_TYPE +@@ -2251,6 +2251,12 @@ sftk_AttributeToFlags(CK_ATTRIBUTE_TYPE case CKA_NSS_MESSAGE | CKA_VERIFY: flags = CKF_MESSAGE_VERIFY; break; @@ -833,7 +833,7 @@ Index: nss/lib/softoken/pkcs11u.c default: break; } -@@ -2324,7 +2330,7 @@ sftk_quickGetECCCurveOid(SFTKObject *sou +@@ -2327,7 +2333,7 @@ sftk_quickGetECCCurveOid(SFTKObject *sou static int sftk_getKeyLength(SFTKObject *source) { @@ -842,7 +842,16 @@ Index: nss/lib/softoken/pkcs11u.c CK_ATTRIBUTE_TYPE keyAttribute; CK_ULONG keyLength = 0; SFTKAttribute *attribute; -@@ -2386,14 +2392,55 @@ sftk_getKeyLength(SFTKObject *source) +@@ -2347,7 +2353,7 @@ sftk_getKeyLength(SFTKObject *source) + * key length is CKA_VALUE, which is the default */ + keyType = CKK_INVALID_KEY_TYPE; + } +- if (keyType == CKK_EC) { ++ if (keyType == CKK_EC || keyType == CKK_EC_MONTGOMERY) { + SECOidTag curve = sftk_quickGetECCCurveOid(source); + switch (curve) { + case SEC_OID_CURVE25519: +@@ -2389,14 +2395,55 @@ sftk_getKeyLength(SFTKObject *source) return keyLength; } @@ -899,7 +908,7 @@ Index: nss/lib/softoken/pkcs11u.c switch (mechInfo->special) { case SFTKFIPSDH: { SECItem dhPrime; -@@ -2409,10 +2456,27 @@ sftk_handleSpecial(SFTKSlot *slot, CK_ME +@@ -2412,10 +2459,27 @@ sftk_handleSpecial(SFTKSlot *slot, CK_ME } case SFTKFIPSNone: return PR_FALSE; @@ -929,7 +938,7 @@ Index: nss/lib/softoken/pkcs11u.c case SFTKFIPSAEAD: { if (mech->ulParameterLen == 0) { /* AEAD ciphers are only in FIPS mode if we are using the -@@ -2440,11 +2504,44 @@ sftk_handleSpecial(SFTKSlot *slot, CK_ME +@@ -2443,11 +2507,44 @@ sftk_handleSpecial(SFTKSlot *slot, CK_ME if (hashObj == NULL) { return PR_FALSE; } @@ -974,7 +983,7 @@ Index: nss/lib/softoken/pkcs11u.c default: break; } -@@ -2455,7 +2552,7 @@ sftk_handleSpecial(SFTKSlot *slot, CK_ME +@@ -2458,7 +2555,7 @@ sftk_handleSpecial(SFTKSlot *slot, CK_ME PRBool sftk_operationIsFIPS(SFTKSlot *slot, CK_MECHANISM *mech, CK_ATTRIBUTE_TYPE op, @@ -983,7 +992,7 @@ Index: nss/lib/softoken/pkcs11u.c { #ifndef NSS_HAS_FIPS_INDICATORS return PR_FALSE; -@@ -2468,18 +2565,35 @@ sftk_operationIsFIPS(SFTKSlot *slot, CK_ +@@ -2471,18 +2568,35 @@ sftk_operationIsFIPS(SFTKSlot *slot, CK_ if (!sftk_isFIPS(slot->slotID)) { return PR_FALSE; } @@ -1023,7 +1032,7 @@ Index: nss/lib/softoken/pkcs11u.c keyLength = sftk_getKeyLength(source); /* check against our algorithm array */ -@@ -2487,13 +2601,15 @@ sftk_operationIsFIPS(SFTKSlot *slot, CK_ +@@ -2490,13 +2604,15 @@ sftk_operationIsFIPS(SFTKSlot *slot, CK_ SFTKFIPSAlgorithmList *mechs = &sftk_fips_mechs[i]; /* if we match the number of records exactly, then we are an * approved algorithm in the approved mode with an approved key */ @@ -1061,7 +1070,7 @@ Index: nss/lib/softoken/pkcs11.c =================================================================== --- nss.orig/lib/softoken/pkcs11.c +++ nss/lib/softoken/pkcs11.c -@@ -573,17 +573,17 @@ static const struct mechanismList mechan +@@ -574,17 +574,17 @@ static const struct mechanismList mechan { CKM_TLS_MASTER_KEY_DERIVE, { 48, 48, CKF_DERIVE }, PR_FALSE }, { CKM_TLS12_MASTER_KEY_DERIVE, { 48, 48, CKF_DERIVE }, PR_FALSE }, { CKM_NSS_TLS_MASTER_KEY_DERIVE_SHA256, diff --git a/nss-fips-combined-hash-sign-dsa-ecdsa.patch b/nss-fips-combined-hash-sign-dsa-ecdsa.patch index 6795f44..38f865b 100644 --- a/nss-fips-combined-hash-sign-dsa-ecdsa.patch +++ b/nss-fips-combined-hash-sign-dsa-ecdsa.patch @@ -68,7 +68,7 @@ Index: nss/lib/softoken/pkcs11c.c =================================================================== --- nss.orig/lib/softoken/pkcs11c.c +++ nss/lib/softoken/pkcs11c.c -@@ -2744,6 +2744,38 @@ nsc_EDDSASignStub(void *ctx, void *sigBu +@@ -2848,6 +2848,38 @@ nsc_EDDSASignStub(void *ctx, unsigned ch return rv; } @@ -107,8 +107,8 @@ Index: nss/lib/softoken/pkcs11c.c /* NSC_SignInit setups up the signing operations. There are three basic * types of signing: * (1) the tradition single part, where "Raw RSA" or "Raw DSA" is applied -@@ -3647,6 +3679,22 @@ NSC_VerifyInit(CK_SESSION_HANDLE hSessio - info->hashOid = SEC_OID_##mmm; \ +@@ -3755,6 +3787,22 @@ NSC_VerifyInit(CK_SESSION_HANDLE hSessio + info->hashOid = SEC_OID_##mmm; \ goto finish_rsa; +#define INIT_DSA_VFY_MECH(mmm) \ @@ -130,7 +130,7 @@ Index: nss/lib/softoken/pkcs11c.c switch (pMechanism->mechanism) { INIT_RSA_VFY_MECH(MD5) INIT_RSA_VFY_MECH(MD2) -@@ -4905,6 +4953,73 @@ loser: +@@ -5017,6 +5065,73 @@ loser: #define PAIRWISE_DIGEST_LENGTH SHA224_LENGTH /* 224-bits */ #define PAIRWISE_MESSAGE_LENGTH 20 /* 160-bits */ @@ -204,7 +204,7 @@ Index: nss/lib/softoken/pkcs11c.c /* * FIPS 140-2 pairwise consistency check utilized to validate key pair. * -@@ -4958,8 +5073,6 @@ sftk_PairwiseConsistencyCheck(CK_SESSION +@@ -5071,8 +5186,6 @@ sftk_PairwiseConsistencyCheck(CK_SESSION /* Variables used for Signature/Verification functions. */ /* Must be at least 256 bits for DSA2 digest */ @@ -213,7 +213,7 @@ Index: nss/lib/softoken/pkcs11c.c CK_ULONG signature_length; if (keyType == CKK_RSA) { -@@ -5113,80 +5226,36 @@ sftk_PairwiseConsistencyCheck(CK_SESSION +@@ -5226,80 +5339,36 @@ sftk_PairwiseConsistencyCheck(CK_SESSION } } diff --git a/nss-fips-constructor-self-tests.patch b/nss-fips-constructor-self-tests.patch index cddc486..0ae6717 100644 --- a/nss-fips-constructor-self-tests.patch +++ b/nss-fips-constructor-self-tests.patch @@ -63,9 +63,9 @@ Index: nss/lib/freebl/blapi.h /*********************************************************************/ extern const SECHashObject *HASH_GetRawHashObject(HASH_HashType hashType); -@@ -1942,6 +1942,9 @@ extern SECStatus ED_VerifyMessage(ECPubl - */ - extern SECStatus ED_DerivePublicKey(const SECItem *privateKey, SECItem *publicKey); +@@ -1944,6 +1944,9 @@ extern SECStatus ED_DerivePublicKey(cons + + extern SECStatus X25519_DerivePublicKey(SECItem *privateKey, SECItem *publicKey); +/* Unconditionally run the integrity check. */ +extern void BL_FIPSRepeatIntegrityCheck(void); @@ -910,7 +910,7 @@ Index: nss/lib/freebl/loader.h /* Version 3.013 came to here */ -@@ -927,6 +927,9 @@ struct FREEBLVectorStr { +@@ -930,6 +930,9 @@ struct FREEBLVectorStr { /* Add new function pointers at the end of this struct and bump * FREEBL_VERSION at the beginning of this file. */ @@ -1541,10 +1541,10 @@ Index: nss/lib/freebl/ldvector.c =================================================================== --- nss.orig/lib/freebl/ldvector.c +++ nss/lib/freebl/ldvector.c -@@ -443,6 +443,9 @@ static const struct FREEBLVectorStr vect - ED_VerifyMessage, - ED_DerivePublicKey, - /* End of version 3.028 */ +@@ -446,6 +446,9 @@ static const struct FREEBLVectorStr vect + + X25519_DerivePublicKey, + /* End of version 3.029 */ + + /* SUSE patch: Goes last */ + BL_FIPSRepeatIntegrityCheck diff --git a/nss-fips-pairwise-consistency-check.patch b/nss-fips-pairwise-consistency-check.patch index d705960..7014826 100644 --- a/nss-fips-pairwise-consistency-check.patch +++ b/nss-fips-pairwise-consistency-check.patch @@ -14,7 +14,7 @@ Index: nss/lib/softoken/pkcs11c.c =================================================================== --- nss.orig/lib/softoken/pkcs11c.c +++ nss/lib/softoken/pkcs11c.c -@@ -4897,8 +4897,8 @@ loser: +@@ -5009,8 +5009,8 @@ loser: return crv; } @@ -25,7 +25,7 @@ Index: nss/lib/softoken/pkcs11c.c /* * FIPS 140-2 pairwise consistency check utilized to validate key pair. -@@ -5960,6 +5960,7 @@ NSC_GenerateKeyPair(CK_SESSION_HANDLE hS +@@ -6075,6 +6075,7 @@ NSC_GenerateKeyPair(CK_SESSION_HANDLE hS (PRUint32)crv); sftk_LogAuditMessage(NSS_AUDIT_ERROR, NSS_AUDIT_SELF_TEST, msg); } diff --git a/nss-fips-pct-pubkeys.patch b/nss-fips-pct-pubkeys.patch index 3d53f87..50773b5 100644 --- a/nss-fips-pct-pubkeys.patch +++ b/nss-fips-pct-pubkeys.patch @@ -5,7 +5,7 @@ Index: nss/lib/softoken/pkcs11c.c =================================================================== --- nss.orig/lib/softoken/pkcs11c.c +++ nss/lib/softoken/pkcs11c.c -@@ -5020,6 +5020,88 @@ pairwise_signverify_mech (CK_SESSION_HAN +@@ -5132,6 +5132,88 @@ pairwise_signverify_mech (CK_SESSION_HAN return crv; } @@ -94,7 +94,7 @@ Index: nss/lib/softoken/pkcs11c.c /* * FIPS 140-2 pairwise consistency check utilized to validate key pair. * -@@ -5370,6 +5452,30 @@ sftk_PairwiseConsistencyCheck(CK_SESSION +@@ -5484,6 +5566,30 @@ sftk_PairwiseConsistencyCheck(CK_SESSION } } diff --git a/nss-reproducible-builds.patch b/nss-reproducible-builds.patch new file mode 100644 index 0000000..d2d3e1c --- /dev/null +++ b/nss-reproducible-builds.patch @@ -0,0 +1,229 @@ +commit cef712e9a49502e669535675c9900b61751ac02b +Author: Martin Sirringhaus +Date: Mon Jul 29 23:22:41 2024 +0000 + + Bug 1902078 - Allow handing in keymaterial to shlibsign to make the output reproducible (r=nss-reviewers,rrelyea) + + Differential Revision: https://phabricator.services.mozilla.com/D217282 + +Index: nss/cmd/shlibsign/Makefile +=================================================================== +--- nss.orig/cmd/shlibsign/Makefile ++++ nss/cmd/shlibsign/Makefile +@@ -24,25 +24,7 @@ include $(CORE_DEPTH)/coreconf/config.mk + # (4) Include "local" platform-dependent assignments (OPTIONAL). # + ####################################################################### + +-ifeq ($(OS_ARCH), WINNT) +- +-EXTRA_LIBS += \ +- $(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)plc4.$(LIB_SUFFIX) \ +- $(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)plds4.$(LIB_SUFFIX) \ +- $(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)nspr4.$(LIB_SUFFIX) \ +- $(NULL) +- +-else +- +-EXTRA_SHARED_LIBS += \ +- -L$(NSPR_LIB_DIR) \ +- -lplc4 \ +- -lplds4 \ +- -lnspr4 \ +- $(NULL) +- +-endif +- ++include ../platlibs.mk + + # sign any and all shared libraries that contain the word freebl + ifeq ($(NSS_BUILD_WITHOUT_SOFTOKEN),1) +Index: nss/cmd/shlibsign/shlibsign.c +=================================================================== +--- nss.orig/cmd/shlibsign/shlibsign.c ++++ nss/cmd/shlibsign/shlibsign.c +@@ -55,6 +55,10 @@ + /* nss headers for definition of HASH_HashType */ + #include "hasht.h" + ++#include "basicutil.h" ++#include "secitem.h" ++ ++ + CK_BBOOL cktrue = CK_TRUE; + CK_BBOOL ckfalse = CK_FALSE; + static PRBool verbose = PR_FALSE; +@@ -111,7 +115,7 @@ usage(const char *program_name) + PR_fprintf(debug_out, + "Usage: %s [-v] [-V] [-o outfile] [-d dbdir] [-f pwfile]\n" + " [-F] [-p pwd] -[P dbprefix ] [-t hash]" +- " [-D] [-k keysize] [-c]" ++ " [-D] [-k keysize] [-c] [-K key]" + "-i shared_library_name\n", + program_name); + PR_fprintf(debug_out, "Valid Hashes: "); +@@ -136,6 +140,7 @@ long_usage(const char *program_name) + PR_fprintf(debug_out, "\t-t Hash for HMAC/or DSA\n"); + PR_fprintf(debug_out, "\t-D Sign with DSA rather than HMAC\n"); + PR_fprintf(debug_out, "\t-k size of the DSA key\n"); ++ PR_fprintf(debug_out, "\t-K key-material to use for hmac (hex-string, without leading 0x)\n"); + PR_fprintf(debug_out, "\t-c Use compatible versions for old NSS\n"); + PR_fprintf(debug_out, "\t-P database prefix\n"); + PR_fprintf(debug_out, "\t-f password File : echo pw > file \n"); +@@ -1069,7 +1074,7 @@ shlibSignDSA(CK_FUNCTION_LIST_PTR pFunct + + CK_RV + shlibSignHMAC(CK_FUNCTION_LIST_PTR pFunctionList, CK_SLOT_ID slot, +- CK_SESSION_HANDLE hRwSession, int keySize, PRFileDesc *ifd, ++ CK_SESSION_HANDLE hRwSession, int keySize, char* key, PRFileDesc *ifd, + PRFileDesc *ofd, const HashTable *hash) + { + CK_MECHANISM hmacMech = { 0, NULL, 0 }; +@@ -1100,40 +1105,78 @@ shlibSignHMAC(CK_FUNCTION_LIST_PTR pFunc + "Internal error:Could find sha256 entry in table.\n"); + } + +- hmacKeyTemplate[0].type = CKA_TOKEN; +- hmacKeyTemplate[0].pValue = &ckfalse; /* session object */ +- hmacKeyTemplate[0].ulValueLen = sizeof(ckfalse); +- hmacKeyTemplate[1].type = CKA_PRIVATE; +- hmacKeyTemplate[1].pValue = &cktrue; +- hmacKeyTemplate[1].ulValueLen = sizeof(cktrue); +- hmacKeyTemplate[2].type = CKA_SENSITIVE; +- hmacKeyTemplate[2].pValue = &ckfalse; +- hmacKeyTemplate[2].ulValueLen = sizeof(cktrue); +- hmacKeyTemplate[3].type = CKA_SIGN; +- hmacKeyTemplate[3].pValue = &cktrue; +- hmacKeyTemplate[3].ulValueLen = sizeof(cktrue); +- hmacKeyTemplate[4].type = CKA_EXTRACTABLE; +- hmacKeyTemplate[4].pValue = &ckfalse; +- hmacKeyTemplate[4].ulValueLen = sizeof(ckfalse); +- hmacKeyTemplate[5].type = CKA_VALUE_LEN; +- hmacKeyTemplate[5].pValue = (void *)&hash->hashLength; +- hmacKeyTemplate[5].ulValueLen = sizeof(hash->hashLength); +- hmacKeyTemplate[6].type = CKA_KEY_TYPE; +- hmacKeyTemplate[6].pValue = (void *)&hash->keyType; +- hmacKeyTemplate[6].ulValueLen = sizeof(hash->keyType); +- hmacKeyGenMech.mechanism = CKM_GENERIC_SECRET_KEY_GEN; +- hmacMech.mechanism = hash->hmac; ++ if (key == NULL) { ++ hmacKeyTemplate[0].type = CKA_TOKEN; ++ hmacKeyTemplate[0].pValue = &ckfalse; /* session object */ ++ hmacKeyTemplate[0].ulValueLen = sizeof(ckfalse); ++ hmacKeyTemplate[1].type = CKA_PRIVATE; ++ hmacKeyTemplate[1].pValue = &cktrue; ++ hmacKeyTemplate[1].ulValueLen = sizeof(cktrue); ++ hmacKeyTemplate[2].type = CKA_SENSITIVE; ++ hmacKeyTemplate[2].pValue = &ckfalse; ++ hmacKeyTemplate[2].ulValueLen = sizeof(cktrue); ++ hmacKeyTemplate[3].type = CKA_SIGN; ++ hmacKeyTemplate[3].pValue = &cktrue; ++ hmacKeyTemplate[3].ulValueLen = sizeof(cktrue); ++ hmacKeyTemplate[4].type = CKA_EXTRACTABLE; ++ hmacKeyTemplate[4].pValue = &ckfalse; ++ hmacKeyTemplate[4].ulValueLen = sizeof(ckfalse); ++ hmacKeyTemplate[5].type = CKA_VALUE_LEN; ++ hmacKeyTemplate[5].pValue = (void *)&hash->hashLength; ++ hmacKeyTemplate[5].ulValueLen = sizeof(hash->hashLength); ++ hmacKeyTemplate[6].type = CKA_KEY_TYPE; ++ hmacKeyTemplate[6].pValue = (void *)&hash->keyType; ++ hmacKeyTemplate[6].ulValueLen = sizeof(hash->keyType); ++ hmacKeyGenMech.mechanism = CKM_GENERIC_SECRET_KEY_GEN; ++ ++ /* Generate a DSA key pair */ ++ logIt("Generate an HMAC key ... \n"); ++ crv = pFunctionList->C_GenerateKey(hRwSession, &hmacKeyGenMech, ++ hmacKeyTemplate, ++ PR_ARRAY_SIZE(hmacKeyTemplate), ++ &hHMACKey); ++ } else { ++ SECItem keyitem = { 0 }; ++ if (SECU_HexString2SECItem(NULL, &keyitem, key) == NULL) { ++ pk11error("Reading HMAC key from commandline failed. Not a valid hex-key.", crv); ++ return crv; ++ } ++ ++ CK_OBJECT_CLASS secret_key_obj_class = CKO_SECRET_KEY; ++ CK_ATTRIBUTE hmacKeyObject[] = { ++ { ++ .type = CKA_CLASS, ++ .pValue = &secret_key_obj_class, ++ .ulValueLen = sizeof(CK_OBJECT_CLASS), ++ }, ++ { ++ .type = CKA_KEY_TYPE, ++ .pValue = (void *)&hash->keyType, ++ .ulValueLen = sizeof(hash->keyType), ++ }, ++ { ++ .type = CKA_VALUE, ++ .pValue = keyitem.data, ++ .ulValueLen = keyitem.len, ++ }, ++ { ++ .type = CKA_SIGN, ++ .pValue = &cktrue, ++ .ulValueLen = sizeof(cktrue), ++ }, ++ }; ++ logIt("Using static HMAC key ... \n"); ++ crv = pFunctionList->C_CreateObject(hRwSession, ++ hmacKeyObject, ++ PR_ARRAY_SIZE(hmacKeyObject), ++ &hHMACKey); ++ } + +- /* Generate a DSA key pair */ +- logIt("Generate an HMAC key ... \n"); +- crv = pFunctionList->C_GenerateKey(hRwSession, &hmacKeyGenMech, +- hmacKeyTemplate, +- PR_ARRAY_SIZE(hmacKeyTemplate), +- &hHMACKey); + if (crv != CKR_OK) { + pk11error("HMAC key generation failed", crv); + return crv; + } ++ hmacMech.mechanism = hash->hmac; + + /* compute the digest */ + memset(sign, 0, sizeof(sign)); +@@ -1258,6 +1301,7 @@ main(int argc, char **argv) + static PRBool useDSA = PR_FALSE; + PRBool successful = PR_FALSE; + const HashTable *hash = NULL; ++ char *key = NULL; + + #ifdef USES_LINKS + int ret; +@@ -1281,7 +1325,7 @@ main(int argc, char **argv) + + program_name = strrchr(argv[0], '/'); + program_name = program_name ? (program_name + 1) : argv[0]; +- optstate = PL_CreateOptState(argc, argv, "i:o:f:Fd:hH?k:p:P:vVs:t:Dc"); ++ optstate = PL_CreateOptState(argc, argv, "i:o:f:Fd:hH?k:K:p:P:vVs:t:Dc"); + if (optstate == NULL) { + lperror("PL_CreateOptState failed"); + return 1; +@@ -1331,6 +1375,14 @@ main(int argc, char **argv) + keySize = atoi(optstate->value); + break; + ++ case 'K': ++ if (!optstate->value) { ++ PL_DestroyOptState(optstate); ++ usage(program_name); ++ } ++ key = PL_strdup(optstate->value); ++ break; ++ + case 'f': + if (!optstate->value) { + PL_DestroyOptState(optstate); +@@ -1569,7 +1621,7 @@ main(int argc, char **argv) + keySize, ifd, ofd, hash); + } else { + crv = shlibSignHMAC(pFunctionList, pSlotList[slotIndex], hRwSession, +- keySize, ifd, ofd, hash); ++ keySize, key, ifd, ofd, hash); + } + if (crv == CKR_INTERNAL_OUT_FAILURE) { + lperror(output_file);