From 26e9cf8babc54037c1d0a76e82c3361d9056b7e8 Mon Sep 17 00:00:00 2001 From: Daiki Ueno Date: Thu, 5 Mar 2020 09:57:34 +0100 Subject: [PATCH] Apply CMAC fixes from upstream --- nss-cmac-fixes.patch | 75 ++++++++++++++++++++++++++++++++++++++++++++ nss.spec | 8 ++++- 2 files changed, 82 insertions(+), 1 deletion(-) create mode 100644 nss-cmac-fixes.patch diff --git a/nss-cmac-fixes.patch b/nss-cmac-fixes.patch new file mode 100644 index 0000000..9bcd954 --- /dev/null +++ b/nss-cmac-fixes.patch @@ -0,0 +1,75 @@ +# HG changeset patch +# User Robert Relyea +# Date 1581383641 28800 +# Mon Feb 10 17:14:01 2020 -0800 +# Node ID df142975f4f695f84a662abdd27219c21c87c8d1 +# Parent 046a6f5bfb271ed03ed6a93e3f879d57905999c5 +Bug 1611209 - Value of CKM_AES_CMAC and CKM_AES_CMAC_GENERAL are swapped r=rrelyea + +diff --git a/lib/util/pkcs11t.h b/lib/util/pkcs11t.h +--- a/lib/util/pkcs11t.h ++++ b/lib/util/pkcs11t.h +@@ -898,8 +898,8 @@ typedef CK_ULONG CK_MECHANISM_TYPE; + #define CKM_AES_CCM 0x00001088 + #define CKM_AES_CTS 0x00001089 + /* AES-CMAC values copied from v2.40 errata 1 header file */ +-#define CKM_AES_CMAC_GENERAL 0x0000108A +-#define CKM_AES_CMAC 0x0000108B ++#define CKM_AES_CMAC 0x0000108A ++#define CKM_AES_CMAC_GENERAL 0x0000108B + #define CKM_AES_XCBC_MAC 0x0000108C + #define CKM_AES_XCBC_MAC_96 0x0000108D + +# HG changeset patch +# User Robert Relyea +# Date 1581371554 28800 +# Mon Feb 10 13:52:34 2020 -0800 +# Node ID 046a6f5bfb271ed03ed6a93e3f879d57905999c5 +# Parent f161f15f8c8d37070aa5763a1edd91cbbc7c54fb +Bug 1610687 - Crash on unaligned CMACContext.aes.keySchedule when using AES-NI intrinsics r=kjacobs +https://phabricator.services.mozilla.com/D60699 + +diff --git a/lib/freebl/cmac.c b/lib/freebl/cmac.c +--- a/lib/freebl/cmac.c ++++ b/lib/freebl/cmac.c +@@ -22,7 +22,7 @@ struct CMACContextStr { + * add a new Context pointer to the cipher union with the correct type. */ + CMACCipher cipherType; + union { +- AESContext aes; ++ AESContext *aes; + } cipher; + int blockSize; + +@@ -62,7 +62,7 @@ cmac_Encrypt(CMACContext *ctx, unsigned + { + if (ctx->cipherType == CMAC_AES) { + unsigned int tmpOutputLen; +- SECStatus rv = AES_Encrypt(&ctx->cipher.aes, output, &tmpOutputLen, ++ SECStatus rv = AES_Encrypt(ctx->cipher.aes, output, &tmpOutputLen, + ctx->blockSize, input, inputLen); + + /* Assumption: AES_Encrypt (when in ECB mode) always returns an +@@ -156,8 +156,9 @@ CMAC_Init(CMACContext *ctx, CMACCipher t + + ctx->blockSize = AES_BLOCK_SIZE; + ctx->cipherType = CMAC_AES; +- if (AES_InitContext(&ctx->cipher.aes, key, key_len, NULL, NSS_AES, 1, +- ctx->blockSize) != SECSuccess) { ++ ctx->cipher.aes = AES_CreateContext(key, NULL, NSS_AES, 1, key_len, ++ ctx->blockSize); ++ if (ctx->cipher.aes == NULL) { + return SECFailure; + } + +@@ -308,8 +309,8 @@ CMAC_Destroy(CMACContext *ctx, PRBool fr + return; + } + +- if (ctx->cipherType == CMAC_AES) { +- AES_DestroyContext(&ctx->cipher.aes, PR_FALSE); ++ if (ctx->cipherType == CMAC_AES && ctx->cipher.aes != NULL) { ++ AES_DestroyContext(ctx->cipher.aes, PR_TRUE); + } + + /* Destroy everything in the context. This includes sensitive data in diff --git a/nss.spec b/nss.spec index ab4e761..783fb85 100644 --- a/nss.spec +++ b/nss.spec @@ -43,7 +43,7 @@ rpm.define(string.format("nss_release_tag NSS_%s_RTM", Summary: Network Security Services Name: nss Version: %{nss_version} -Release: 1%{?dist} +Release: 2%{?dist} License: MPLv2.0 URL: http://www.mozilla.org/projects/security/pki/nss/ Requires: nspr >= %{nspr_version} @@ -115,6 +115,9 @@ Patch11: nss-tls13-default.patch Patch12: nss-signtool-format.patch # https://github.com/FStarLang/kremlin/issues/166 Patch13: nss-kremlin-ppc64le.patch +# https://bugzilla.mozilla.org/show_bug.cgi?id=1611209 +# https://bugzilla.mozilla.org/show_bug.cgi?id=1610687 +Patch14: nss-cmac-fixes.patch %description Network Security Services (NSS) is a set of libraries designed to @@ -881,6 +884,9 @@ update-crypto-policies &> /dev/null || : %changelog +* Thu Mar 5 2020 Daiki Ueno - 3.50.0-2 +- Apply CMAC fixes from upstream + * Mon Feb 17 2020 Daiki Ueno - 3.50.0-1 - Update to NSS 3.50