pool/mozilla-nss
SHA256
11
0
Fork 1
Code Issues Pull Requests Activity

Compare commits

base: pool:slfo-1.2
Branches Tags
pool:factory pool:slfo-1.2 pool:slfo-main pool:devel
..
compare: pool:factory
Branches Tags
pool:factory pool:slfo-1.2 pool:slfo-main pool:devel

3 Commits
slfo-1.2 ... factory

Author SHA256 Message Date
Ana Guerrero
0be0c3fc70 Accepting request 1300982 from mozilla:Factory 
OBS-URL: https://build.opensuse.org/request/show/1300982
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/mozilla-nss?expand=0&rev=232
 2025-09-03 19:06:26 +00:00
Wolfgang Rosenauer
0aac808a02 - update to NSS 3.115.1 
* bmo#1982742 - restore support for finding certificates by decoded serial number.
  * bmo#1984165 - avoid CKR_BUFFER_TO_SMALL error in trust lookups.

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/mozilla-nss?expand=0&rev=483
 2025-08-22 13:21:35 +00:00
Wolfgang Rosenauer
ddf96ad23e - update to NSS 3.115 
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/mozilla-nss?expand=0&rev=482
 2025-08-19 05:25:35 +00:00
12 changed files with 726 additions and 1047 deletions
Expand all files Collapse all files

1397
mozilla-nss.changes
View File

File diff suppressed because it is too large Load Diff

41
mozilla-nss.spec
View File

@@ -1,7 +1,7 @@
#
# spec file for package mozilla-nss
#
# Copyright (c) 2025 SUSE LLC
# Copyright (c) 2025 SUSE LLC and contributors
# Copyright (c) 2006-2025 Wolfgang Rosenauer
#
# All modifications and additions to the file contributed by third parties
@@ -17,14 +17,15 @@
#
%global nss_softokn_fips_version 3.112
%global nss_softokn_fips_version 3.115
%define NSPR_min_version 4.36
%define nspr_ver %(rpm -q --queryformat '%%{VERSION}' mozilla-nspr)
%define nssdbdir %{_sysconfdir}/pki/nssdb
%global crypto_policies_version 20210218
Name: mozilla-nss
Version: 3.112
Version: 3.115.1
Release: 0
%define underscore_version 3_112
%define underscore_version 3_115_1
Summary: Network Security Services
License: MPL-2.0
Group: System/Libraries
@@ -284,6 +285,13 @@ export NSS_ENABLE_FIPS_INDICATORS=1
export NSS_FIPS_MODULE_ID="\"SUSE Linux Enterprise NSS %{version}-%{release}\""
#export SQLITE_LIB_NAME=nsssqlite3
export MAKE_FLAGS="BUILD_OPT=1"
%if 0%{?suse_version} >= 1550 || 0%{?sle_version} >= 150400
# Set the policy file location
# if set NSS will always check for the policy file and load if it exists
#export POLICY_FILE="nss.config"
# location of the policy file
#export POLICY_PATH="/etc/crypto-policies/back-ends"
%endif
EOF
source ../obsenv.sh
@@ -305,12 +313,30 @@ export HOST="localhost"
export DOMSUF="localdomain"
export USE_IP=TRUE
export IP_ADDRESS="127.0.0.1"
%if 0%{?suse_version} >= 1550 || 0%{?sle_version} >= 150400
# This is necessary because the test suite tests algorithms that are
# disabled by the system policy.
export NSS_IGNORE_SYSTEM_POLICY=1
%endif
EOF
source ../obsenv.sh
source ../obstestenv.sh
cd tests
./all.sh
if grep "FAILED" ../../../tests_results/security/localhost.1/output.log ; then
# This file can live at different places when built in OBS or using "osc build":
if [ -s ../../../tests_results/security/localhost.1/output.log ]; then
output_log=../../../tests_results/security/localhost.1/output.log
elif [ -s ../../tests_results/security/localhost.1/output.log ]; then
output_log=../../tests_results/security/localhost.1/output.log
elif [ -s ../tests_results/security/localhost.1/output.log ]; then
output_log=../tests_results/security/localhost.1/output.log
elif [ -s ../security/localhost.1/output.log ]; then
output_log=../security/localhost.1/output.log
else
echo "Cannot find tests_results output.log - Assuming testsuite failed"
exit 1
fi
if grep "FAILED" $output_log ; then
echo "Testsuite FAILED"
exit 1
fi
@@ -469,6 +495,11 @@ fi
%postun sysinit -p /sbin/ldconfig
%if 0%{?suse_version} >= 1550 || 0%{?sle_version} >= 150400
%posttrans
update-crypto-policies &> /dev/null || :
%endif
%files
%{_libdir}/libnss3.so
%{_libdir}/libnssutil3.so

BIN
nss-3.112.tar.gz (Stored with Git LFS)
View File

Binary file not shown.

3
nss-3.115.1.tar.gz Normal file
View File

@@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:b8189c030b528e57dc5290023c07eea429ce242912a51a0388c184c75a257bcf
size 76656855

2
nss-allow-slow-tests.patch
View File

@@ -2,7 +2,7 @@ Index: nss/tests/sdr/sdr.sh
===================================================================
--- nss.orig/tests/sdr/sdr.sh
+++ nss/tests/sdr/sdr.sh
@@ -146,7 +146,8 @@ sdr_main()
@@ -162,7 +162,8 @@ sdr_main()
RARRAY=($dtime)
TIMEARRAY=(${RARRAY[1]//./ })
echo "${TIMEARRAY[0]} seconds"

4
nss-fips-180-3-csp-clearing.patch
View File

@@ -16,7 +16,7 @@ Index: nss/lib/softoken/sftkdb.c
===================================================================
--- nss.orig/lib/softoken/sftkdb.c
+++ nss/lib/softoken/sftkdb.c
@@ -1538,7 +1538,7 @@ loser:
@@ -1565,7 +1565,7 @@ loser:
PORT_ZFree(data, dataSize);
}
if (arena) {
@@ -29,7 +29,7 @@ Index: nss/lib/softoken/sftkpwd.c
===================================================================
--- nss.orig/lib/softoken/sftkpwd.c
+++ nss/lib/softoken/sftkpwd.c
@@ -1459,7 +1459,7 @@ loser:
@@ -1465,7 +1465,7 @@ loser:
PORT_ZFree(newKey.data, newKey.len);
}
if (result) {

108
nss-fips-approved-crypto-non-ec.patch
View File

@@ -87,7 +87,7 @@ Index: nss/lib/freebl/arcfour.c
/* Architecture-dependent defines */
@@ -162,7 +163,9 @@ RC4_InitContext(RC4Context *cx, const un
@@ -161,7 +162,9 @@ RC4_InitContext(RC4Context *cx, const un
RC4Context *
RC4_CreateContext(const unsigned char *key, int len)
{
@@ -368,27 +368,27 @@ Index: nss/lib/softoken/pkcs11c.c
===================================================================
--- nss.orig/lib/softoken/pkcs11c.c
+++ nss/lib/softoken/pkcs11c.c
@@ -539,7 +539,7 @@ sftk_InitGeneric(SFTKSession *session, C
context->blockSize = 0;
@@ -541,7 +541,7 @@ sftk_InitGeneric(SFTKSession *session, C
context->maxLen = 0;
context->signature = NULL;
context->isFIPS = sftk_operationIsFIPS(session->slot, pMechanism,
- operation, key);
+ operation, key, 0);
*contextPtr = context;
return CKR_OK;
}
@@ -4990,6 +4990,10 @@ NSC_GenerateKey(CK_SESSION_HANDLE hSessi
@@ -5136,6 +5136,10 @@ NSC_GenerateKey(CK_SESSION_HANDLE hSessi
goto loser;
}
+ key->isFIPS = sftk_operationIsFIPS(slot, pMechanism, CKA_KEY_GEN_MECHANISM,
+ key, key_length * PR_BITS_PER_BYTE);
+ session->lastOpWasFIPS = key->isFIPS;
+ sftk_setFIPS(key, sftk_operationIsFIPS(slot, pMechanism, CKA_KEY_GEN_MECHANISM,
+ key, key_length * PR_BITS_PER_BYTE));
+ session->lastOpWasFIPS = sftk_hasFIPS(key);
+
/*
* handle the base object stuff
*/
@@ -5004,6 +5008,7 @@ NSC_GenerateKey(CK_SESSION_HANDLE hSessi
@@ -5150,6 +5154,7 @@ NSC_GenerateKey(CK_SESSION_HANDLE hSessi
if (crv == CKR_OK) {
*phKey = key->handle;
}
@@ -396,7 +396,7 @@ Index: nss/lib/softoken/pkcs11c.c
loser:
PORT_Memset(buf, 0, sizeof buf);
sftk_FreeObject(key);
@@ -5475,7 +5480,7 @@ NSC_GenerateKeyPair(CK_SESSION_HANDLE hS
@@ -5638,7 +5643,7 @@ NSC_GenerateKeyPair(CK_SESSION_HANDLE hS
CK_OBJECT_CLASS privClass = CKO_PRIVATE_KEY;
int i;
SFTKSlot *slot = sftk_SlotFromSessionHandle(hSession);
@@ -405,7 +405,7 @@ Index: nss/lib/softoken/pkcs11c.c
/* RSA */
int public_modulus_bits = 0;
@@ -6081,11 +6086,11 @@ NSC_GenerateKeyPair(CK_SESSION_HANDLE hS
@@ -6253,11 +6258,11 @@ NSC_GenerateKeyPair(CK_SESSION_HANDLE hS
* created and linked.
*/
crv = sftk_handleObject(publicKey, session);
@@ -418,7 +418,7 @@ Index: nss/lib/softoken/pkcs11c.c
return crv;
}
if (sftk_isTrue(privateKey, CKA_SENSITIVE)) {
@@ -6129,12 +6134,20 @@ NSC_GenerateKeyPair(CK_SESSION_HANDLE hS
@@ -6301,12 +6306,20 @@ NSC_GenerateKeyPair(CK_SESSION_HANDLE hS
sftk_FreeObject(publicKey);
NSC_DestroyObject(hSession, privateKey->handle);
sftk_FreeObject(privateKey);
@@ -426,9 +426,9 @@ Index: nss/lib/softoken/pkcs11c.c
return crv;
}
+
+ publicKey->isFIPS = sftk_operationIsFIPS(slot, pMechanism, CKA_KEY_PAIR_GEN_MECHANISM, publicKey, 0);
+ privateKey->isFIPS = sftk_operationIsFIPS(slot, pMechanism, CKA_KEY_PAIR_GEN_MECHANISM, privateKey, 0);
+ session->lastOpWasFIPS = privateKey->isFIPS;
+ sftk_setFIPS(publicKey, sftk_operationIsFIPS(slot, pMechanism, CKA_KEY_PAIR_GEN_MECHANISM, publicKey, 0));
+ sftk_setFIPS(privateKey, sftk_operationIsFIPS(slot, pMechanism, CKA_KEY_PAIR_GEN_MECHANISM, privateKey, 0));
+ session->lastOpWasFIPS = sftk_hasFIPS(privateKey);
+
*phPrivateKey = privateKey->handle;
*phPublicKey = publicKey->handle;
@@ -439,7 +439,7 @@ Index: nss/lib/softoken/pkcs11c.c
return CKR_OK;
}
@@ -7326,6 +7339,14 @@ sftk_HKDF(CK_HKDF_PARAMS_PTR params, CK_
@@ -7529,6 +7542,14 @@ sftk_HKDF(CK_HKDF_PARAMS_PTR params, CK_
return CKR_TEMPLATE_INCONSISTENT;
}
@@ -454,17 +454,16 @@ Index: nss/lib/softoken/pkcs11c.c
/* sourceKey is NULL if we are called from the POST, skip the
* sensitiveCheck */
if (sourceKey != NULL) {
@@ -7374,7 +7395,8 @@ sftk_HKDF(CK_HKDF_PARAMS_PTR params, CK_
mech.pParameter = params;
@@ -7578,7 +7599,7 @@ sftk_HKDF(CK_HKDF_PARAMS_PTR params, CK_
mech.ulParameterLen = sizeof(*params);
key->isFIPS = sftk_operationIsFIPS(saltKey->slot, &mech,
- CKA_DERIVE, saltKey);
+ CKA_DERIVE, saltKey,
+ keySize*PR_BITS_PER_BYTE);
sftk_setFIPS(key, sftk_operationIsFIPS(saltKey->slot,
&mech, CKA_DERIVE,
- saltKey));
+ saltKey, keySize*PR_BITS_PER_BYTE));
}
saltKey_att = sftk_FindAttribute(saltKey, CKA_VALUE);
if (saltKey_att == NULL) {
@@ -7416,7 +7438,7 @@ sftk_HKDF(CK_HKDF_PARAMS_PTR params, CK_
@@ -7620,7 +7641,7 @@ sftk_HKDF(CK_HKDF_PARAMS_PTR params, CK_
/* HKDF-Expand */
if (!params->bExpand) {
okm = prk;
@@ -473,17 +472,17 @@ Index: nss/lib/softoken/pkcs11c.c
} else {
/* T(1) = HMAC-Hash(prk, "" | info | 0x01)
* T(n) = HMAC-Hash(prk, T(n-1) | info | n
@@ -7640,7 +7662,8 @@ NSC_DeriveKey(CK_SESSION_HANDLE hSession
return CKR_KEY_HANDLE_INVALID;
@@ -7845,7 +7866,8 @@ NSC_DeriveKey(CK_SESSION_HANDLE hSession
}
}
- key->isFIPS = sftk_operationIsFIPS(slot, pMechanism, CKA_DERIVE, sourceKey);
+ key->isFIPS = sftk_operationIsFIPS(slot, pMechanism, CKA_DERIVE, sourceKey,
+ keySize*PR_BITS_PER_BYTE);
sftk_setFIPS(key, sftk_operationIsFIPS(slot, pMechanism,
- CKA_DERIVE, sourceKey));
+ CKA_DERIVE, sourceKey,
+ keySize*PR_BITS_PER_BYTE));
switch (mechanism) {
/* get a public key from a private key. nsslowkey_ConvertToPublickey()
@@ -7841,7 +7864,7 @@ NSC_DeriveKey(CK_SESSION_HANDLE hSession
@@ -8050,7 +8072,7 @@ NSC_DeriveKey(CK_SESSION_HANDLE hSession
} else {
/* now allocate the hash contexts */
md5 = MD5_NewContext();
@@ -492,11 +491,11 @@ Index: nss/lib/softoken/pkcs11c.c
PORT_Memset(crsrdata, 0, sizeof crsrdata);
crv = CKR_HOST_MEMORY;
break;
@@ -8230,6 +8253,7 @@ NSC_DeriveKey(CK_SESSION_HANDLE hSession
@@ -8439,6 +8461,7 @@ NSC_DeriveKey(CK_SESSION_HANDLE hSession
PORT_Assert(i <= sizeof key_block);
}
+ session->lastOpWasFIPS = key->isFIPS;
+ session->lastOpWasFIPS = sftk_hasFIPS(key);
crv = CKR_OK;
if (0) {
@@ -726,12 +725,9 @@ Index: nss/lib/softoken/fips_algorithms.h
/* ------------------------- Hashing Operations ----------------------- */
{ CKM_SHA224, { 0, 0, CKF_HSH }, 1, SFTKFIPSNone },
{ CKM_SHA224_HMAC, { 112, 224, CKF_SGN }, 1, SFTKFIPSNone },
@@ -139,44 +190,86 @@ SFTKFIPSAlgorithmList sftk_fips_mechs[]
{ CKM_SHA512_HMAC, { 256, 512, CKF_SGN }, 1, SFTKFIPSNone },
{ CKM_SHA512_HMAC_GENERAL, { 256, 512, CKF_SGN }, 1, SFTKFIPSNone },
@@ -141,46 +192,88 @@ SFTKFIPSAlgorithmList sftk_fips_mechs[]
/* --------------------- Secret Key Operations ------------------------ */
- { CKM_GENERIC_SECRET_KEY_GEN, { 8, 256, CKF_GEN }, 1, SFTKFIPSNone },
+ { CKM_GENERIC_SECRET_KEY_GEN, { 112, 512, CKF_GEN }, 1, SFTKFIPSNone },
{ CKM_GENERIC_SECRET_KEY_GEN, { 8, 256, CKF_GEN }, 1, SFTKFIPSNone },
/* ---------------------- SSL/TLS operations ------------------------- */
+#if 0
+ /* Non-approved: SP 800-1400 - bsc#1222833 */
@@ -805,6 +801,10 @@ Index: nss/lib/softoken/fips_algorithms.h
+ { CKM_NSS_SP800_108_DOUBLE_PIPELINE_KDF_DERIVE_DATA, { 112, CK_MAX, CKF_KDF }, 1, SFTKFIPSChkHashSp800,
+ offsetof(CK_SP800_108_KDF_PARAMS, prfType) },
/* --------------------IPSEC ----------------------- */
{ CKM_IKE2_PRF_PLUS_DERIVE, { 8, 255 * 64, CKF_KDF }, 1, SFTKFIPSNone },
{ CKM_IKE_PRF_DERIVE, { 8, 64, CKF_KDF }, 1, SFTKFIPSNone },
{ CKM_IKE1_PRF_DERIVE, { 8, 64, CKF_KDF }, 1, SFTKFIPSNone },
{ CKM_IKE1_EXTENDED_DERIVE, { 8, 255 * 64, CKF_KDF }, 1, SFTKFIPSNone },
- { CKM_NSS_IKE_PRF_PLUS_DERIVE, { 8, 255 * 64, CKF_KDF }, 1, SFTKFIPSNone },
- { CKM_NSS_IKE_PRF_DERIVE, { 8, 64, CKF_KDF }, 1, SFTKFIPSNone },
- { CKM_NSS_IKE1_PRF_DERIVE, { 8, 64, CKF_KDF }, 1, SFTKFIPSNone },
@@ -834,7 +834,7 @@ Index: nss/lib/softoken/pkcs11u.c
===================================================================
--- nss.orig/lib/softoken/pkcs11u.c
+++ nss/lib/softoken/pkcs11u.c
@@ -2251,6 +2251,12 @@ sftk_AttributeToFlags(CK_ATTRIBUTE_TYPE
@@ -2315,6 +2315,12 @@ sftk_AttributeToFlags(CK_ATTRIBUTE_TYPE
case CKA_NSS_MESSAGE | CKA_VERIFY:
flags = CKF_MESSAGE_VERIFY;
break;
@@ -847,7 +847,7 @@ Index: nss/lib/softoken/pkcs11u.c
default:
break;
}
@@ -2327,7 +2333,7 @@ sftk_quickGetECCCurveOid(SFTKObject *sou
@@ -2391,7 +2397,7 @@ sftk_quickGetECCCurveOid(SFTKObject *sou
static int
sftk_getKeyLength(SFTKObject *source)
{
@@ -856,7 +856,7 @@ Index: nss/lib/softoken/pkcs11u.c
CK_ATTRIBUTE_TYPE keyAttribute;
CK_ULONG keyLength = 0;
SFTKAttribute *attribute;
@@ -2347,7 +2353,7 @@ sftk_getKeyLength(SFTKObject *source)
@@ -2411,7 +2417,7 @@ sftk_getKeyLength(SFTKObject *source)
* key length is CKA_VALUE, which is the default */
keyType = CKK_INVALID_KEY_TYPE;
}
@@ -865,7 +865,7 @@ Index: nss/lib/softoken/pkcs11u.c
SECOidTag curve = sftk_quickGetECCCurveOid(source);
switch (curve) {
case SEC_OID_CURVE25519:
@@ -2389,14 +2395,55 @@ sftk_getKeyLength(SFTKObject *source)
@@ -2453,14 +2459,55 @@ sftk_getKeyLength(SFTKObject *source)
return keyLength;
}
@@ -922,7 +922,7 @@ Index: nss/lib/softoken/pkcs11u.c
switch (mechInfo->special) {
case SFTKFIPSDH: {
SECItem dhPrime;
@@ -2425,10 +2472,27 @@ sftk_handleSpecial(SFTKSlot *slot, CK_ME
@@ -2489,10 +2536,27 @@ sftk_handleSpecial(SFTKSlot *slot, CK_ME
}
case SFTKFIPSNone:
return PR_FALSE;
@@ -951,7 +951,7 @@ Index: nss/lib/softoken/pkcs11u.c
case SFTKFIPSAEAD: {
if (mech->ulParameterLen == 0) {
/* AEAD ciphers are only in FIPS mode if we are using the
@@ -2456,11 +2520,44 @@ sftk_handleSpecial(SFTKSlot *slot, CK_ME
@@ -2520,11 +2584,44 @@ sftk_handleSpecial(SFTKSlot *slot, CK_ME
if (hashObj == NULL) {
return PR_FALSE;
}
@@ -996,7 +996,7 @@ Index: nss/lib/softoken/pkcs11u.c
default:
break;
}
@@ -2471,7 +2568,7 @@ sftk_handleSpecial(SFTKSlot *slot, CK_ME
@@ -2535,7 +2632,7 @@ sftk_handleSpecial(SFTKSlot *slot, CK_ME
PRBool
sftk_operationIsFIPS(SFTKSlot *slot, CK_MECHANISM *mech, CK_ATTRIBUTE_TYPE op,
@@ -1005,23 +1005,21 @@ Index: nss/lib/softoken/pkcs11u.c
{
#ifndef NSS_HAS_FIPS_INDICATORS
return PR_FALSE;
@@ -2484,18 +2581,35 @@ sftk_operationIsFIPS(SFTKSlot *slot, CK_
@@ -2548,9 +2645,6 @@ sftk_operationIsFIPS(SFTKSlot *slot, CK_
if (!sftk_isFIPS(slot->slotID)) {
return PR_FALSE;
}
- if (source && !source->isFIPS) {
- if (source && !sftk_hasFIPS(source)) {
- return PR_FALSE;
- }
if (mech == NULL) {
return PR_FALSE;
}
-
/* now get the calculated values */
opFlags = sftk_AttributeToFlags(op);
@@ -2560,6 +2654,27 @@ sftk_operationIsFIPS(SFTKSlot *slot, CK_
if (opFlags == 0) {
return PR_FALSE;
}
+ if (source && !source->isFIPS
+ if (source && !sftk_hasFIPS(source)
+ && !((mech->mechanism == CKM_DSA_SHA224
+ || mech->mechanism == CKM_DSA_SHA256
+ || mech->mechanism == CKM_DSA_SHA384
@@ -1045,7 +1043,7 @@ Index: nss/lib/softoken/pkcs11u.c
keyLength = sftk_getKeyLength(source);
/* check against our algorithm array */
@@ -2503,13 +2617,15 @@ sftk_operationIsFIPS(SFTKSlot *slot, CK_
@@ -2567,13 +2682,15 @@ sftk_operationIsFIPS(SFTKSlot *slot, CK_
SFTKFIPSAlgorithmList *mechs = &sftk_fips_mechs[i];
/* if we match the number of records exactly, then we are an
* approved algorithm in the approved mode with an approved key */
@@ -1071,7 +1069,7 @@ Index: nss/lib/util/pkcs11t.h
===================================================================
--- nss.orig/lib/util/pkcs11t.h
+++ nss/lib/util/pkcs11t.h
@@ -576,6 +576,7 @@ typedef CK_ULONG CK_JAVA_MIDP_SECURITY_D
@@ -617,6 +617,7 @@ typedef CK_ULONG CK_JAVA_MIDP_SECURITY_D
/* CKA_KEY_GEN_MECHANISM is new for v2.11 */
#define CKA_KEY_GEN_MECHANISM 0x00000166UL
@@ -1083,7 +1081,7 @@ Index: nss/lib/softoken/pkcs11.c
===================================================================
--- nss.orig/lib/softoken/pkcs11.c
+++ nss/lib/softoken/pkcs11.c
@@ -575,17 +575,17 @@ static const struct mechanismList mechan
@@ -596,17 +596,17 @@ static const struct mechanismList mechan
{ CKM_TLS_MASTER_KEY_DERIVE, { 48, 48, CKF_DERIVE }, PR_FALSE },
{ CKM_TLS12_MASTER_KEY_DERIVE, { 48, 48, CKF_DERIVE }, PR_FALSE },
{ CKM_NSS_TLS_MASTER_KEY_DERIVE_SHA256,
@@ -1110,13 +1108,13 @@ Index: nss/lib/softoken/pkcs11i.h
===================================================================
--- nss.orig/lib/softoken/pkcs11i.h
+++ nss/lib/softoken/pkcs11i.h
@@ -968,7 +968,8 @@ CK_FLAGS sftk_AttributeToFlags(CK_ATTRIB
@@ -975,7 +975,8 @@ CK_FLAGS sftk_AttributeToFlags(CK_ATTRIB
/* check the FIPS table to determine if this current operation is allowed by
* FIPS security policy */
PRBool sftk_operationIsFIPS(SFTKSlot *slot, CK_MECHANISM *mech,
- CK_ATTRIBUTE_TYPE op, SFTKObject *source);
+ CK_ATTRIBUTE_TYPE op, SFTKObject *source,
+ CK_ULONG targetKeySize);
/* add validation objects to the slot */
CK_RV sftk_CreateValidationObjects(SFTKSlot *slot);
/* manage the fips flag on objects */
void sftk_setFIPS(SFTKObject *obj, PRBool isFIPS);
PRBool sftk_hasFIPS(SFTKObject *obj);

180
nss-fips-combined-hash-sign-dsa-ecdsa.patch
View File

@@ -16,7 +16,7 @@ Index: nss/cmd/lib/pk11table.c
===================================================================
--- nss.orig/cmd/lib/pk11table.c
+++ nss/cmd/lib/pk11table.c
@@ -274,6 +274,10 @@ const Constant _consts[] = {
@@ -283,6 +283,10 @@ const Constant _consts[] = {
mkEntry(CKM_DSA_KEY_PAIR_GEN, Mechanism),
mkEntry(CKM_DSA, Mechanism),
mkEntry(CKM_DSA_SHA1, Mechanism),
@@ -27,7 +27,7 @@ Index: nss/cmd/lib/pk11table.c
mkEntry(CKM_DH_PKCS_KEY_PAIR_GEN, Mechanism),
mkEntry(CKM_DH_PKCS_DERIVE, Mechanism),
mkEntry(CKM_X9_42_DH_DERIVE, Mechanism),
@@ -439,6 +443,10 @@ const Constant _consts[] = {
@@ -448,6 +452,10 @@ const Constant _consts[] = {
mkEntry(CKM_EC_KEY_PAIR_GEN, Mechanism),
mkEntry(CKM_ECDSA, Mechanism),
mkEntry(CKM_ECDSA_SHA1, Mechanism),
@@ -68,7 +68,7 @@ Index: nss/lib/softoken/pkcs11c.c
===================================================================
--- nss.orig/lib/softoken/pkcs11c.c
+++ nss/lib/softoken/pkcs11c.c
@@ -2849,6 +2849,38 @@ nsc_EDDSASignStub(void *ctx, unsigned ch
@@ -2850,6 +2850,38 @@ nsc_EDDSASignStub(void *ctx, unsigned ch
return rv;
}
@@ -107,7 +107,7 @@ Index: nss/lib/softoken/pkcs11c.c
/* NSC_SignInit setups up the signing operations. There are three basic
* types of signing:
* (1) the tradition single part, where "Raw RSA" or "Raw DSA" is applied
@@ -3756,6 +3788,22 @@ NSC_VerifyInit(CK_SESSION_HANDLE hSessio
@@ -3757,6 +3789,22 @@ NSC_VerifyInit(CK_SESSION_HANDLE hSessio
info->hashOid = SEC_OID_##mmm; \
goto finish_rsa;
@@ -130,182 +130,18 @@ Index: nss/lib/softoken/pkcs11c.c
switch (pMechanism->mechanism) {
INIT_RSA_VFY_MECH(MD5)
INIT_RSA_VFY_MECH(MD2)
@@ -5018,6 +5066,73 @@ loser:
#define PAIRWISE_DIGEST_LENGTH SHA224_LENGTH /* 224-bits */
#define PAIRWISE_MESSAGE_LENGTH 20 /* 160-bits */
+static CK_RV
+pairwise_signverify_mech (CK_SESSION_HANDLE hSession,
+ SFTKObject *publicKey, SFTKObject *privateKey,
+ CK_MECHANISM mech,
+ CK_ULONG signature_length,
+ CK_ULONG pairwise_digest_length)
+{
+ /* Variables used for Signature/Verification functions. */
+ /* Must be at least 256 bits for DSA2 digest */
+ unsigned char *known_digest = (unsigned char *)"Mozilla Rules the World through NSS!";
+ unsigned char *signature;
+ CK_RV crv;
+
+ /* Allocate space for signature data. */
+ signature = (unsigned char *)PORT_ZAlloc(signature_length);
+ if (signature == NULL) {
+ return CKR_HOST_MEMORY;
+ }
+
+ /* Sign the known hash using the private key. */
+ crv = NSC_SignInit(hSession, &mech, privateKey->handle);
+ if (crv != CKR_OK) {
+ PORT_Free(signature);
+ return crv;
+ }
+
+ crv = NSC_Sign(hSession,
+ known_digest,
+ pairwise_digest_length,
+ signature,
+ &signature_length);
+ if (crv != CKR_OK) {
+ PORT_Free(signature);
+ return crv;
+ }
+
+ /* detect trivial signing transforms */
+ if ((signature_length >= pairwise_digest_length) &&
+ (PORT_Memcmp(known_digest, signature + (signature_length - pairwise_digest_length), pairwise_digest_length) == 0)) {
+ PORT_Free(signature);
+ return CKR_DEVICE_ERROR;
+ }
+
+ /* Verify the known hash using the public key. */
+ crv = NSC_VerifyInit(hSession, &mech, publicKey->handle);
+ if (crv != CKR_OK) {
+ PORT_Free(signature);
+ return crv;
+ }
+
+ crv = NSC_Verify(hSession,
+ known_digest,
+ pairwise_digest_length,
+ signature,
+ signature_length);
+
+ /* Free signature data. */
+ PORT_Free(signature);
+
+ if ((crv == CKR_SIGNATURE_LEN_RANGE) ||
+ (crv == CKR_SIGNATURE_INVALID)) {
+ return CKR_GENERAL_ERROR;
+ }
+
+ return crv;
+}
+
/*
* FIPS 140-2 pairwise consistency check utilized to validate key pair.
*
@@ -5072,8 +5187,6 @@ sftk_PairwiseConsistencyCheck(CK_SESSION
/* Variables used for Signature/Verification functions. */
/* Must be at least 256 bits for DSA2 digest */
- unsigned char *known_digest = (unsigned char *)"Mozilla Rules the World through NSS!";
- unsigned char *signature;
CK_ULONG signature_length;
if (keyType == CKK_RSA) {
@@ -5227,80 +5340,37 @@ sftk_PairwiseConsistencyCheck(CK_SESSION
@@ -5266,10 +5314,9 @@ sftk_PairwiseConsistencyCheck(CK_SESSION
canSignVerify = PR_FALSE;
}
}
+#define SIGNVERIFY_CHECK_MECH(vfymech) \
+ mech.mechanism = vfymech; \
+ crv = pairwise_signverify_mech (hSession, publicKey, privateKey, \
+ mech, signature_length, pairwise_digest_length); \
+ if (crv != CKR_OK) \
+ return crv;
-
+
+
if (canSignVerify) {
CK_RSA_PKCS_PSS_PARAMS pssParams;
- /* Determine length of signature. */
switch (keyType) {
case CKK_RSA:
signature_length = modulusLen;
- mech.mechanism = CKM_RSA_PKCS;
+ SIGNVERIFY_CHECK_MECH(CKM_SHA224_RSA_PKCS)
break;
case CKK_DSA:
signature_length = DSA_MAX_SIGNATURE_LEN;
pairwise_digest_length = subPrimeLen;
- mech.mechanism = CKM_DSA;
+ SIGNVERIFY_CHECK_MECH(CKM_DSA_SHA224)
break;
case CKK_EC:
signature_length = MAX_ECKEY_LEN * 2;
- mech.mechanism = CKM_ECDSA;
+ SIGNVERIFY_CHECK_MECH(CKM_ECDSA_SHA224)
break;
case CKK_EC_EDWARDS:
signature_length = ED25519_SIGN_LEN;
- mech.mechanism = CKM_EDDSA;
+ SIGNVERIFY_CHECK_MECH(CKM_EDDSA)
break;
default:
return CKR_DEVICE_ERROR;
}
- /* Allocate space for signature data. */
- signature = (unsigned char *)PORT_ZAlloc(signature_length);
- if (signature == NULL) {
- return CKR_HOST_MEMORY;
- }
-
- /* Sign the known hash using the private key. */
- crv = NSC_SignInit(hSession, &mech, privateKey->handle);
- if (crv != CKR_OK) {
- PORT_Free(signature);
- return crv;
- }
-
- crv = NSC_Sign(hSession,
- known_digest,
- pairwise_digest_length,
- signature,
- &signature_length);
- if (crv != CKR_OK) {
- PORT_Free(signature);
- return crv;
- }
-
- /* detect trivial signing transforms */
- if ((signature_length >= pairwise_digest_length) &&
- (PORT_Memcmp(known_digest, signature + (signature_length - pairwise_digest_length), pairwise_digest_length) == 0)) {
- PORT_Free(signature);
- return CKR_GENERAL_ERROR;
- }
-
- /* Verify the known hash using the public key. */
- crv = NSC_VerifyInit(hSession, &mech, publicKey->handle);
- if (crv != CKR_OK) {
- PORT_Free(signature);
- return crv;
- }
-
- crv = NSC_Verify(hSession,
- known_digest,
- pairwise_digest_length,
- signature,
- signature_length);
-
- /* Free signature data. */
- PORT_Free(signature);
-
- if ((crv == CKR_SIGNATURE_LEN_RANGE) ||
- (crv == CKR_SIGNATURE_INVALID)) {
- return CKR_GENERAL_ERROR;
- }
if (crv != CKR_OK) {
return crv;
}
Index: nss/lib/softoken/softoken.h
===================================================================
--- nss.orig/lib/softoken/softoken.h

13
nss-fips-pairwise-consistency-check.patch
View File

@@ -14,18 +14,7 @@ Index: nss/lib/softoken/pkcs11c.c
===================================================================
--- nss.orig/lib/softoken/pkcs11c.c
+++ nss/lib/softoken/pkcs11c.c
@@ -5009,8 +5009,8 @@ loser:
return crv;
}
-#define PAIRWISE_DIGEST_LENGTH SHA1_LENGTH /* 160-bits */
-#define PAIRWISE_MESSAGE_LENGTH 20 /* 160-bits */
+#define PAIRWISE_DIGEST_LENGTH SHA224_LENGTH /* 224-bits */
+#define PAIRWISE_MESSAGE_LENGTH 20 /* 160-bits */
/*
* FIPS 140-2 pairwise consistency check utilized to validate key pair.
@@ -6077,6 +6077,7 @@ NSC_GenerateKeyPair(CK_SESSION_HANDLE hS
@@ -6165,6 +6165,7 @@ NSC_GenerateKeyPair(CK_SESSION_HANDLE hS
(PRUint32)crv);
sftk_LogAuditMessage(NSS_AUDIT_ERROR, NSS_AUDIT_SELF_TEST, msg);
}

10
nss-fips-pct-pubkeys.patch
View File

@@ -5,9 +5,9 @@ Index: nss/lib/softoken/pkcs11c.c
===================================================================
--- nss.orig/lib/softoken/pkcs11c.c
+++ nss/lib/softoken/pkcs11c.c
@@ -5132,6 +5132,88 @@ pairwise_signverify_mech (CK_SESSION_HAN
return crv;
}
@@ -5093,6 +5093,88 @@ loser:
#define PAIRWISE_MESSAGE_LENGTH 20 /* 160-bits */
+/* This function regenerates a public key from a private key
+ * (not simply returning the saved public key) and compares it
@@ -92,9 +92,9 @@ Index: nss/lib/softoken/pkcs11c.c
+}
+
/*
* FIPS 140-2 pairwise consistency check utilized to validate key pair.
* FIPS 140-3 pairwise consistency check utilized to validate key pair.
*
@@ -5484,6 +5566,30 @@ sftk_PairwiseConsistencyCheck(CK_SESSION
@@ -5550,6 +5632,30 @@ sftk_PairwiseConsistencyCheck(CK_SESSION
}
}

10
nss-fips-rsa-keygen-strictness.patch
View File

@@ -92,7 +92,7 @@ Index: nss/lib/freebl/rsa.c
if (err != MP_OKAY) {
if (err == MP_UNDEF) {
PORT_SetError(SEC_ERROR_NEED_RANDOM);
@@ -288,10 +303,12 @@ RSA_NewKey(int keySizeInBits, SECItem *p
@@ -297,10 +312,12 @@ RSA_NewKey(int keySizeInBits, SECItem *p
mp_int q = { 0, 0, 0, NULL };
mp_int e = { 0, 0, 0, NULL };
mp_int d = { 0, 0, 0, NULL };
@@ -106,7 +106,7 @@ Index: nss/lib/freebl/rsa.c
int prerr = 0;
RSAPrivateKey *key = NULL;
PLArenaPool *arena = NULL;
@@ -309,11 +326,40 @@ RSA_NewKey(int keySizeInBits, SECItem *p
@@ -318,11 +335,40 @@ RSA_NewKey(int keySizeInBits, SECItem *p
PORT_SetError(SEC_ERROR_INVALID_ARGS);
goto cleanup;
}
@@ -151,7 +151,7 @@ Index: nss/lib/freebl/rsa.c
}
#endif
@@ -331,12 +377,7 @@ RSA_NewKey(int keySizeInBits, SECItem *p
@@ -340,12 +386,7 @@ RSA_NewKey(int keySizeInBits, SECItem *p
key->arena = arena;
/* length of primes p and q (in bytes) */
primeLen = keySizeInBits / (2 * PR_BITS_PER_BYTE);
@@ -165,7 +165,7 @@ Index: nss/lib/freebl/rsa.c
/* 3. Set the version number (PKCS1 v1.5 says it should be zero) */
SECITEM_AllocItem(arena, &key->version, 1);
key->version.data[0] = 0;
@@ -347,13 +388,64 @@ RSA_NewKey(int keySizeInBits, SECItem *p
@@ -356,13 +397,64 @@ RSA_NewKey(int keySizeInBits, SECItem *p
PORT_SetError(0);
CHECK_SEC_OK(generate_prime(&p, primeLen));
CHECK_SEC_OK(generate_prime(&q, primeLen));
@@ -231,7 +231,7 @@ Index: nss/lib/freebl/rsa.c
/* Attempt to use these primes to generate a key */
rv = rsa_build_from_primes(&p, &q,
&e, PR_FALSE, /* needPublicExponent=false */
@@ -376,7 +468,9 @@ cleanup:
@@ -385,7 +477,9 @@ cleanup:
mp_clear(&q);
mp_clear(&e);
mp_clear(&d);

2
nss-fips-zeroization.patch
View File

@@ -92,7 +92,7 @@ Index: nss/lib/freebl/dh.c
===================================================================
--- nss.orig/lib/freebl/dh.c
+++ nss/lib/freebl/dh.c
@@ -192,6 +192,10 @@ cleanup:
@@ -194,6 +194,10 @@ cleanup:
rv = SECFailure;
}
if (rv) {