194c062b5d
nss-fips-aes-keywrap-post.patch
nss-fips-approved-crypto-non-ec.patch
nss-fips-cavs-dsa-fixes.patch
nss-fips-cavs-general.patch
nss-fips-cavs-kas-ecc.patch
nss-fips-cavs-kas-ffc.patch
nss-fips-cavs-keywrap.patch
nss-fips-cavs-rsa-fixes.patch
nss-fips-combined-hash-sign-dsa-ecdsa.patch
nss-fips-constructor-self-tests.patch
nss-fips-detect-fips-mode-fixes.patch
nss-fips-dsa-kat.patch
nss-fips-gcm-ctr.patch
nss-fips-pairwise-consistency-check.patch
nss-fips-rsa-keygen-strictness.patch
nss-fips-tls-allow-md5-prf.patch
nss-fips-use-getrandom.patch
nss-fips-use-strong-random-pool.patch
nss-fips-zeroization.patch
nss-fix-dh-pkcs-derive-inverted-logic.patch
- update to NSS 3.53.1
* required for Firefox 78
* CVE-2020-12402 - Use constant-time GCD and modular inversion in MPI.
(bmo#1631597, bsc#1173032)
- update to NSS 3.53
Notable changes
* SEED is now moved into a new freebl directory freebl/deprecated
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/mozilla-nss?expand=0&rev=326
35 lines
1.1 KiB
Diff
35 lines
1.1 KiB
Diff
# HG changeset patch
|
|
# User Hans Petter Jansson <hpj@cl.no>
|
|
# Date 1574138371 -3600
|
|
# Tue Nov 19 05:39:31 2019 +0100
|
|
# Node ID 557f9009507c9e70941dbe39965028049e1ef5a2
|
|
# Parent 4ae6bed68a83c01f6d2ce7a37bdb0bdb0556416f
|
|
[PATCH 07/22] 15
|
|
From 2a162c34b7aad7399f33069cd9930fd92714861c Mon Sep 17 00:00:00 2001
|
|
---
|
|
nss/lib/softoken/pkcs11c.c | 5 +++--
|
|
1 file changed, 3 insertions(+), 2 deletions(-)
|
|
|
|
diff --git a/lib/softoken/pkcs11c.c b/lib/softoken/pkcs11c.c
|
|
--- a/lib/softoken/pkcs11c.c
|
|
+++ b/lib/softoken/pkcs11c.c
|
|
@@ -4730,8 +4730,8 @@
|
|
return crv;
|
|
}
|
|
|
|
-#define PAIRWISE_DIGEST_LENGTH SHA1_LENGTH /* 160-bits */
|
|
-#define PAIRWISE_MESSAGE_LENGTH 20 /* 160-bits */
|
|
+#define PAIRWISE_DIGEST_LENGTH SHA224_LENGTH /* 224-bits */
|
|
+#define PAIRWISE_MESSAGE_LENGTH 20 /* 160-bits */
|
|
|
|
/*
|
|
* FIPS 140-2 pairwise consistency check utilized to validate key pair.
|
|
@@ -5591,6 +5591,7 @@
|
|
(PRUint32)crv);
|
|
sftk_LogAuditMessage(NSS_AUDIT_ERROR, NSS_AUDIT_SELF_TEST, msg);
|
|
}
|
|
+ sftk_fatalError = PR_TRUE;
|
|
}
|
|
}
|
|
|