009bd2b01c
* no releasenotes available yet https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.66_release_notes - update to NSS 3.65 * bmo#1709654 - Update for NetBSD configuration. * bmo#1709750 - Disable HPKE test when fuzzing. * bmo#1566124 - Optimize AES-GCM for ppc64le. * bmo#1699021 - Add AES-256-GCM to HPKE. * bmo#1698419 - ECH -10 updates. * bmo#1692930 - Update HPKE to final version. * bmo#1707130 - NSS should use modern algorithms in PKCS#12 files by default. * bmo#1703936 - New coverity/cpp scanner errors. * bmo#1697303 - NSS needs to update it's csp clearing to FIPS 180-3 standards. * bmo#1702663 - Need to support RSA PSS with Hashing PKCS #11 Mechanisms. * bmo#1705119 - Deadlock when using GCM and non-thread safe tokens. - refreshed patches - Firefox 90.0 requires NSS 3.66 OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/mozilla-nss?expand=0&rev=361
317 lines
8.9 KiB
Diff
317 lines
8.9 KiB
Diff
# HG changeset patch
|
|
# User M. Sirringhaus <msirringhaus@suse.de>
|
|
# Date 1590413427 -7200
|
|
# Mon May 25 15:30:27 2020 +0200
|
|
# Node ID 969310ea4c573aac64bf08846b8938b8fa783870
|
|
# Parent 60c5e5d73ce1177fa66d8fd6cf49d9b371ca9be4
|
|
imported patch nss-fips-cavs-general.patch
|
|
|
|
Index: nss/cmd/fipstest/fipstest.c
|
|
===================================================================
|
|
--- nss.orig/cmd/fipstest/fipstest.c
|
|
+++ nss/cmd/fipstest/fipstest.c
|
|
@@ -5,6 +5,7 @@
|
|
#include <stdio.h>
|
|
#include <stdlib.h>
|
|
#include <ctype.h>
|
|
+#include <dlfcn.h>
|
|
|
|
#include "secitem.h"
|
|
#include "blapi.h"
|
|
@@ -18,6 +19,9 @@
|
|
#include "lowkeyi.h"
|
|
#include "softoken.h"
|
|
#include "pkcs11t.h"
|
|
+
|
|
+#include "../../lib/freebl/fips.h"
|
|
+
|
|
#define __PASTE(x, y) x##y
|
|
#undef CK_PKCS11_FUNCTION_INFO
|
|
#undef CK_NEED_ARG_LIST
|
|
@@ -55,6 +59,10 @@ EC_CopyParams(PLArenaPool *arena, ECPara
|
|
#define RSA_MAX_TEST_EXPONENT_BYTES 8
|
|
#define PQG_TEST_SEED_BYTES 20
|
|
|
|
+SECStatus (*FREEBL_Test_PQG_ParamGenV2_p) (unsigned int L, unsigned int N, unsigned int seedBytes,
|
|
+ PQGParams **pParams, PQGVerify **pVfy,
|
|
+ SECItem *firstseed, HASH_HashType hashtype);
|
|
+
|
|
SECStatus
|
|
hex_to_byteval(const char *c2, unsigned char *byteval)
|
|
{
|
|
@@ -168,6 +176,62 @@ from_hex_str(unsigned char *buf, unsigne
|
|
return PR_TRUE;
|
|
}
|
|
|
|
+#if 0
|
|
+
|
|
+static void
|
|
+dump_secitem (FILE *out, SECItem *secitem)
|
|
+{
|
|
+ char buf [4096];
|
|
+
|
|
+ to_hex_str(buf, secitem->data, secitem->len);
|
|
+ fputs (buf, out);
|
|
+}
|
|
+
|
|
+static void
|
|
+dump_labeled_secitem (FILE *out, const char *name, SECItem *secitem)
|
|
+{
|
|
+ fprintf (out, "%s = ", name);
|
|
+ dump_secitem (out, secitem);
|
|
+ fputs ("\n", out);
|
|
+}
|
|
+
|
|
+#endif
|
|
+
|
|
+static int
|
|
+parse_secitem (const char *name, const char *buf, SECItem *secitem)
|
|
+{
|
|
+ if (!strncmp (buf, name, strlen (name))) {
|
|
+ int i, j, len;
|
|
+
|
|
+ i = strlen (name);
|
|
+ while (isspace(buf[i]) || buf[i] == '=') {
|
|
+ i++;
|
|
+ }
|
|
+
|
|
+ len = strspn (&buf[i], "0123456789abcdefABCDEF");
|
|
+ if (!len)
|
|
+ return 0;
|
|
+
|
|
+ if (secitem->data) {
|
|
+ SECITEM_ZfreeItem(secitem, PR_FALSE);
|
|
+ secitem->data = NULL;
|
|
+ }
|
|
+
|
|
+ len = (len + 1) / 2;
|
|
+ SECITEM_AllocItem(NULL, secitem, len);
|
|
+ secitem->len = len;
|
|
+
|
|
+ memset(secitem->data, 0, secitem->len);
|
|
+ for (j = 0; j < secitem->len; i += 2, j++) {
|
|
+ hex_to_byteval(&buf[i], &secitem->data[j]);
|
|
+ }
|
|
+
|
|
+ return 1;
|
|
+ }
|
|
+
|
|
+ return 0;
|
|
+}
|
|
+
|
|
SECStatus
|
|
tdea_encrypt_buf(
|
|
int mode,
|
|
@@ -8930,41 +8994,6 @@ out:
|
|
}
|
|
}
|
|
|
|
-static int
|
|
-parse_secitem (const char *name, const char *buf, SECItem *secitem)
|
|
-{
|
|
- if (!strncmp (buf, name, strlen (name))) {
|
|
- int i, j, len;
|
|
-
|
|
- i = strlen (name);
|
|
- while (isspace(buf[i]) || buf[i] == '=') {
|
|
- i++;
|
|
- }
|
|
-
|
|
- len = strspn (&buf[i], "0123456789abcdefABCDEF");
|
|
- if (!len)
|
|
- return 0;
|
|
-
|
|
- if (secitem->data) {
|
|
- SECITEM_ZfreeItem(secitem, PR_FALSE);
|
|
- secitem->data = NULL;
|
|
- }
|
|
-
|
|
- len = (len + 1) / 2;
|
|
- SECITEM_AllocItem(NULL, secitem, len);
|
|
- secitem->len = len;
|
|
-
|
|
- memset(secitem->data, 0, secitem->len);
|
|
- for (j = 0; j < secitem->len; i += 2, j++) {
|
|
- hex_to_byteval(&buf[i], &secitem->data[j]);
|
|
- }
|
|
-
|
|
- return 1;
|
|
- }
|
|
-
|
|
- return 0;
|
|
-}
|
|
-
|
|
void
|
|
kas_ffc_test(char *reqfn, int do_validity)
|
|
{
|
|
@@ -9387,12 +9416,34 @@ out:
|
|
free_param_specs (pspecs);
|
|
}
|
|
|
|
+static void
|
|
+init_functions (void)
|
|
+{
|
|
+ void *freebl_so;
|
|
+
|
|
+ freebl_so = dlopen ("libfreeblpriv3.so", RTLD_LAZY);
|
|
+ if (freebl_so == NULL)
|
|
+ {
|
|
+ fprintf (stderr, "Failed to load libfreeblpriv3.so.");
|
|
+ exit (1);
|
|
+ }
|
|
+
|
|
+ FREEBL_Test_PQG_ParamGenV2_p = dlsym (freebl_so, "FREEBL_Test_PQG_ParamGenV2");
|
|
+
|
|
+ if (FREEBL_Test_PQG_ParamGenV2_p == NULL)
|
|
+ {
|
|
+ fprintf (stderr, "Failed to bind FREEBL_TEST_PQG_ParamGenV2.");
|
|
+ exit (1);
|
|
+ }
|
|
+}
|
|
+
|
|
int
|
|
main(int argc, char **argv)
|
|
{
|
|
if (argc < 2)
|
|
exit(-1);
|
|
|
|
+ init_functions();
|
|
RNG_RNGInit();
|
|
SECOID_Init();
|
|
|
|
Index: nss/lib/freebl/freebl.def
|
|
===================================================================
|
|
--- nss.orig/lib/freebl/freebl.def
|
|
+++ nss/lib/freebl/freebl.def
|
|
@@ -21,6 +21,7 @@
|
|
LIBRARY freebl3 ;-
|
|
EXPORTS ;-
|
|
FREEBL_GetVector;
|
|
+FREEBL_Test_PQG_ParamGenV2;
|
|
;+ local:
|
|
;+ *;
|
|
;+};
|
|
Index: nss/lib/freebl/freebl_hash.def
|
|
===================================================================
|
|
--- nss.orig/lib/freebl/freebl_hash.def
|
|
+++ nss/lib/freebl/freebl_hash.def
|
|
@@ -21,6 +21,7 @@
|
|
LIBRARY freebl3 ;-
|
|
EXPORTS ;-
|
|
FREEBL_GetVector;
|
|
+FREEBL_Test_PQG_ParamGenV2;
|
|
;+ local:
|
|
;+ *;
|
|
;+};
|
|
Index: nss/lib/freebl/freebl_hash_vector.def
|
|
===================================================================
|
|
--- nss.orig/lib/freebl/freebl_hash_vector.def
|
|
+++ nss/lib/freebl/freebl_hash_vector.def
|
|
@@ -21,6 +21,7 @@
|
|
LIBRARY freebl3 ;-
|
|
EXPORTS ;-
|
|
FREEBL_GetVector;
|
|
+FREEBL_Test_PQG_ParamGenV2;
|
|
;+ local:
|
|
;+ *;
|
|
;+};
|
|
Index: nss/lib/freebl/pqg.c
|
|
===================================================================
|
|
--- nss.orig/lib/freebl/pqg.c
|
|
+++ nss/lib/freebl/pqg.c
|
|
@@ -1242,7 +1242,8 @@ cleanup:
|
|
**/
|
|
static SECStatus
|
|
pqg_ParamGen(unsigned int L, unsigned int N, pqgGenType type,
|
|
- unsigned int seedBytes, PQGParams **pParams, PQGVerify **pVfy)
|
|
+ unsigned int seedBytes, PQGParams **pParams, PQGVerify **pVfy,
|
|
+ SECItem *firstseed_out, HASH_HashType hashtype)
|
|
{
|
|
unsigned int n; /* Per FIPS 186, app 2.2. 186-3 app A.1.1.2 */
|
|
unsigned int seedlen; /* Per FIPS 186-3 app A.1.1.2 (was 'g' 186-1)*/
|
|
@@ -1250,7 +1251,6 @@ pqg_ParamGen(unsigned int L, unsigned in
|
|
unsigned int offset; /* Per FIPS 186, app 2.2. 186-3 app A.1.1.2 */
|
|
unsigned int outlen; /* Per FIPS 186-3, appendix A.1.1.2. */
|
|
unsigned int maxCount;
|
|
- HASH_HashType hashtype = HASH_AlgNULL;
|
|
SECItem *seed; /* Per FIPS 186, app 2.2. 186-3 app A.1.1.2 */
|
|
PLArenaPool *arena = NULL;
|
|
PQGParams *params = NULL;
|
|
@@ -1301,7 +1301,8 @@ pqg_ParamGen(unsigned int L, unsigned in
|
|
/* fill in P Q, */
|
|
SECITEM_TO_MPINT((*pParams)->prime, &P);
|
|
SECITEM_TO_MPINT((*pParams)->subPrime, &Q);
|
|
- hashtype = getFirstHash(L, N);
|
|
+ if (hashtype == HASH_AlgNULL)
|
|
+ hashtype = getFirstHash(L, N);
|
|
CHECK_SEC_OK(makeGfromIndex(hashtype, &P, &Q, &(*pVfy)->seed,
|
|
(*pVfy)->h.data[0], &G));
|
|
MPINT_TO_SECITEM(&G, &(*pParams)->base, (*pParams)->arena);
|
|
@@ -1341,7 +1342,8 @@ pqg_ParamGen(unsigned int L, unsigned in
|
|
/* Select Hash and Compute lengths. */
|
|
/* getFirstHash gives us the smallest acceptable hash for this key
|
|
* strength */
|
|
- hashtype = getFirstHash(L, N);
|
|
+ if (hashtype == HASH_AlgNULL)
|
|
+ hashtype = getFirstHash(L, N);
|
|
outlen = HASH_ResultLen(hashtype) * PR_BITS_PER_BYTE;
|
|
|
|
/* Step 3: n = Ceil(L/outlen)-1; (same as n = Floor((L-1)/outlen)) */
|
|
@@ -1543,6 +1545,10 @@ generate_G:
|
|
verify->counter = counter;
|
|
*pParams = params;
|
|
*pVfy = verify;
|
|
+
|
|
+ if (firstseed_out)
|
|
+ SECITEM_CopyItem (NULL, firstseed_out, &firstseed);
|
|
+
|
|
cleanup:
|
|
if (pseed.data) {
|
|
SECITEM_ZfreeItem(&pseed, PR_FALSE);
|
|
@@ -1587,7 +1593,7 @@ PQG_ParamGen(unsigned int j, PQGParams *
|
|
L = 512 + (j * 64); /* bits in P */
|
|
seedBytes = L / 8;
|
|
return pqg_ParamGen(L, DSA1_Q_BITS, FIPS186_1_TYPE, seedBytes,
|
|
- pParams, pVfy);
|
|
+ pParams, pVfy, NULL, HASH_AlgNULL);
|
|
}
|
|
|
|
SECStatus
|
|
@@ -1602,7 +1608,7 @@ PQG_ParamGenSeedLen(unsigned int j, unsi
|
|
}
|
|
L = 512 + (j * 64); /* bits in P */
|
|
return pqg_ParamGen(L, DSA1_Q_BITS, FIPS186_1_TYPE, seedBytes,
|
|
- pParams, pVfy);
|
|
+ pParams, pVfy, NULL, HASH_AlgNULL);
|
|
}
|
|
|
|
SECStatus
|
|
@@ -1620,7 +1626,26 @@ PQG_ParamGenV2(unsigned int L, unsigned
|
|
/* error code already set */
|
|
return SECFailure;
|
|
}
|
|
- return pqg_ParamGen(L, N, FIPS186_3_ST_TYPE, seedBytes, pParams, pVfy);
|
|
+ return pqg_ParamGen(L, N, FIPS186_3_ST_TYPE, seedBytes, pParams, pVfy, NULL, HASH_AlgNULL);
|
|
+}
|
|
+
|
|
+SECStatus
|
|
+FREEBL_Test_PQG_ParamGenV2 (unsigned int L, unsigned int N, unsigned int seedBytes,
|
|
+ PQGParams **pParams, PQGVerify **pVfy, SECItem *firstseed_out,
|
|
+ HASH_HashType hashtype)
|
|
+{
|
|
+ if (N == 0) {
|
|
+ N = pqg_get_default_N(L);
|
|
+ }
|
|
+ if (seedBytes == 0) {
|
|
+ /* seedBytes == L/8 for probable primes, N/8 for Shawe-Taylor Primes */
|
|
+ seedBytes = N / 8;
|
|
+ }
|
|
+ if (pqg_validate_dsa2(L, N) != SECSuccess) {
|
|
+ /* error code already set */
|
|
+ return SECFailure;
|
|
+ }
|
|
+ return pqg_ParamGen(L, N, FIPS186_3_ST_TYPE, seedBytes, pParams, pVfy, firstseed_out, hashtype);
|
|
}
|
|
|
|
/*
|