# HG changeset patch
# User Robert Relyea <rrelyea@redhat.com>
# Date 1581383641 28800
#      Mon Feb 10 17:14:01 2020 -0800
# Node ID df142975f4f695f84a662abdd27219c21c87c8d1
# Parent  046a6f5bfb271ed03ed6a93e3f879d57905999c5
Bug 1611209 - Value of CKM_AES_CMAC and CKM_AES_CMAC_GENERAL are swapped r=rrelyea

diff --git a/lib/util/pkcs11t.h b/lib/util/pkcs11t.h
--- a/lib/util/pkcs11t.h
+++ b/lib/util/pkcs11t.h
@@ -898,8 +898,8 @@ typedef CK_ULONG CK_MECHANISM_TYPE;
 #define CKM_AES_CCM 0x00001088
 #define CKM_AES_CTS 0x00001089
 /* AES-CMAC values copied from v2.40 errata 1 header file */
-#define CKM_AES_CMAC_GENERAL 0x0000108A
-#define CKM_AES_CMAC 0x0000108B
+#define CKM_AES_CMAC 0x0000108A
+#define CKM_AES_CMAC_GENERAL 0x0000108B
 #define CKM_AES_XCBC_MAC 0x0000108C
 #define CKM_AES_XCBC_MAC_96 0x0000108D
 
# HG changeset patch
# User Robert Relyea <rrelyea@redhat.com>
# Date 1581371554 28800
#      Mon Feb 10 13:52:34 2020 -0800
# Node ID 046a6f5bfb271ed03ed6a93e3f879d57905999c5
# Parent  f161f15f8c8d37070aa5763a1edd91cbbc7c54fb
Bug 1610687 - Crash on unaligned CMACContext.aes.keySchedule when using AES-NI intrinsics r=kjacobs
https://phabricator.services.mozilla.com/D60699

diff --git a/lib/freebl/cmac.c b/lib/freebl/cmac.c
--- a/lib/freebl/cmac.c
+++ b/lib/freebl/cmac.c
@@ -22,7 +22,7 @@ struct CMACContextStr {
      * add a new Context pointer to the cipher union with the correct type. */
     CMACCipher cipherType;
     union {
-        AESContext aes;
+        AESContext *aes;
     } cipher;
     int blockSize;
 
@@ -62,7 +62,7 @@ cmac_Encrypt(CMACContext *ctx, unsigned 
 {
     if (ctx->cipherType == CMAC_AES) {
         unsigned int tmpOutputLen;
-        SECStatus rv = AES_Encrypt(&ctx->cipher.aes, output, &tmpOutputLen,
+        SECStatus rv = AES_Encrypt(ctx->cipher.aes, output, &tmpOutputLen,
                                    ctx->blockSize, input, inputLen);
 
         /* Assumption: AES_Encrypt (when in ECB mode) always returns an
@@ -156,8 +156,9 @@ CMAC_Init(CMACContext *ctx, CMACCipher t
 
     ctx->blockSize = AES_BLOCK_SIZE;
     ctx->cipherType = CMAC_AES;
-    if (AES_InitContext(&ctx->cipher.aes, key, key_len, NULL, NSS_AES, 1,
-                        ctx->blockSize) != SECSuccess) {
+    ctx->cipher.aes = AES_CreateContext(key, NULL, NSS_AES, 1, key_len,
+                                        ctx->blockSize);
+    if (ctx->cipher.aes == NULL) {
         return SECFailure;
     }
 
@@ -308,8 +309,8 @@ CMAC_Destroy(CMACContext *ctx, PRBool fr
         return;
     }
 
-    if (ctx->cipherType == CMAC_AES) {
-        AES_DestroyContext(&ctx->cipher.aes, PR_FALSE);
+    if (ctx->cipherType == CMAC_AES && ctx->cipher.aes != NULL) {
+        AES_DestroyContext(ctx->cipher.aes, PR_TRUE);
     }
 
     /* Destroy everything in the context. This includes sensitive data in