From 74449011e876d8839a7a1053f27fcea5cd1ccf4e Mon Sep 17 00:00:00 2001
From: CentOS Sources <bugs@centos.org>
Date: Mon, 14 May 2018 13:07:49 +0000
Subject: [PATCH] import nss-3.36.0-5.el7_5

---
 SOURCES/nss-lockcert-api-change.patch                 |   68 +++
 .gitignore                                            |    2 
 SOURCES/nss-sql-default.patch                         |   42 ++
 .nss.metadata                                         |    2 
 SOURCES/nss-reorder-cipher-suites-gtests.patch        |   12 
 SOURCES/renegotiate-transitional.patch                |   22 
 /dev/null                                             |  649 ------------------------------------
 SOURCES/nss-modutil-skip-changepw-fips.patch          |   22 +
 SPECS/nss.spec                                        |   70 ++-
 SOURCES/nss-pkcs12-iterations-limit.patch             |   24 +
 SOURCES/nss-devslot-reinsert.patch                    |   95 +++++
 SOURCES/Bug-1001841-disable-sslv2-tests.patch         |   19 
 SOURCES/enable-fips-when-system-is-in-fips-mode.patch |   28 
 13 files changed, 337 insertions(+), 718 deletions(-)

diff --git a/.gitignore b/.gitignore
index 7286e8d..9f715bd 100644
--- a/.gitignore
+++ b/.gitignore
@@ -10,7 +10,7 @@
 SOURCES/cert9.db.xml
 SOURCES/key3.db.xml
 SOURCES/key4.db.xml
-SOURCES/nss-3.34.0.tar.gz
+SOURCES/nss-3.36.0.tar.gz
 SOURCES/nss-config.xml
 SOURCES/secmod.db.xml
 SOURCES/setup-nsssysinit.xml
diff --git a/.nss.metadata b/.nss.metadata
index 7b7738a..43619b7 100644
--- a/.nss.metadata
+++ b/.nss.metadata
@@ -10,7 +10,7 @@
 7cbb7841b1aefe52534704bf2a4358bfea1aa477 SOURCES/cert9.db.xml
 24c123810543ff0f6848647d6d910744e275fb01 SOURCES/key3.db.xml
 af51b16a56fda1f7525a0eed3ecbdcbb4133be0c SOURCES/key4.db.xml
-01388dc47540744bb4b3c32cd8b77f1e770c4661 SOURCES/nss-3.34.0.tar.gz
+e9d8137e035efed17bd0ca12db497dbeff9b828e SOURCES/nss-3.36.0.tar.gz
 2905c9b06e7e686c9e3c0b5736a218766d4ae4c2 SOURCES/nss-config.xml
 ca9ebf79c1437169a02527c18b1e3909943c4be9 SOURCES/secmod.db.xml
 bcbe05281b38d843273f91ae3f9f19f70c7d97b3 SOURCES/setup-nsssysinit.xml
diff --git a/SOURCES/Bug-1001841-disable-sslv2-tests.patch b/SOURCES/Bug-1001841-disable-sslv2-tests.patch
index 40e3e6d..96569b2 100644
--- a/SOURCES/Bug-1001841-disable-sslv2-tests.patch
+++ b/SOURCES/Bug-1001841-disable-sslv2-tests.patch
@@ -1,10 +1,11 @@
 diff -up nss/tests/ssl/ssl.sh.disableSSL2tests nss/tests/ssl/ssl.sh
---- nss/tests/ssl/ssl.sh.disableSSL2tests	2017-09-20 08:47:27.000000000 +0200
-+++ nss/tests/ssl/ssl.sh	2017-10-06 16:19:10.812108552 +0200
-@@ -69,8 +69,14 @@ ssl_init()
- 
+--- nss/tests/ssl/ssl.sh.disableSSL2tests	2018-03-05 16:58:32.000000000 +0100
++++ nss/tests/ssl/ssl.sh	2018-03-09 17:24:07.047568191 +0100
+@@ -68,9 +68,14 @@ ssl_init()
+   NSS_SSL_RUN=${NSS_SSL_RUN:-$nss_ssl_run}
+   
    # Test case files
-   SSLCOV=${QADIR}/ssl/sslcov.txt
+-  SSLCOV=${QADIR}/ssl/sslcov.txt
 +  if [ "${NSS_NO_SSL2}" = "1" ]; then
 +    SSLCOV=${QADIR}/ssl/sslcov.noSSL2orExport.txt
 +    SSLSTRESS=${QADIR}/ssl/sslstress.noSSL2orExport.txt
@@ -17,7 +18,7 @@
    SSLPOLICY=${QADIR}/ssl/sslpolicy.txt
    REQUEST_FILE=${QADIR}/ssl/sslreq.dat
  
-@@ -128,7 +134,11 @@ is_selfserv_alive()
+@@ -128,7 +133,11 @@ is_selfserv_alive()
    fi
  
    echo "kill -0 ${PID} >/dev/null 2>/dev/null"
@@ -29,7 +30,7 @@
  
    echo "selfserv with PID ${PID} found at `date`"
  }
-@@ -152,7 +162,11 @@ wait_for_selfserv()
+@@ -152,7 +161,11 @@ wait_for_selfserv()
        ${BINDIR}/tstclnt -4 -p ${PORT} -h ${HOSTADDR} ${CLIENT_OPTIONS} -q \
                -d ${P_R_CLIENTDIR} $verbose < ${REQUEST_FILE}
        if [ $? -ne 0 ]; then
@@ -41,7 +42,7 @@
        fi
    fi
    is_selfserv_alive
-@@ -275,7 +289,7 @@ ssl_cov()
+@@ -275,7 +288,7 @@ ssl_cov()
    start_selfserv # Launch the server
  
    VMIN="ssl3"
@@ -50,7 +51,7 @@
  
    ignore_blank_lines ${SSLCOV} | \
    while read ectype testmax param testname
-@@ -283,6 +297,12 @@ ssl_cov()
+@@ -283,6 +296,12 @@ ssl_cov()
        echo "${testname}" | grep "EXPORT" > /dev/null
        EXP=$?
  
diff --git a/SOURCES/enable-fips-when-system-is-in-fips-mode.patch b/SOURCES/enable-fips-when-system-is-in-fips-mode.patch
index 72c0cb4..dde5dcb 100644
--- a/SOURCES/enable-fips-when-system-is-in-fips-mode.patch
+++ b/SOURCES/enable-fips-when-system-is-in-fips-mode.patch
@@ -1,7 +1,7 @@
 diff -up nss/lib/pk11wrap/pk11pars.c.852023_enable_fips_when_in_fips_mode nss/lib/pk11wrap/pk11pars.c
---- nss/lib/pk11wrap/pk11pars.c.852023_enable_fips_when_in_fips_mode	2017-01-13 17:01:05.278296965 +0100
-+++ nss/lib/pk11wrap/pk11pars.c	2017-01-13 17:04:52.968903200 +0100
-@@ -672,6 +672,10 @@ SECMOD_CreateModuleEx(const char *librar
+--- nss/lib/pk11wrap/pk11pars.c.852023_enable_fips_when_in_fips_mode	2018-03-05 16:58:32.000000000 +0100
++++ nss/lib/pk11wrap/pk11pars.c	2018-03-09 17:24:39.815838810 +0100
+@@ -671,6 +671,10 @@ SECMOD_CreateModuleEx(const char *librar
  
      mod->internal = NSSUTIL_ArgHasFlag("flags", "internal", nssc);
      mod->isFIPS = NSSUTIL_ArgHasFlag("flags", "FIPS", nssc);
@@ -13,9 +13,9 @@
      slotParams = NSSUTIL_ArgGetParamValue("slotParams", nssc);
      mod->slotInfo = NSSUTIL_ArgParseSlotInfo(mod->arena, slotParams,
 diff -up nss/lib/pk11wrap/pk11util.c.852023_enable_fips_when_in_fips_mode nss/lib/pk11wrap/pk11util.c
---- nss/lib/pk11wrap/pk11util.c.852023_enable_fips_when_in_fips_mode	2017-01-13 17:01:05.278296965 +0100
-+++ nss/lib/pk11wrap/pk11util.c	2017-01-13 17:06:24.171723872 +0100
-@@ -94,6 +94,26 @@ SECMOD_Shutdown()
+--- nss/lib/pk11wrap/pk11util.c.852023_enable_fips_when_in_fips_mode	2018-03-05 16:58:32.000000000 +0100
++++ nss/lib/pk11wrap/pk11util.c	2018-03-09 17:25:46.804347730 +0100
+@@ -95,6 +95,26 @@ SECMOD_Shutdown()
      return SECSuccess;
  }
  
@@ -42,7 +42,7 @@
  /*
   * retrieve the internal module
   */
-@@ -427,7 +447,7 @@ SECMOD_DeleteInternalModule(const char *
+@@ -428,7 +448,7 @@ SECMOD_DeleteInternalModule(const char *
      SECMODModuleList **mlpp;
      SECStatus rv = SECFailure;
  
@@ -51,18 +51,18 @@
          PORT_SetError(SEC_ERROR_MODULE_STUCK);
          return rv;
      }
-@@ -902,7 +922,7 @@ SECMOD_DestroyModuleList(SECMODModuleLis
- PRBool
- SECMOD_CanDeleteInternalModule(void)
- {
+@@ -963,7 +983,7 @@ SECMOD_CanDeleteInternalModule(void)
+ #ifdef NSS_FIPS_DISABLED
+     return PR_FALSE;
+ #else
 -    return (PRBool)(pendingModule == NULL);
 +    return (PRBool) ((pendingModule == NULL) && !SECMOD_GetSystemFIPSEnabled());
+ #endif
  }
  
- /*
 diff -up nss/lib/pk11wrap/secmodi.h.852023_enable_fips_when_in_fips_mode nss/lib/pk11wrap/secmodi.h
---- nss/lib/pk11wrap/secmodi.h.852023_enable_fips_when_in_fips_mode	2017-01-13 17:01:05.278296965 +0100
-+++ nss/lib/pk11wrap/secmodi.h	2017-01-13 17:07:08.897624098 +0100
+--- nss/lib/pk11wrap/secmodi.h.852023_enable_fips_when_in_fips_mode	2018-03-05 16:58:32.000000000 +0100
++++ nss/lib/pk11wrap/secmodi.h	2018-03-09 17:24:39.816838788 +0100
 @@ -115,6 +115,13 @@ PK11SymKey *pk11_TokenKeyGenWithFlagsAnd
  CK_MECHANISM_TYPE pk11_GetPBECryptoMechanism(SECAlgorithmID *algid,
                                               SECItem **param, SECItem *pwd, PRBool faulty3DES);
diff --git a/SOURCES/nss-certutil-suppress-password.patch b/SOURCES/nss-certutil-suppress-password.patch
deleted file mode 100644
index 985ac21..0000000
--- a/SOURCES/nss-certutil-suppress-password.patch
+++ /dev/null
@@ -1,20 +0,0 @@
-# HG changeset patch
-# User Daiki Ueno <dueno@redhat.com>
-# Date 1513770602 -3600
-#      Wed Dec 20 12:50:02 2017 +0100
-# Node ID 29b2a346746fb03316cf97c8c7b0837b714c255b
-# Parent  5a14f42384eb22b67e0465949c03555eff41e4af
-Bug 1426361, certutil: check CKF_LOGIN_REQUIRED as well as CKF_USER_PIN_INITIALIZED, r=rrelyea
-
-diff --git a/cmd/certutil/certutil.c b/cmd/certutil/certutil.c
---- a/cmd/certutil/certutil.c
-+++ b/cmd/certutil/certutil.c
-@@ -3171,7 +3171,7 @@ certutil_main(int argc, char **argv, PRB
-         certutil.commands[cmd_CreateAndAddCert].activated ||
-         certutil.commands[cmd_AddCert].activated ||
-         certutil.commands[cmd_AddEmailCert].activated) {
--        if (PK11_NeedUserInit(slot)) {
-+        if (PK11_NeedLogin(slot) && PK11_NeedUserInit(slot)) {
-             char *password = NULL;
-             /* fetch the password from the command line or the file
-              * if no password is supplied, initialize the password to NULL */
diff --git a/SOURCES/nss-devslot-reinsert.patch b/SOURCES/nss-devslot-reinsert.patch
new file mode 100644
index 0000000..f68a81a
--- /dev/null
+++ b/SOURCES/nss-devslot-reinsert.patch
@@ -0,0 +1,95 @@
+# HG changeset patch
+# User Daiki Ueno <dueno@redhat.com>
+# Date 1521731296 -3600
+#      Thu Mar 22 16:08:16 2018 +0100
+# Node ID 6ae3ab8a1e7b4161f3f8eee90db7a745acced408
+# Parent  dedf5290c679153e5b3555ba9c711fe62323c156
+Bug 1447628, devslot: avoid deadlock when re-inserting a token, r=rrelyea
+
+diff --git a/lib/dev/devslot.c b/lib/dev/devslot.c
+--- a/lib/dev/devslot.c
++++ b/lib/dev/devslot.c
+@@ -96,10 +96,16 @@ nssSlot_ResetDelay(
+ }
+ 
+ static PRBool
+-within_token_delay_period(const NSSSlot *slot)
++token_status_checked(const NSSSlot *slot)
+ {
+     PRIntervalTime time;
+     int lastPingState = slot->lastTokenPingState;
++    /* When called from the same thread, that means
++     * nssSlot_IsTokenPresent() is called recursively through
++     * nssSlot_Refresh(). Return immediately in that case. */
++    if (slot->isPresentThread == PR_GetCurrentThread()) {
++        return PR_TRUE;
++    }
+     /* Set the delay time for checking the token presence */
+     if (s_token_delay_time == 0) {
+         s_token_delay_time = PR_SecondsToInterval(NSSSLOT_TOKEN_DELAY_TIME);
+@@ -130,7 +136,7 @@ nssSlot_IsTokenPresent(
+ 
+     /* avoid repeated calls to check token status within set interval */
+     PZ_Lock(slot->isPresentLock);
+-    if (within_token_delay_period(slot)) {
++    if (token_status_checked(slot)) {
+         CK_FLAGS ckFlags = slot->ckFlags;
+         PZ_Unlock(slot->isPresentLock);
+         return ((ckFlags & CKF_TOKEN_PRESENT) != 0);
+@@ -146,12 +152,12 @@ nssSlot_IsTokenPresent(
+ 
+     /* set up condition so only one thread is active in this part of the code at a time */
+     PZ_Lock(slot->isPresentLock);
+-    while (slot->inIsPresent) {
++    while (slot->isPresentThread) {
+         PR_WaitCondVar(slot->isPresentCondition, 0);
+     }
+     /* if we were one of multiple threads here, the first thread will have
+      * given us the answer, no need to make more queries of the token. */
+-    if (within_token_delay_period(slot)) {
++    if (token_status_checked(slot)) {
+         CK_FLAGS ckFlags = slot->ckFlags;
+         PZ_Unlock(slot->isPresentLock);
+         return ((ckFlags & CKF_TOKEN_PRESENT) != 0);
+@@ -159,7 +165,7 @@ nssSlot_IsTokenPresent(
+     /* this is the winning thread, block all others until we've determined
+      * if the token is present and that it needs initialization. */
+     slot->lastTokenPingState = nssSlotLastPingState_Update;
+-    slot->inIsPresent = PR_TRUE;
++    slot->isPresentThread = PR_GetCurrentThread();
+ 
+     PZ_Unlock(slot->isPresentLock);
+ 
+@@ -257,7 +263,7 @@ done:
+         slot->lastTokenPingTime = PR_IntervalNow();
+         slot->lastTokenPingState = nssSlotLastPingState_Valid;
+     }
+-    slot->inIsPresent = PR_FALSE;
++    slot->isPresentThread = NULL;
+     PR_NotifyAllCondVar(slot->isPresentCondition);
+     PZ_Unlock(slot->isPresentLock);
+     return isPresent;
+diff --git a/lib/dev/devt.h b/lib/dev/devt.h
+--- a/lib/dev/devt.h
++++ b/lib/dev/devt.h
+@@ -92,7 +92,7 @@ struct NSSSlotStr {
+     PK11SlotInfo *pk11slot;
+     PZLock *isPresentLock;
+     PRCondVar *isPresentCondition;
+-    PRBool inIsPresent;
++    PRThread *isPresentThread;
+ };
+ 
+ struct nssSessionStr {
+diff --git a/lib/pk11wrap/dev3hack.c b/lib/pk11wrap/dev3hack.c
+--- a/lib/pk11wrap/dev3hack.c
++++ b/lib/pk11wrap/dev3hack.c
+@@ -122,7 +122,7 @@ nssSlot_CreateFromPK11SlotInfo(NSSTrustD
+     rvSlot->lock = (nss3slot->isThreadSafe) ? NULL : nss3slot->sessionLock;
+     rvSlot->isPresentLock = PZ_NewLock(nssiLockOther);
+     rvSlot->isPresentCondition = PR_NewCondVar(rvSlot->isPresentLock);
+-    rvSlot->inIsPresent = PR_FALSE;
++    rvSlot->isPresentThread = NULL;
+     rvSlot->lastTokenPingState = nssSlotLastPingState_Reset;
+     return rvSlot;
+ }
diff --git a/SOURCES/nss-increase-pkcs12-iterations.patch b/SOURCES/nss-increase-pkcs12-iterations.patch
deleted file mode 100644
index 72fedd4..0000000
--- a/SOURCES/nss-increase-pkcs12-iterations.patch
+++ /dev/null
@@ -1,26 +0,0 @@
-# HG changeset patch
-# User Kai Engert <kaie@kuix.de>
-# Date 1511356939 -3600
-#      Wed Nov 22 14:22:19 2017 +0100
-# Node ID 93109d4cbedd397f5e75a2096257f9842a0ac5a1
-# Parent  6a27e4b4c92c8c3694132b75a1a54c23688789bd
-Bug 1278071, increase number of iterations for export to PKCS #12, r=fkiefer
-
-diff --git a/lib/pkcs7/p7create.c b/lib/pkcs7/p7create.c
---- a/lib/pkcs7/p7create.c
-+++ b/lib/pkcs7/p7create.c
-@@ -18,7 +18,13 @@
- #include "secder.h"
- #include "secpkcs5.h"
- 
--const int NSS_PBE_DEFAULT_ITERATION_COUNT = 100000; /* used in p12e.c too */
-+const int NSS_PBE_DEFAULT_ITERATION_COUNT = /* used in p12e.c too */
-+#ifdef DEBUG
-+    10000
-+#else
-+    1000000
-+#endif
-+    ;
- 
- static SECStatus
- sec_pkcs7_init_content_info(SEC_PKCS7ContentInfo *cinfo, PLArenaPool *poolp,
diff --git a/SOURCES/nss-is-token-present-race.patch b/SOURCES/nss-is-token-present-race.patch
deleted file mode 100644
index 9c85f74..0000000
--- a/SOURCES/nss-is-token-present-race.patch
+++ /dev/null
@@ -1,191 +0,0 @@
-# HG changeset patch
-# User Robert Relyea <rrelyea@redhat.com>
-# Date 1516007838 -3600
-#      Mon Jan 15 10:17:18 2018 +0100
-# Node ID 33d9c969cd6548c335ce43fa8909b96ef323f670
-# Parent  db32ef3be38eb06a91babbcbb48285284d704dbd
-Bug 1054373, Crash in PK11_DoesMechanism due to race condition, r=rsleevi
-
-diff --git a/lib/dev/devslot.c b/lib/dev/devslot.c
---- a/lib/dev/devslot.c
-+++ b/lib/dev/devslot.c
-@@ -33,6 +33,8 @@ nssSlot_Destroy(
-         if (PR_ATOMIC_DECREMENT(&slot->base.refCount) == 0) {
-             PK11_FreeSlot(slot->pk11slot);
-             PZ_DestroyLock(slot->base.lock);
-+            PZ_DestroyCondVar(slot->isPresentCondition);
-+            PZ_DestroyLock(slot->isPresentLock);
-             return nssArena_Destroy(slot->base.arena);
-         }
-     }
-@@ -117,35 +119,61 @@ nssSlot_IsTokenPresent(
-     nssSession *session;
-     CK_SLOT_INFO slotInfo;
-     void *epv;
-+    PRBool isPresent = PR_FALSE;
-+
-     /* permanent slots are always present unless they're disabled */
-     if (nssSlot_IsPermanent(slot)) {
-         return !PK11_IsDisabled(slot->pk11slot);
-     }
-+
-     /* avoid repeated calls to check token status within set interval */
-+    PZ_Lock(slot->isPresentLock);
-     if (within_token_delay_period(slot)) {
--        return ((slot->ckFlags & CKF_TOKEN_PRESENT) != 0);
-+        CK_FLAGS ckFlags = slot->ckFlags;
-+        PZ_Unlock(slot->isPresentLock);
-+        return ((ckFlags & CKF_TOKEN_PRESENT) != 0);
-     }
-+    PZ_Unlock(slot->isPresentLock);
- 
--    /* First obtain the slot info */
-+    /* First obtain the slot epv before we set up the condition
-+     * variable, so we can just return if we couldn't get it. */
-     epv = slot->epv;
-     if (!epv) {
-         return PR_FALSE;
-     }
-+
-+    /* set up condition so only one thread is active in this part of the code at a time */
-+    PZ_Lock(slot->isPresentLock);
-+    while (slot->inIsPresent) {
-+        PR_WaitCondVar(slot->isPresentCondition, 0);
-+    }
-+    /* if we were one of multiple threads here, the first thread will have
-+     * given us the answer, no need to make more queries of the token. */
-+    if (within_token_delay_period(slot)) {
-+        CK_FLAGS ckFlags = slot->ckFlags;
-+        PZ_Unlock(slot->isPresentLock);
-+        return ((ckFlags & CKF_TOKEN_PRESENT) != 0);
-+    }
-+    /* this is the winning thread, block all others until we've determined
-+     * if the token is present and that it needs initialization. */
-+    slot->inIsPresent = PR_TRUE;
-+    PZ_Unlock(slot->isPresentLock);
-+
-     nssSlot_EnterMonitor(slot);
-     ckrv = CKAPI(epv)->C_GetSlotInfo(slot->slotID, &slotInfo);
-     nssSlot_ExitMonitor(slot);
-     if (ckrv != CKR_OK) {
-         slot->token->base.name[0] = 0; /* XXX */
--        slot->lastTokenPing = PR_IntervalNow();
--        return PR_FALSE;
-+        isPresent = PR_FALSE;
-+        goto done;
-     }
-     slot->ckFlags = slotInfo.flags;
-     /* check for the presence of the token */
-     if ((slot->ckFlags & CKF_TOKEN_PRESENT) == 0) {
-         if (!slot->token) {
-             /* token was never present */
--            slot->lastTokenPing = PR_IntervalNow();
--            return PR_FALSE;
-+            isPresent = PR_FALSE;
-+            goto done;
-         }
-         session = nssToken_GetDefaultSession(slot->token);
-         if (session) {
-@@ -167,15 +195,15 @@ nssSlot_IsTokenPresent(
-         slot->token->base.name[0] = 0; /* XXX */
-         /* clear the token cache */
-         nssToken_Remove(slot->token);
--        slot->lastTokenPing = PR_IntervalNow();
--        return PR_FALSE;
-+        isPresent = PR_FALSE;
-+        goto done;
-     }
-     /* token is present, use the session info to determine if the card
-      * has been removed and reinserted.
-      */
-     session = nssToken_GetDefaultSession(slot->token);
-     if (session) {
--        PRBool isPresent = PR_FALSE;
-+        PRBool tokenRemoved;
-         nssSession_EnterMonitor(session);
-         if (session->handle != CK_INVALID_SESSION) {
-             CK_SESSION_INFO sessionInfo;
-@@ -187,12 +215,12 @@ nssSlot_IsTokenPresent(
-                 session->handle = CK_INVALID_SESSION;
-             }
-         }
--        isPresent = session->handle != CK_INVALID_SESSION;
-+        tokenRemoved = (session->handle == CK_INVALID_SESSION);
-         nssSession_ExitMonitor(session);
-         /* token not removed, finished */
--        if (isPresent) {
--            slot->lastTokenPing = PR_IntervalNow();
--            return PR_TRUE;
-+        if (!tokenRemoved) {
-+            isPresent = PR_TRUE;
-+            goto done;
-         }
-     }
-     /* the token has been removed, and reinserted, or the slot contains
-@@ -203,15 +231,27 @@ nssSlot_IsTokenPresent(
-     nssToken_Remove(slot->token);
-     /* token has been removed, need to refresh with new session */
-     nssrv = nssSlot_Refresh(slot);
-+    isPresent = PR_TRUE;
-     if (nssrv != PR_SUCCESS) {
-         slot->token->base.name[0] = 0; /* XXX */
-         slot->ckFlags &= ~CKF_TOKEN_PRESENT;
--        /* TODO: insert a barrier here to avoid reordering of the assingments */
--        slot->lastTokenPing = PR_IntervalNow();
--        return PR_FALSE;
-+        isPresent = PR_FALSE;
-     }
-+done:
-+    /* Once we've set up the condition variable,
-+     * Before returning, it's necessary to:
-+     *  1) Set the lastTokenPing time so that any other threads waiting on this
-+     *     initialization and any future calls within the initialization window
-+     *     return the just-computed status.
-+     *  2) Indicate we're complete, waking up all other threads that may still
-+     *     be waiting on initialization can progress.
-+     */
-+    PZ_Lock(slot->isPresentLock);
-     slot->lastTokenPing = PR_IntervalNow();
--    return PR_TRUE;
-+    slot->inIsPresent = PR_FALSE;
-+    PR_NotifyAllCondVar(slot->isPresentCondition);
-+    PZ_Unlock(slot->isPresentLock);
-+    return isPresent;
- }
- 
- NSS_IMPLEMENT void *
-@@ -229,7 +269,7 @@ nssSlot_GetToken(
- 
-     if (nssSlot_IsTokenPresent(slot)) {
-         /* Even if a token should be present, check `slot->token` too as it
--	 * might be gone already. This would happen mostly on shutdown. */
-+         * might be gone already. This would happen mostly on shutdown. */
-         nssSlot_EnterMonitor(slot);
-         if (slot->token)
-             rvToken = nssToken_AddRef(slot->token);
-diff --git a/lib/dev/devt.h b/lib/dev/devt.h
---- a/lib/dev/devt.h
-+++ b/lib/dev/devt.h
-@@ -81,6 +81,9 @@ struct NSSSlotStr {
-     PZLock *lock;
-     void *epv;
-     PK11SlotInfo *pk11slot;
-+    PZLock *isPresentLock;
-+    PRCondVar *isPresentCondition;
-+    PRBool inIsPresent;
- };
- 
- struct nssSessionStr {
-diff --git a/lib/pk11wrap/dev3hack.c b/lib/pk11wrap/dev3hack.c
---- a/lib/pk11wrap/dev3hack.c
-+++ b/lib/pk11wrap/dev3hack.c
-@@ -120,6 +120,9 @@ nssSlot_CreateFromPK11SlotInfo(NSSTrustD
-     /* Grab the slot name from the PKCS#11 fixed-length buffer */
-     rvSlot->base.name = nssUTF8_Duplicate(nss3slot->slot_name, td->arena);
-     rvSlot->lock = (nss3slot->isThreadSafe) ? NULL : nss3slot->sessionLock;
-+    rvSlot->isPresentLock = PZ_NewLock(nssiLockOther);
-+    rvSlot->isPresentCondition = PR_NewCondVar(rvSlot->isPresentLock);
-+    rvSlot->inIsPresent = PR_FALSE;
-     return rvSlot;
- }
- 
diff --git a/SOURCES/nss-lockcert-api-change.patch b/SOURCES/nss-lockcert-api-change.patch
new file mode 100644
index 0000000..0eba9a4
--- /dev/null
+++ b/SOURCES/nss-lockcert-api-change.patch
@@ -0,0 +1,68 @@
+# HG changeset patch
+# User Franziskus Kiefer <franziskuskiefer@gmail.com>
+# Date 1486546862 -3600
+#      Wed Feb 08 10:41:02 2017 +0100
+# Node ID 896e3eb3a79933a51886949c7adb67ef37b721c0
+# Parent  a8d77070526320ad0edc7ba164ce97f10c4f7d94
+Bug 1278965 - tsan race in CERTCertificate, r=wtc,ttaubert
+
+diff --git a/lib/certdb/cert.h b/lib/certdb/cert.h
+--- a/lib/certdb/cert.h
++++ b/lib/certdb/cert.h
+@@ -1405,24 +1405,11 @@ void CERT_SetStatusConfig(CERTCertDBHand
+ void CERT_LockCertRefCount(CERTCertificate *cert);
+ 
+ /*
+- * Free the cert reference count lock
++ * Release the cert reference count lock
+  */
+ void CERT_UnlockCertRefCount(CERTCertificate *cert);
+ 
+ /*
+- * Acquire the cert trust lock
+- * There is currently one global lock for all certs, but I'm putting a cert
+- * arg here so that it will be easy to make it per-cert in the future if
+- * that turns out to be necessary.
+- */
+-void CERT_LockCertTrust(const CERTCertificate *cert);
+-
+-/*
+- * Free the cert trust lock
+- */
+-void CERT_UnlockCertTrust(const CERTCertificate *cert);
+-
+-/*
+  * Digest the cert's subject public key using the specified algorithm.
+  * NOTE: this digests the value of the BIT STRING subjectPublicKey (excluding
+  * the tag, length, and number of unused bits) rather than the whole
+diff --git a/lib/certdb/certi.h b/lib/certdb/certi.h
+--- a/lib/certdb/certi.h
++++ b/lib/certdb/certi.h
+@@ -378,14 +378,27 @@ PRUint32 cert_CountDNSPatterns(CERTGener
+ SECStatus cert_CheckLeafTrust(CERTCertificate* cert, SECCertUsage usage,
+                               unsigned int* failedFlags, PRBool* isTrusted);
+ 
+ /*
+  * Acquire the cert temp/perm lock
+  */
+ void CERT_LockCertTempPerm(const CERTCertificate* cert);
+ 
+ /*
+  * Release the temp/perm lock
+  */
+ void CERT_UnlockCertTempPerm(const CERTCertificate* cert);
+ 
++/*
++ * Acquire the cert trust lock
++ * There is currently one global lock for all certs, but I'm putting a cert
++ * arg here so that it will be easy to make it per-cert in the future if
++ * that turns out to be necessary.
++ */
++void CERT_LockCertTrust(const CERTCertificate* cert);
++
++/*
++ * Release the cert trust lock
++ */
++void CERT_UnlockCertTrust(const CERTCertificate* cert);
++
+ #endif /* _CERTI_H_ */
diff --git a/SOURCES/nss-modutil-skip-changepw-fips.patch b/SOURCES/nss-modutil-skip-changepw-fips.patch
new file mode 100644
index 0000000..9ed2983
--- /dev/null
+++ b/SOURCES/nss-modutil-skip-changepw-fips.patch
@@ -0,0 +1,22 @@
+# HG changeset patch
+# User Daiki Ueno <dueno@redhat.com>
+# Date 1523546409 -7200
+#      Thu Apr 12 17:20:09 2018 +0200
+# Node ID 919e116728f29263c17ec31716ac2bd04c10e9ca
+# Parent  2eefd697d661efb82a77c84d893e6fbceefdf458
+Bug 1453408, modutil -changepw fails in FIPS mode if password is an empty string
+
+diff --git a/cmd/modutil/pk11.c b/cmd/modutil/pk11.c
+--- a/cmd/modutil/pk11.c
++++ b/cmd/modutil/pk11.c
+@@ -764,6 +764,10 @@ ChangePW(char *tokenName, char *pwFile, 
+             ret = CHANGEPW_FAILED_ERR;
+             goto loser;
+         }
++    } else if (PK11_IsFIPS() && *newpw == '\0' && PK11_CheckUserPassword(slot, newpw) == SECSuccess) {
++        /* Workaround to suppress harmless error in FIPS mode:
++         * When explicitly setting empty password while the old
++         * password is also empty, skip */
+     } else {
+         if (PK11_ChangePW(slot, oldpw, newpw) != SECSuccess) {
+             PR_fprintf(PR_STDERR, errStrings[CHANGEPW_FAILED_ERR], tokenName);
diff --git a/SOURCES/nss-modutil-suppress-password.patch b/SOURCES/nss-modutil-suppress-password.patch
deleted file mode 100644
index 160f995..0000000
--- a/SOURCES/nss-modutil-suppress-password.patch
+++ /dev/null
@@ -1,20 +0,0 @@
-# HG changeset patch
-# User Daiki Ueno <dueno@redhat.com>
-# Date 1510244757 -3600
-#      Thu Nov 09 17:25:57 2017 +0100
-# Node ID 523734e69b5cdd7c2c9047e705e858da352a3b24
-# Parent  54be8a4501d454b2b7454e4a44ea013738e0b693
-Bug 1415847, modutil: Suppress unnecessary password prompt, r=kaie
-
-diff --git a/cmd/modutil/pk11.c b/cmd/modutil/pk11.c
---- a/cmd/modutil/pk11.c
-+++ b/cmd/modutil/pk11.c
-@@ -728,7 +728,7 @@ ChangePW(char *tokenName, char *pwFile, 
-                 ret = BAD_PW_ERR;
-                 goto loser;
-             }
--        } else {
-+        } else if (PK11_NeedLogin(slot)) {
-             for (matching = PR_FALSE; !matching;) {
-                 oldpw = SECU_GetPasswordString(NULL, "Enter old password: ");
-                 if (PK11_CheckUserPassword(slot, oldpw) == SECSuccess) {
diff --git a/SOURCES/nss-pk12util-faulty-aes.patch b/SOURCES/nss-pk12util-faulty-aes.patch
deleted file mode 100644
index c6d22cc..0000000
--- a/SOURCES/nss-pk12util-faulty-aes.patch
+++ /dev/null
@@ -1,43 +0,0 @@
-From 0615bf4ad6c7e07cc1b7dee4bded01fe8974ad0b Mon Sep 17 00:00:00 2001
-From: Daiki Ueno <dueno@redhat.com>
-Date: Wed, 27 Sep 2017 11:11:10 +0200
-Subject: [PATCH] pk11wrap: Add backward compatibility with faulty PBES2 AES
- schemes
-
----
- lib/pk11wrap/pk11pbe.c | 19 ++++++++++++++++++-
- 1 file changed, 18 insertions(+), 1 deletion(-)
-
-diff --git a/lib/pk11wrap/pk11pbe.c b/lib/pk11wrap/pk11pbe.c
-index bea9333f6..5f68f399e 100644
---- a/lib/pk11wrap/pk11pbe.c
-+++ b/lib/pk11wrap/pk11pbe.c
-@@ -367,7 +367,24 @@ sec_pkcs5v2_key_length(SECAlgorithmID *algid, SECAlgorithmID *cipherAlgId)
-         cipherAlg = SECOID_GetAlgorithmTag(cipherAlgId);
- 
-     if (sec_pkcs5_is_algorithm_v2_aes_algorithm(cipherAlg)) {
--        length = sec_pkcs5v2_aes_key_length(cipherAlg);
-+        /* Previously, the PKCS#12 files created with the old NSS
-+         * releases encoded the maximum key size of AES (that is 32)
-+         * in the keyLength field of PBKDF2-params. That resulted in
-+         * always performing AES-256 even if AES-128-CBC or
-+         * AES-192-CBC is specified in the encryptionScheme field of
-+         * PBES2-params. This is wrong, but for compatibility reasons,
-+         * check the keyLength field and use the value if it is 32.
-+         */
-+        if (p5_param.keyLength.data != NULL) {
-+            length = DER_GetInteger(&p5_param.keyLength);
-+        }
-+        /* If the keyLength field is present and contains a value
-+         * other than 32, that means the file is created outside of
-+         * NSS, which we don't care about. Note that the following
-+         * also handles the case when the field is absent. */
-+        if (length != 32) {
-+            length = sec_pkcs5v2_aes_key_length(cipherAlg);
-+        }
-     } else if (p5_param.keyLength.data != NULL) {
-         length = DER_GetInteger(&p5_param.keyLength);
-     } else {
--- 
-2.13.5
-
diff --git a/SOURCES/nss-pkcs12-iterations-limit.patch b/SOURCES/nss-pkcs12-iterations-limit.patch
new file mode 100644
index 0000000..8b035b8
--- /dev/null
+++ b/SOURCES/nss-pkcs12-iterations-limit.patch
@@ -0,0 +1,24 @@
+# HG changeset patch
+# User J.C. Jones <jjones@mozilla.com>
+# Date 1521824312 25200
+#      Fri Mar 23 09:58:32 2018 -0700
+# Branch NSS_3_36_BRANCH
+# Node ID ba3f1cc8a8e644ee6f8a763624d97e987816304d
+# Parent  2355c9e3bba477c947a09a2fe8b1ed8971fab1cb
+Bug 1278071 - Limit iterations for PKCS #12 export for Windows r=kaie
+
+Per Bug 1436873, Windows is limited on importing PKCS12 files of 600k rounds
+or less. So for compatibility's sake, let's limit there, too.
+
+diff --git a/lib/pkcs7/p7create.c b/lib/pkcs7/p7create.c
+--- a/lib/pkcs7/p7create.c
++++ b/lib/pkcs7/p7create.c
+@@ -22,7 +22,7 @@ const int NSS_PBE_DEFAULT_ITERATION_COUN
+ #ifdef DEBUG
+     10000
+ #else
+-    1000000
++    600000
+ #endif
+     ;
+ 
diff --git a/SOURCES/nss-pss-fixes.patch b/SOURCES/nss-pss-fixes.patch
deleted file mode 100644
index 964e792..0000000
--- a/SOURCES/nss-pss-fixes.patch
+++ /dev/null
@@ -1,649 +0,0 @@
-# HG changeset patch
-# User Daiki Ueno <dueno@redhat.com>
-# Date 1510136005 -3600
-#      Wed Nov 08 11:13:25 2017 +0100
-# Node ID 6da6e699fa02bbf1763acba4176f994c6a5ddf62
-# Parent  d515199921dd703087f7e0e03eb71058a015934d
-Bug 1415171, Fix handling of default RSA-PSS parameters, r=mt
-
-Reviewers: mt, rrelyea
-
-Reviewed By: mt
-
-Bug #: 1415171
-
-Differential Revision: https://phabricator.services.mozilla.com/D202
-
-diff --git a/cmd/lib/secutil.c b/cmd/lib/secutil.c
---- a/cmd/lib/secutil.c
-+++ b/cmd/lib/secutil.c
-@@ -1192,7 +1192,7 @@ secu_PrintRSAPSSParams(FILE *out, SECIte
-             SECU_Indent(out, level + 1);
-             fprintf(out, "Salt length: default, %i (0x%2X)\n", 20, 20);
-         } else {
--            SECU_PrintInteger(out, &param.saltLength, "Salt Length", level + 1);
-+            SECU_PrintInteger(out, &param.saltLength, "Salt length", level + 1);
-         }
-     } else {
-         SECU_Indent(out, level + 1);
-diff --git a/lib/cryptohi/seckey.c b/lib/cryptohi/seckey.c
---- a/lib/cryptohi/seckey.c
-+++ b/lib/cryptohi/seckey.c
-@@ -2056,9 +2056,13 @@ sec_RSAPSSParamsToMechanism(CK_RSA_PKCS_
-         mech->mgf = CKG_MGF1_SHA1; /* default, MGF1 with SHA-1 */
-     }
- 
--    rv = SEC_ASN1DecodeInteger((SECItem *)&params->saltLength, &saltLength);
--    if (rv != SECSuccess) {
--        return rv;
-+    if (params->saltLength.data) {
-+        rv = SEC_ASN1DecodeInteger((SECItem *)&params->saltLength, &saltLength);
-+        if (rv != SECSuccess) {
-+            return rv;
-+        }
-+    } else {
-+        saltLength = 20; /* default, 20 */
-     }
-     mech->sLen = saltLength;
- 
-diff --git a/lib/cryptohi/secsign.c b/lib/cryptohi/secsign.c
---- a/lib/cryptohi/secsign.c
-+++ b/lib/cryptohi/secsign.c
-@@ -610,6 +610,7 @@ sec_CreateRSAPSSParameters(PLArenaPool *
-     SECKEYRSAPSSParams pssParams;
-     int modBytes, hashLength;
-     unsigned long saltLength;
-+    PRBool defaultSHA1 = PR_FALSE;
-     SECStatus rv;
- 
-     if (key->keyType != rsaKey && key->keyType != rsaPssKey) {
-@@ -631,6 +632,7 @@ sec_CreateRSAPSSParameters(PLArenaPool *
-         if (rv != SECSuccess) {
-             return NULL;
-         }
-+        defaultSHA1 = PR_TRUE;
-     }
- 
-     if (pssParams.trailerField.data) {
-@@ -652,15 +654,23 @@ sec_CreateRSAPSSParameters(PLArenaPool *
-     /* Determine the hash algorithm to use, based on hashAlgTag and
-      * pssParams.hashAlg; there are four cases */
-     if (hashAlgTag != SEC_OID_UNKNOWN) {
-+        SECOidTag tag = SEC_OID_UNKNOWN;
-+
-         if (pssParams.hashAlg) {
--            if (SECOID_GetAlgorithmTag(pssParams.hashAlg) != hashAlgTag) {
--                PORT_SetError(SEC_ERROR_INVALID_ARGS);
--                return NULL;
--            }
-+            tag = SECOID_GetAlgorithmTag(pssParams.hashAlg);
-+        } else if (defaultSHA1) {
-+            tag = SEC_OID_SHA1;
-+        }
-+
-+        if (tag != SEC_OID_UNKNOWN && tag != hashAlgTag) {
-+            PORT_SetError(SEC_ERROR_INVALID_ARGS);
-+            return NULL;
-         }
-     } else if (hashAlgTag == SEC_OID_UNKNOWN) {
-         if (pssParams.hashAlg) {
-             hashAlgTag = SECOID_GetAlgorithmTag(pssParams.hashAlg);
-+        } else if (defaultSHA1) {
-+            hashAlgTag = SEC_OID_SHA1;
-         } else {
-             /* Find a suitable hash algorithm based on the NIST recommendation */
-             if (modBytes <= 384) { /* 128, in NIST 800-57, Part 1 */
-@@ -709,6 +719,11 @@ sec_CreateRSAPSSParameters(PLArenaPool *
-             PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
-             return NULL;
-         }
-+    } else if (defaultSHA1) {
-+        if (hashAlgTag != SEC_OID_SHA1) {
-+            PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
-+            return NULL;
-+        }
-     }
- 
-     hashLength = HASH_ResultLenByOidTag(hashAlgTag);
-@@ -725,6 +740,8 @@ sec_CreateRSAPSSParameters(PLArenaPool *
-             PORT_SetError(SEC_ERROR_INVALID_ARGS);
-             return NULL;
-         }
-+    } else if (defaultSHA1) {
-+        saltLength = 20;
-     }
- 
-     /* Fill in the parameters */
-diff --git a/tests/cert/cert.sh b/tests/cert/cert.sh
---- a/tests/cert/cert.sh
-+++ b/tests/cert/cert.sh
-@@ -516,6 +516,9 @@ cert_all_CA()
- 	cert_rsa_pss_CA $CADIR TestCA-rsa-pss -x "CTu,CTu,CTu" ${D_CA} "1" SHA256
- 	rm $CLIENT_CADIR/rsapssroot.cert $SERVER_CADIR/rsapssroot.cert
- 
-+	ALL_CU_SUBJECT="CN=NSS Test CA (RSA-PSS-SHA1), O=BOGUS NSS, L=Mountain View, ST=California, C=US"
-+	cert_rsa_pss_CA $CADIR TestCA-rsa-pss-sha1 -x "CTu,CTu,CTu" ${D_CA} "1" SHA1
-+	rm $CLIENT_CADIR/rsapssroot.cert $SERVER_CADIR/rsapssroot.cert
- 
- #
- #       Create EC version of TestCA
-@@ -2054,7 +2057,7 @@ check_sign_algo()
- {
-   certu -L -n "$CERTNAME" -d "${PROFILEDIR}" -f "${R_PWFILE}" | \
-       sed -n '/^ *Data:/,/^$/{
--/^        Signature Algorithm/,/^ *Salt Length/s/^        //p
-+/^        Signature Algorithm/,/^ *Salt length/s/^        //p
- }' > ${TMP}/signalgo.txt
- 
-   diff ${TMP}/signalgo.exp ${TMP}/signalgo.txt
-@@ -2088,6 +2091,12 @@ cert_test_rsapss()
-   CU_ACTION="Verify RSA-PSS CA Cert"
-   certu -V -u L -e -n "TestCA-rsa-pss" -d "${PROFILEDIR}" -f "${R_PWFILE}"
- 
-+  CU_ACTION="Import RSA-PSS CA Cert (SHA1)"
-+  certu -A -n "TestCA-rsa-pss-sha1" -t "C,," -d "${PROFILEDIR}" -f "${R_PWFILE}" \
-+        -i "${R_CADIR}/TestCA-rsa-pss-sha1.ca.cert" 2>&1
-+
-+  CERTSERIAL=200
-+
-   # Subject certificate: RSA
-   # Issuer certificate: RSA
-   # Signature: RSA-PSS (explicit, with --pss-sign)
-@@ -2098,7 +2107,7 @@ cert_test_rsapss()
-   certu -R -d "${PROFILEDIR}" -f "${R_PWFILE}" -z "${R_NOISE_FILE}" -o req  2>&1
- 
-   CU_ACTION="Sign ${CERTNAME}'s Request"
--  certu -C -c "TestCA" --pss-sign -m 200 -v 60 -d "${P_R_CADIR}" \
-+  certu -C -c "TestCA" --pss-sign -m "${CERTSERIAL}" -v 60 -d "${P_R_CADIR}" \
-         -i req -o "${CERTNAME}.cert" -f "${R_PWFILE}" "$1" 2>&1
- 
-   CU_ACTION="Import $CERTNAME's Cert"
-@@ -2113,10 +2122,12 @@ Signature Algorithm: PKCS #1 RSA-PSS Sig
-         Hash algorithm: SHA-256
-         Mask algorithm: PKCS #1 MGF1 Mask Generation Function
-         Mask hash algorithm: SHA-256
--        Salt Length: 32 (0x20)
-+        Salt length: 32 (0x20)
- EOF
-   check_sign_algo
- 
-+  CERTSERIAL=`expr $CERTSERIAL + 1`
-+
-   # Subject certificate: RSA
-   # Issuer certificate: RSA
-   # Signature: RSA-PSS (explict, with --pss-sign -Z SHA512)
-@@ -2127,7 +2138,7 @@ EOF
-   certu -R -d "${PROFILEDIR}" -f "${R_PWFILE}" -z "${R_NOISE_FILE}" -o req  2>&1
- 
-   CU_ACTION="Sign ${CERTNAME}'s Request"
--  certu -C -c "TestCA" --pss-sign -Z SHA512 -m 201 -v 60 -d "${P_R_CADIR}" \
-+  certu -C -c "TestCA" --pss-sign -Z SHA512 -m "${CERTSERIAL}" -v 60 -d "${P_R_CADIR}" \
-         -i req -o "${CERTNAME}.cert" -f "${R_PWFILE}" "$1" 2>&1
- 
-   CU_ACTION="Import $CERTNAME's Cert"
-@@ -2142,10 +2153,12 @@ Signature Algorithm: PKCS #1 RSA-PSS Sig
-         Hash algorithm: SHA-512
-         Mask algorithm: PKCS #1 MGF1 Mask Generation Function
-         Mask hash algorithm: SHA-512
--        Salt Length: 64 (0x40)
-+        Salt length: 64 (0x40)
- EOF
-   check_sign_algo
- 
-+  CERTSERIAL=`expr $CERTSERIAL + 1`
-+
-   # Subject certificate: RSA
-   # Issuer certificate: RSA-PSS
-   # Signature: RSA-PSS
-@@ -2156,7 +2169,69 @@ EOF
-   certu -R -d "${PROFILEDIR}" -f "${R_PWFILE}" -z "${R_NOISE_FILE}" -o req  2>&1
- 
-   CU_ACTION="Sign ${CERTNAME}'s Request"
--  certu -C -c "TestCA-rsa-pss" -m 202 -v 60 -d "${P_R_CADIR}" \
-+  certu -C -c "TestCA-rsa-pss" -m "${CERTSERIAL}" -v 60 -d "${P_R_CADIR}" \
-+        -i req -o "${CERTNAME}.cert" -f "${R_PWFILE}" "$1" 2>&1
-+
-+  CU_ACTION="Import $CERTNAME's Cert"
-+  certu -A -n "$CERTNAME" -t ",," -d "${PROFILEDIR}" -f "${R_PWFILE}" \
-+        -i "${CERTNAME}.cert" 2>&1
-+
-+  CU_ACTION="Verify $CERTNAME's Cert"
-+  certu -V -u V -e -n "$CERTNAME" -d "${PROFILEDIR}" -f "${R_PWFILE}"
-+  cat > ${TMP}/signalgo.exp <<EOF
-+Signature Algorithm: PKCS #1 RSA-PSS Signature
-+    Parameters:
-+        Hash algorithm: SHA-256
-+        Mask algorithm: PKCS #1 MGF1 Mask Generation Function
-+        Mask hash algorithm: SHA-256
-+        Salt length: 32 (0x20)
-+EOF
-+  check_sign_algo
-+
-+  CERTSERIAL=`expr $CERTSERIAL + 1`
-+
-+  # Subject certificate: RSA-PSS
-+  # Issuer certificate: RSA
-+  # Signature: RSA-PSS (explicit, with --pss-sign)
-+  CERTNAME="TestUser-rsa-pss4"
-+
-+  CU_ACTION="Generate Cert Request for $CERTNAME"
-+  CU_SUBJECT="CN=$CERTNAME, E=${CERTNAME}@bogus.com, O=BOGUS NSS, L=Mountain View, ST=California, C=US"
-+  certu -R -d "${PROFILEDIR}" -f "${R_PWFILE}" -z "${R_NOISE_FILE}" --pss -o req  2>&1
-+
-+  CU_ACTION="Sign ${CERTNAME}'s Request"
-+  certu -C -c "TestCA" --pss-sign -m "${CERTSERIAL}" -v 60 -d "${P_R_CADIR}" \
-+        -i req -o "${CERTNAME}.cert" -f "${R_PWFILE}" "$1" 2>&1
-+
-+  CU_ACTION="Import $CERTNAME's Cert"
-+  certu -A -n "$CERTNAME" -t ",," -d "${PROFILEDIR}" -f "${R_PWFILE}" \
-+        -i "${CERTNAME}.cert" 2>&1
-+
-+  CU_ACTION="Verify $CERTNAME's Cert"
-+  certu -V -u V -e -n "$CERTNAME" -d "${PROFILEDIR}" -f "${R_PWFILE}"
-+  cat > ${TMP}/signalgo.exp <<EOF
-+Signature Algorithm: PKCS #1 RSA-PSS Signature
-+    Parameters:
-+        Hash algorithm: SHA-256
-+        Mask algorithm: PKCS #1 MGF1 Mask Generation Function
-+        Mask hash algorithm: SHA-256
-+        Salt length: 32 (0x20)
-+EOF
-+  check_sign_algo
-+
-+  CERTSERIAL=`expr $CERTSERIAL + 1`
-+
-+  # Subject certificate: RSA-PSS
-+  # Issuer certificate: RSA-PSS
-+  # Signature: RSA-PSS (explicit, with --pss-sign)
-+  CERTNAME="TestUser-rsa-pss5"
-+
-+  CU_ACTION="Generate Cert Request for $CERTNAME"
-+  CU_SUBJECT="CN=$CERTNAME, E=${CERTNAME}@bogus.com, O=BOGUS NSS, L=Mountain View, ST=California, C=US"
-+  certu -R -d "${PROFILEDIR}" -f "${R_PWFILE}" -z "${R_NOISE_FILE}" --pss -o req  2>&1
-+
-+  CU_ACTION="Sign ${CERTNAME}'s Request"
-+  certu -C -c "TestCA-rsa-pss" --pss-sign -m "${CERTSERIAL}" -v 60 -d "${P_R_CADIR}" \
-         -i req -o "${CERTNAME}.cert" -f "${R_PWFILE}" "$1" 2>&1
- 
-   CU_ACTION="Import $CERTNAME's Cert"
-@@ -2171,21 +2246,24 @@ Signature Algorithm: PKCS #1 RSA-PSS Sig
-         Hash algorithm: SHA-256
-         Mask algorithm: PKCS #1 MGF1 Mask Generation Function
-         Mask hash algorithm: SHA-256
--        Salt Length: 32 (0x20)
-+        Salt length: 32 (0x20)
- EOF
-   check_sign_algo
- 
-+  CERTSERIAL=`expr $CERTSERIAL + 1`
-+
-   # Subject certificate: RSA-PSS
--  # Issuer certificate: RSA
--  # Signature: RSA-PSS (explicit, with --pss-sign)
--  CERTNAME="TestUser-rsa-pss4"
-+  # Issuer certificate: RSA-PSS
-+  # Signature: RSA-PSS (implicit, without --pss-sign)
-+  CERTNAME="TestUser-rsa-pss6"
- 
-   CU_ACTION="Generate Cert Request for $CERTNAME"
-   CU_SUBJECT="CN=$CERTNAME, E=${CERTNAME}@bogus.com, O=BOGUS NSS, L=Mountain View, ST=California, C=US"
-   certu -R -d "${PROFILEDIR}" -f "${R_PWFILE}" -z "${R_NOISE_FILE}" --pss -o req  2>&1
- 
-   CU_ACTION="Sign ${CERTNAME}'s Request"
--  certu -C -c "TestCA" --pss-sign -m 203 -v 60 -d "${P_R_CADIR}" \
-+  # Sign without --pss-sign nor -Z option
-+  certu -C -c "TestCA-rsa-pss" -m "${CERTSERIAL}" -v 60 -d "${P_R_CADIR}" \
-         -i req -o "${CERTNAME}.cert" -f "${R_PWFILE}" "$1" 2>&1
- 
-   CU_ACTION="Import $CERTNAME's Cert"
-@@ -2200,21 +2278,40 @@ Signature Algorithm: PKCS #1 RSA-PSS Sig
-         Hash algorithm: SHA-256
-         Mask algorithm: PKCS #1 MGF1 Mask Generation Function
-         Mask hash algorithm: SHA-256
--        Salt Length: 32 (0x20)
-+        Salt length: 32 (0x20)
- EOF
-   check_sign_algo
- 
-+  CERTSERIAL=`expr $CERTSERIAL + 1`
-+
-   # Subject certificate: RSA-PSS
-   # Issuer certificate: RSA-PSS
--  # Signature: RSA-PSS (explicit, with --pss-sign)
--  CERTNAME="TestUser-rsa-pss5"
-+  # Signature: RSA-PSS (with conflicting hash algorithm)
-+  CERTNAME="TestUser-rsa-pss7"
- 
-   CU_ACTION="Generate Cert Request for $CERTNAME"
-   CU_SUBJECT="CN=$CERTNAME, E=${CERTNAME}@bogus.com, O=BOGUS NSS, L=Mountain View, ST=California, C=US"
-   certu -R -d "${PROFILEDIR}" -f "${R_PWFILE}" -z "${R_NOISE_FILE}" --pss -o req  2>&1
- 
-   CU_ACTION="Sign ${CERTNAME}'s Request"
--  certu -C -c "TestCA-rsa-pss" --pss-sign -m 204 -v 60 -d "${P_R_CADIR}" \
-+  RETEXPECTED=255
-+  certu -C -c "TestCA-rsa-pss" --pss-sign -Z SHA512 -m "${CERTSERIAL}" -v 60 -d "${P_R_CADIR}" \
-+        -i req -o "${CERTNAME}.cert" -f "${R_PWFILE}" "$1" 2>&1
-+  RETEXPECTED=0
-+
-+  CERTSERIAL=`expr $CERTSERIAL + 1`
-+
-+  # Subject certificate: RSA-PSS
-+  # Issuer certificate: RSA-PSS
-+  # Signature: RSA-PSS (with compatible hash algorithm)
-+  CERTNAME="TestUser-rsa-pss8"
-+
-+  CU_ACTION="Generate Cert Request for $CERTNAME"
-+  CU_SUBJECT="CN=$CERTNAME, E=${CERTNAME}@bogus.com, O=BOGUS NSS, L=Mountain View, ST=California, C=US"
-+  certu -R -d "${PROFILEDIR}" -f "${R_PWFILE}" -z "${R_NOISE_FILE}" --pss -o req  2>&1
-+
-+  CU_ACTION="Sign ${CERTNAME}'s Request"
-+  certu -C -c "TestCA-rsa-pss" --pss-sign -Z SHA256 -m "${CERTSERIAL}" -v 60 -d "${P_R_CADIR}" \
-         -i req -o "${CERTNAME}.cert" -f "${R_PWFILE}" "$1" 2>&1
- 
-   CU_ACTION="Import $CERTNAME's Cert"
-@@ -2229,21 +2326,23 @@ Signature Algorithm: PKCS #1 RSA-PSS Sig
-         Hash algorithm: SHA-256
-         Mask algorithm: PKCS #1 MGF1 Mask Generation Function
-         Mask hash algorithm: SHA-256
--        Salt Length: 32 (0x20)
-+        Salt length: 32 (0x20)
- EOF
-   check_sign_algo
- 
--  # Subject certificate: RSA-PSS
--  # Issuer certificate: RSA-PSS
--  # Signature: RSA-PSS (implicit, without --pss-sign)
--  CERTNAME="TestUser-rsa-pss6"
-+  CERTSERIAL=`expr $CERTSERIAL + 1`
-+
-+  # Subject certificate: RSA
-+  # Issuer certificate: RSA
-+  # Signature: RSA-PSS (explict, with --pss-sign -Z SHA1)
-+  CERTNAME="TestUser-rsa-pss9"
- 
-   CU_ACTION="Generate Cert Request for $CERTNAME"
-   CU_SUBJECT="CN=$CERTNAME, E=${CERTNAME}@bogus.com, O=BOGUS NSS, L=Mountain View, ST=California, C=US"
--  certu -R -d "${PROFILEDIR}" -f "${R_PWFILE}" -z "${R_NOISE_FILE}" --pss -o req  2>&1
-+  certu -R -d "${PROFILEDIR}" -f "${R_PWFILE}" -z "${R_NOISE_FILE}" -o req  2>&1
- 
-   CU_ACTION="Sign ${CERTNAME}'s Request"
--  certu -C -c "TestCA-rsa-pss" -m 205 -v 60 -d "${P_R_CADIR}" \
-+  certu -C -c "TestCA" --pss-sign -Z SHA1 -m "${CERTSERIAL}" -v 60 -d "${P_R_CADIR}" \
-         -i req -o "${CERTNAME}.cert" -f "${R_PWFILE}" "$1" 2>&1
- 
-   CU_ACTION="Import $CERTNAME's Cert"
-@@ -2255,39 +2354,27 @@ EOF
-   cat > ${TMP}/signalgo.exp <<EOF
- Signature Algorithm: PKCS #1 RSA-PSS Signature
-     Parameters:
--        Hash algorithm: SHA-256
--        Mask algorithm: PKCS #1 MGF1 Mask Generation Function
--        Mask hash algorithm: SHA-256
--        Salt Length: 32 (0x20)
-+        Hash algorithm: default, SHA-1
-+        Mask algorithm: default, MGF1
-+        Mask hash algorithm: default, SHA-1
-+        Salt length: default, 20 (0x14)
- EOF
-   check_sign_algo
- 
-+  CERTSERIAL=`expr $CERTSERIAL + 1`
-+
-   # Subject certificate: RSA-PSS
-   # Issuer certificate: RSA-PSS
--  # Signature: RSA-PSS (with conflicting hash algorithm)
--  CERTNAME="TestUser-rsa-pss7"
-+  # Signature: RSA-PSS (implicit, without --pss-sign, default parameters)
-+  CERTNAME="TestUser-rsa-pss10"
- 
-   CU_ACTION="Generate Cert Request for $CERTNAME"
-   CU_SUBJECT="CN=$CERTNAME, E=${CERTNAME}@bogus.com, O=BOGUS NSS, L=Mountain View, ST=California, C=US"
--  certu -R -d "${PROFILEDIR}" -f "${R_PWFILE}" -z "${R_NOISE_FILE}" --pss -o req  2>&1
-+  certu -R -d "${PROFILEDIR}" -f "${R_PWFILE}" -z "${R_NOISE_FILE}" -o req  2>&1
- 
-   CU_ACTION="Sign ${CERTNAME}'s Request"
--  RETEXPECTED=255
--  certu -C -c "TestCA-rsa-pss" --pss-sign -Z SHA512 -m 206 -v 60 -d "${P_R_CADIR}" \
--        -i req -o "${CERTNAME}.cert" -f "${R_PWFILE}" "$1" 2>&1
--  RETEXPECTED=0
--
--  # Subject certificate: RSA-PSS
--  # Issuer certificate: RSA-PSS
--  # Signature: RSA-PSS (with compatible hash algorithm)
--  CERTNAME="TestUser-rsa-pss8"
--
--  CU_ACTION="Generate Cert Request for $CERTNAME"
--  CU_SUBJECT="CN=$CERTNAME, E=${CERTNAME}@bogus.com, O=BOGUS NSS, L=Mountain View, ST=California, C=US"
--  certu -R -d "${PROFILEDIR}" -f "${R_PWFILE}" -z "${R_NOISE_FILE}" --pss -o req  2>&1
--
--  CU_ACTION="Sign ${CERTNAME}'s Request"
--  certu -C -c "TestCA-rsa-pss" --pss-sign -Z SHA256 -m 207 -v 60 -d "${P_R_CADIR}" \
-+  # Sign without --pss-sign nor -Z option
-+  certu -C -c "TestCA-rsa-pss-sha1" -m "${CERTSERIAL}" -v 60 -d "${P_R_CADIR}" \
-         -i req -o "${CERTNAME}.cert" -f "${R_PWFILE}" "$1" 2>&1
- 
-   CU_ACTION="Import $CERTNAME's Cert"
-@@ -2299,12 +2386,29 @@ EOF
-   cat > ${TMP}/signalgo.exp <<EOF
- Signature Algorithm: PKCS #1 RSA-PSS Signature
-     Parameters:
--        Hash algorithm: SHA-256
--        Mask algorithm: PKCS #1 MGF1 Mask Generation Function
--        Mask hash algorithm: SHA-256
--        Salt Length: 32 (0x20)
-+        Hash algorithm: default, SHA-1
-+        Mask algorithm: default, MGF1
-+        Mask hash algorithm: default, SHA-1
-+        Salt length: default, 20 (0x14)
- EOF
-   check_sign_algo
-+
-+  CERTSERIAL=`expr $CERTSERIAL + 1`
-+
-+  # Subject certificate: RSA-PSS
-+  # Issuer certificate: RSA-PSS
-+  # Signature: RSA-PSS (with conflicting hash algorithm, default parameters)
-+  CERTNAME="TestUser-rsa-pss11"
-+
-+  CU_ACTION="Generate Cert Request for $CERTNAME"
-+  CU_SUBJECT="CN=$CERTNAME, E=${CERTNAME}@bogus.com, O=BOGUS NSS, L=Mountain View, ST=California, C=US"
-+  certu -R -d "${PROFILEDIR}" -f "${R_PWFILE}" -z "${R_NOISE_FILE}" --pss -o req  2>&1
-+
-+  CU_ACTION="Sign ${CERTNAME}'s Request"
-+  RETEXPECTED=255
-+  certu -C -c "TestCA-rsa-pss-sha1" --pss-sign -Z SHA256 -m "${CERTSERIAL}" -v 60 -d "${P_R_CADIR}" \
-+        -i req -o "${CERTNAME}.cert" -f "${R_PWFILE}" "$1" 2>&1
-+  RETEXPECTED=0
- }
- 
- ############################## cert_cleanup ############################
-# HG changeset patch
-# User Daiki Ueno <dueno@redhat.com>
-# Date 1514884761 -3600
-#      Tue Jan 02 10:19:21 2018 +0100
-# Node ID 5a14f42384eb22b67e0465949c03555eff41e4af
-# Parent  e577b1df8dabb31466cebad07fdbe0883290bede
-Bug 1423557, cryptohi: make RSA-PSS parameter check stricter, r=mt
-
-Summary: This adds a check on unsupported hash/mask algorithms and invalid trailer field, when converting SECKEYRSAPSSParams to CK_RSA_PKCS_PSS_PARAMS for both signing and verification.  It also add missing support for SHA224 as underlying hash algorithm.
-
-Reviewers: mt
-
-Reviewed By: mt
-
-Bug #: 1423557
-
-Differential Revision: https://phabricator.services.mozilla.com/D322
-
-diff --git a/lib/cryptohi/seckey.c b/lib/cryptohi/seckey.c
---- a/lib/cryptohi/seckey.c
-+++ b/lib/cryptohi/seckey.c
-@@ -1984,13 +1984,14 @@ sec_GetHashMechanismByOidTag(SECOidTag t
-             return CKM_SHA384;
-         case SEC_OID_SHA256:
-             return CKM_SHA256;
-+        case SEC_OID_SHA224:
-+            return CKM_SHA224;
-+        case SEC_OID_SHA1:
-+            return CKM_SHA_1;
-         default:
-             PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
--        /* fallthrough */
--        case SEC_OID_SHA1:
--            break;
-+            return CKM_INVALID_MECHANISM;
-     }
--    return CKM_SHA_1;
- }
- 
- static CK_RSA_PKCS_MGF_TYPE
-@@ -2003,13 +2004,14 @@ sec_GetMgfTypeByOidTag(SECOidTag tag)
-             return CKG_MGF1_SHA384;
-         case SEC_OID_SHA256:
-             return CKG_MGF1_SHA256;
-+        case SEC_OID_SHA224:
-+            return CKG_MGF1_SHA224;
-+        case SEC_OID_SHA1:
-+            return CKG_MGF1_SHA1;
-         default:
-             PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
--        /* fallthrough */
--        case SEC_OID_SHA1:
--            break;
-+            return 0;
-     }
--    return CKG_MGF1_SHA1;
- }
- 
- SECStatus
-@@ -2019,6 +2021,7 @@ sec_RSAPSSParamsToMechanism(CK_RSA_PKCS_
-     SECStatus rv = SECSuccess;
-     SECOidTag hashAlgTag;
-     unsigned long saltLength;
-+    unsigned long trailerField;
- 
-     PORT_Memset(mech, 0, sizeof(CK_RSA_PKCS_PSS_PARAMS));
- 
-@@ -2028,6 +2031,9 @@ sec_RSAPSSParamsToMechanism(CK_RSA_PKCS_
-         hashAlgTag = SEC_OID_SHA1; /* default, SHA-1 */
-     }
-     mech->hashAlg = sec_GetHashMechanismByOidTag(hashAlgTag);
-+    if (mech->hashAlg == CKM_INVALID_MECHANISM) {
-+        return SECFailure;
-+    }
- 
-     if (params->maskAlg) {
-         SECAlgorithmID maskHashAlg;
-@@ -2050,6 +2056,9 @@ sec_RSAPSSParamsToMechanism(CK_RSA_PKCS_
-         }
-         maskHashAlgTag = SECOID_GetAlgorithmTag(&maskHashAlg);
-         mech->mgf = sec_GetMgfTypeByOidTag(maskHashAlgTag);
-+        if (mech->mgf == 0) {
-+            return SECFailure;
-+        }
-     } else {
-         mech->mgf = CKG_MGF1_SHA1; /* default, MGF1 with SHA-1 */
-     }
-@@ -2064,5 +2073,18 @@ sec_RSAPSSParamsToMechanism(CK_RSA_PKCS_
-     }
-     mech->sLen = saltLength;
- 
-+    if (params->trailerField.data) {
-+        rv = SEC_ASN1DecodeInteger((SECItem *)&params->trailerField, &trailerField);
-+        if (rv != SECSuccess) {
-+            return rv;
-+        }
-+        if (trailerField != 1) {
-+            /* the value must be 1, which represents the trailer field
-+             * with hexadecimal value 0xBC */
-+            PORT_SetError(SEC_ERROR_INVALID_ARGS);
-+            return SECFailure;
-+        }
-+    }
-+
-     return rv;
- }
-diff --git a/tests/cert/TestCA-bogus-rsa-pss1.crt b/tests/cert/TestCA-bogus-rsa-pss1.crt
-new file mode 100644
---- /dev/null
-+++ b/tests/cert/TestCA-bogus-rsa-pss1.crt
-@@ -0,0 +1,26 @@
-+-----BEGIN CERTIFICATE-----
-+MIIEbDCCAxqgAwIBAgIBATBHBgkqhkiG9w0BAQowOqAPMA0GCWCGSAFlAwQCAQUA
-+oRwwGgYJKoZIhvcNAQEIMA0GCWCGSAFlAwQCAQUAogMCASCjBAICEmcwgYMxCzAJ
-+BgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1Nb3VudGFp
-+biBWaWV3MRIwEAYDVQQKEwlCT0dVUyBOU1MxMzAxBgNVBAMTKk5TUyBUZXN0IENB
-+IChSU0EtUFNTIGludmFsaWQgdHJhaWxlckZpZWxkKTAgFw0xNzEyMDcxMjU3NDBa
-+GA8yMDY3MTIwNzEyNTc0MFowgYMxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxp
-+Zm9ybmlhMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRIwEAYDVQQKEwlCT0dVUyBO
-+U1MxMzAxBgNVBAMTKk5TUyBUZXN0IENBIChSU0EtUFNTIGludmFsaWQgdHJhaWxl
-+ckZpZWxkKTCCAVwwRwYJKoZIhvcNAQEKMDqgDzANBglghkgBZQMEAgEFAKEcMBoG
-+CSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgowQCAhJnA4IBDwAwggEKAoIB
-+AQDgkKJk+PoFpESak7kMQ0w147/xilUZCG7hDGG2uuGTbX8jqy9N9pxzB9sJjgJX
-+yYND0XEmrUQ2Memmy8jufhXML5DekW1tr3Gi2L3VivbIReJZfXk1xDMvNbB/Gjjo
-+SoPyu8C4hnevjgMlmqG3KdMkB+eN6PnBG64YFyki3vnLO5iTNHEBTgFYo0gTX4uK
-+xl0hLtiDL+4K5l7BwVgxZwQF6uHoHjrjjlhkzR0FwjjqR8U0pH20Pb6IlRsFMv07
-+/1GHf+jm34pKb/1ZNzAbiKxYv7YAQUWEZ7e/GSXgA6gbTpV9ueiLkVucUeXN/mXK
-+Tqb4zivi5FaSGVl8SJnqsJXJAgMBAAGjOTA3MBQGCWCGSAGG+EIBAQEB/wQEAwIC
-+BDAPBgNVHRMECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwICBDBHBgkqhkiG9w0BAQow
-+OqAPMA0GCWCGSAFlAwQCAQUAoRwwGgYJKoZIhvcNAQEIMA0GCWCGSAFlAwQCAQUA
-+ogMCASCjBAICEmcDggEBAJht9t9p/dlhJtx7ShDvUXyq8N4tCoGKdREM83K/jlW8
-+HxdHOz5PuvZx+UMlaUtqZVIriSCnRtEWkoSo0hWmcv1rp80it2G1zLfLPYdyrPba
-+nQmE1iFb69Wr9dwrX7o/CII+WHQgoIGeFGntZ8YRZTe5+JeiGAlAyZCqUKbl9lhh
-+pCpf1YYxb3VI8mAGVi0jwabWBEbInGBZYH9HP0nK7/Tflk6UY3f4h4Fbkk5D4WZA
-+hFfkebx6Wh90QGiKQhp4/N+dYira8bKvWqqn0VqwzBoJBU/RmMaJVpwqFFvcaUJh
-+uEKUPeQbqkYvj1WJYmy4ettVwi4OZU50+kCaRQhMsFA=
-+-----END CERTIFICATE-----
-diff --git a/tests/cert/TestCA-bogus-rsa-pss2.crt b/tests/cert/TestCA-bogus-rsa-pss2.crt
-new file mode 100644
---- /dev/null
-+++ b/tests/cert/TestCA-bogus-rsa-pss2.crt
-@@ -0,0 +1,24 @@
-+-----BEGIN CERTIFICATE-----
-+MIIEFzCCAs2gAwIBAgIBATA/BgkqhkiG9w0BAQowMqAOMAwGCCqGSIb3DQIFBQCh
-+GzAZBgkqhkiG9w0BAQgwDAYIKoZIhvcNAgUFAKIDAgEgMH4xCzAJBgNVBAYTAlVT
-+MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRIw
-+EAYDVQQKEwlCT0dVUyBOU1MxLjAsBgNVBAMTJU5TUyBUZXN0IENBIChSU0EtUFNT
-+IGludmFsaWQgaGFzaEFsZykwIBcNMTcxMjA3MTQwNjQ0WhgPMjA2ODAxMDcxNDA2
-+NDRaMH4xCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQH
-+Ew1Nb3VudGFpbiBWaWV3MRIwEAYDVQQKEwlCT0dVUyBOU1MxLjAsBgNVBAMTJU5T
-+UyBUZXN0IENBIChSU0EtUFNTIGludmFsaWQgaGFzaEFsZykwggEgMAsGCSqGSIb3
-+DQEBCgOCAQ8AMIIBCgKCAQEAtDXA73yTOgs8zVYNMCtuQ9a07UgbfeQbjHp3pkF6
-+7rsC/Q28mrLh+zLkht5e7qU/Qf/8a2ZkcYhPOBAjCzjgIXOdE2lsWvdVujOJLR0x
-+Fesd3hDLRmL6f6momc+j1/Tw3bKyZinaeJ9BFRv9c94SayB3QUe+6+TNJKASwlhj
-+sx6mUsND+h3DkuL77gi7hIUpUXfFSwa+zM69VLhIu+/WRZfG8gfKkCAIGUC3WYJa
-+eU1HgQKfVSXW0ok4ototXWEe9ohU+Z1tO9LJStcY8mMpig7EU9zbpObhG46Sykfu
-+aKsubB9J+gFgwP5Tb85tRYT6SbHeHR6U/N8GBrKdRcomWwIDAQABozwwOjAUBglg
-+hkgBhvhCAQEBAf8EBAMCAgQwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8E
-+BAMCAgQwPwYJKoZIhvcNAQEKMDKgDjAMBggqhkiG9w0CBQUAoRswGQYJKoZIhvcN
-+AQEIMAwGCCqGSIb3DQIFBQCiAwIBIAOCAQEAjeemeTxh2xrMUJ6Z5Yn2nH2FbcPY
-+fTHJcdfXjfNBkrMl5pe2/lk0JyNuACTuTYFCxdWNRL1coN//h9DSUbF3dpF1ex6D
-+difo+6PwxkO2aPVGPYw4DSivt4SFbn5dKGgVqBQfnmNK7p/iT91AcErg/grRrNL+
-+4jeT0UiRjQYeX9xKJArv+ocIidNpQL3QYxXuBLZxVC92Af69ol7WG8QBRLnFi1p2
-+g6q8hOHqOfB29qnsSo3PkI1yuShOl50tRLbNgyotEfZdk1N3oXvapoBsm/jlcdCT
-+0aKelCSQYYAfyl5PKCpa1lgBm7zfcHSDStMhEEFu/fbnJhqO9g9znj3STQ==
-+-----END CERTIFICATE-----
-diff --git a/tests/cert/cert.sh b/tests/cert/cert.sh
---- a/tests/cert/cert.sh
-+++ b/tests/cert/cert.sh
-@@ -2095,6 +2095,20 @@ cert_test_rsapss()
-   certu -A -n "TestCA-rsa-pss-sha1" -t "C,," -d "${PROFILEDIR}" -f "${R_PWFILE}" \
-         -i "${R_CADIR}/TestCA-rsa-pss-sha1.ca.cert" 2>&1
- 
-+  CU_ACTION="Import Bogus RSA-PSS CA Cert (invalid trailerField)"
-+  certu -A -n "TestCA-bogus-rsa-pss1" -t "C,," -d "${PROFILEDIR}" -f "${R_PWFILE}" \
-+        -i "${QADIR}/cert/TestCA-bogus-rsa-pss1.crt" 2>&1
-+  RETEXPECTED=255
-+  certu -V -b 1712101010Z -n TestCA-bogus-rsa-pss1 -u L -e -d "${PROFILEDIR}" -f "${R_PWFILE}" 2>&1
-+  RETEXPECTED=0
-+
-+  CU_ACTION="Import Bogus RSA-PSS CA Cert (invalid hashAlg)"
-+  certu -A -n "TestCA-bogus-rsa-pss2" -t "C,," -d "${PROFILEDIR}" -f "${R_PWFILE}" \
-+        -i "${QADIR}/cert/TestCA-bogus-rsa-pss2.crt" 2>&1
-+  RETEXPECTED=255
-+  certu -V -b 1712101010Z -n TestCA-bogus-rsa-pss2 -u L -e -d "${PROFILEDIR}" -f "${R_PWFILE}" 2>&1
-+  RETEXPECTED=0
-+
-   CERTSERIAL=200
- 
-   # Subject certificate: RSA
diff --git a/SOURCES/nss-reorder-cipher-suites-gtests.patch b/SOURCES/nss-reorder-cipher-suites-gtests.patch
index 7a75e50..0675959 100644
--- a/SOURCES/nss-reorder-cipher-suites-gtests.patch
+++ b/SOURCES/nss-reorder-cipher-suites-gtests.patch
@@ -1,7 +1,7 @@
 diff -up nss/gtests/ssl_gtest/ssl_auth_unittest.cc.reorder-cipher-suites-gtests nss/gtests/ssl_gtest/ssl_auth_unittest.cc
---- nss/gtests/ssl_gtest/ssl_auth_unittest.cc.reorder-cipher-suites-gtests	2017-09-20 08:47:27.000000000 +0200
-+++ nss/gtests/ssl_gtest/ssl_auth_unittest.cc	2017-10-06 16:41:39.223713982 +0200
-@@ -222,7 +222,9 @@ static SSLNamedGroup NamedGroupForEcdsa3
+--- nss/gtests/ssl_gtest/ssl_auth_unittest.cc.reorder-cipher-suites-gtests	2018-03-05 16:58:32.000000000 +0100
++++ nss/gtests/ssl_gtest/ssl_auth_unittest.cc	2018-03-09 17:29:32.985313219 +0100
+@@ -231,7 +231,9 @@ static SSLNamedGroup NamedGroupForEcdsa3
    // NSS tries to match the group size to the symmetric cipher. In TLS 1.1 and
    // 1.0, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is the highest priority suite, so
    // we use P-384. With TLS 1.2 on we pick AES-128 GCM so use x25519.
@@ -12,7 +12,7 @@
      return ssl_grp_ec_secp384r1;
    }
    return ssl_grp_ec_curve25519;
-@@ -806,20 +808,24 @@ INSTANTIATE_TEST_CASE_P(
+@@ -870,20 +872,24 @@ INSTANTIATE_TEST_CASE_P(
                         ::testing::Values(TlsAgent::kServerEcdsa256),
                         ::testing::Values(ssl_auth_ecdsa),
                         ::testing::Values(ssl_sig_ecdsa_secp256r1_sha256)));
@@ -39,9 +39,9 @@
  INSTANTIATE_TEST_CASE_P(
      SignatureSchemeEcdsaSha1, TlsSignatureSchemeConfiguration,
      ::testing::Combine(TlsConnectTestBase::kTlsVariantsAll,
-@@ -828,4 +834,5 @@ INSTANTIATE_TEST_CASE_P(
+@@ -892,4 +898,5 @@ INSTANTIATE_TEST_CASE_P(
                                           TlsAgent::kServerEcdsa384),
                         ::testing::Values(ssl_auth_ecdsa),
                         ::testing::Values(ssl_sig_ecdsa_sha1)));
 +#endif
- }
+ }  // namespace nss_test
diff --git a/SOURCES/nss-sql-default.patch b/SOURCES/nss-sql-default.patch
new file mode 100644
index 0000000..fd39778
--- /dev/null
+++ b/SOURCES/nss-sql-default.patch
@@ -0,0 +1,42 @@
+# HG changeset patch
+# User Kai Engert <kaie@kuix.de>
+# Date 1511548994 -3600
+#      Fri Nov 24 19:43:14 2017 +0100
+# Node ID b0658ed367633e505d38c0c0f63b801ddbbb21a4
+# Parent  807662e6ba57db5be05036511ac8634466ed473f
+Bug 1377940, Change NSS default storage file format (currently DBM), when no prefix is given, to SQL, r=rrelyea, r=fkiefer
+
+--- a/tests/all.sh
++++ b/tests/all.sh
+@@ -111,6 +111,8 @@ RUN_FIPS=""
+ ########################################################################
+ run_tests()
+ {
++    echo "Running test cycle: ${TEST_MODE} ----------------------"
++    echo "List of tests that will be executed: ${TESTS}"
+     for TEST in ${TESTS}
+     do
+         # NOTE: the spaces are important. If you don't include
+@@ -172,8 +174,9 @@ run_cycle_pkix()
+     NSS_SSL_TESTS=`echo "${NSS_SSL_TESTS}" | sed -e "s/normal//g" -e "s/fips//g" -e "s/_//g"`
+     export -n NSS_SSL_RUN
+ 
+-    # use the default format
++    # use the default format. (unset for the shell, export -n for binaries)
+     export -n NSS_DEFAULT_DB_TYPE
++    unset NSS_DEFAULT_DB_TYPE
+ 
+     run_tests
+ }
+diff --git a/tests/merge/merge.sh b/tests/merge/merge.sh
+--- a/tests/merge/merge.sh
++++ b/tests/merge/merge.sh
+@@ -98,7 +98,7 @@ merge_init()
+   # are dbm databases.
+   if [ "${TEST_MODE}" = "UPGRADE_DB" ]; then
+ 	save=${NSS_DEFAULT_DB_TYPE}
+-	NSS_DEFAULT_DB_TYPE= ; export NSS_DEFAULT_DB_TYPE
++	NSS_DEFAULT_DB_TYPE=dbm ; export NSS_DEFAULT_DB_TYPE
+   fi
+ 
+   certutil -N -d ${CONFLICT1DIR} -f ${R_PWFILE}
diff --git a/SOURCES/renegotiate-transitional.patch b/SOURCES/renegotiate-transitional.patch
index ca92f83..5e3dbc7 100644
--- a/SOURCES/renegotiate-transitional.patch
+++ b/SOURCES/renegotiate-transitional.patch
@@ -1,12 +1,12 @@
 diff -up nss/lib/ssl/sslsock.c.transitional nss/lib/ssl/sslsock.c
---- nss/lib/ssl/sslsock.c.transitional	2016-08-15 17:57:58.146879056 +0200
-+++ nss/lib/ssl/sslsock.c	2016-08-15 17:58:02.365758224 +0200
-@@ -72,7 +72,7 @@ static sslOptions ssl_defaults = {
-     PR_FALSE,              /* noLocks            */
-     PR_FALSE,              /* enableSessionTickets */
-     PR_FALSE,              /* enableDeflate      */
--    2,                     /* enableRenegotiation (default: requires extension) */
-+    3,                     /* enableRenegotiation (default: transitional) */
-     PR_FALSE,              /* requireSafeNegotiation */
-     PR_FALSE,              /* enableFalseStart   */
-     PR_TRUE,               /* cbcRandomIV        */
+--- nss/lib/ssl/sslsock.c.transitional	2018-03-09 17:21:52.593560971 +0100
++++ nss/lib/ssl/sslsock.c	2018-03-09 17:22:21.096926523 +0100
+@@ -67,7 +67,7 @@ static sslOptions ssl_defaults = {
+     .noLocks = PR_FALSE,
+     .enableSessionTickets = PR_FALSE,
+     .enableDeflate = PR_FALSE,
+-    .enableRenegotiation = SSL_RENEGOTIATE_REQUIRES_XTN,
++    .enableRenegotiation = SSL_RENEGOTIATE_TRANSITIONAL,
+     .requireSafeNegotiation = PR_FALSE,
+     .enableFalseStart = PR_FALSE,
+     .cbcRandomIV = PR_TRUE,
diff --git a/SPECS/nss.spec b/SPECS/nss.spec
index ad8821b..984a6fe 100644
--- a/SPECS/nss.spec
+++ b/SPECS/nss.spec
@@ -1,9 +1,9 @@
-%global nspr_version 4.17.0
-%global nss_util_version 3.34.0
+%global nspr_version 4.19.0
+%global nss_util_version 3.36.0
 %global nss_util_build -1
 # adjust to the version that gets submitted for FIPS validation
-%global nss_softokn_fips_version 3.34.0
-%global nss_softokn_version 3.34.0
+%global nss_softokn_fips_version 3.36.0
+%global nss_softokn_version 3.36.0
 # Attention: Separate softokn versions for build and runtime.
 %global runtime_required_softokn_build_version -1
 # Building NSS doesn't require the same version of softokn built for runtime.
@@ -26,8 +26,8 @@
 
 Summary:          Network Security Services
 Name:             nss
-Version:          3.34.0
-Release:          4%{?dist}
+Version:          3.36.0
+Release:          5%{?dist}
 License:          MPLv2.0
 URL:              http://www.mozilla.org/projects/security/pki/nss/
 Group:            System Environment/Libraries
@@ -123,24 +123,21 @@
 Patch131: nss-disable-tls13-gtests.patch
 # Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=1279520
 Patch135: nss-check-policy-file.patch
+# To revert the change in:
+# https://bugzilla.mozilla.org/show_bug.cgi?id=1377940
+Patch136: nss-sql-default.patch
+# Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=1278071
+Patch137: nss-pkcs12-iterations-limit.patch
+# Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=1447628
+Patch138: nss-devslot-reinsert.patch
+# Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=1453408
+Patch139: nss-modutil-skip-changepw-fips.patch
 # Work around for yum
 # https://bugzilla.redhat.com/show_bug.cgi?id=1469526
 Patch141: nss-sysinit-getenv.patch
-
-# Patches backported from 3.35:
-# https://bugzilla.mozilla.org/show_bug.cgi?id=1416265
-Patch144: nss-pk12util-faulty-aes.patch
-# https://bugzilla.mozilla.org/show_bug.cgi?id=1278071
-Patch145: nss-increase-pkcs12-iterations.patch
-# https://bugzilla.mozilla.org/show_bug.cgi?id=1415847
-Patch146: nss-modutil-suppress-password.patch
-# https://bugzilla.mozilla.org/show_bug.cgi?id=1426361
-Patch147: nss-certutil-suppress-password.patch
-# https://bugzilla.mozilla.org/show_bug.cgi?id=1423557
-# https://bugzilla.mozilla.org/show_bug.cgi?id=1415171
-Patch148: nss-pss-fixes.patch
-# https://bugzilla.mozilla.org/show_bug.cgi?id=1054373
-Patch149: nss-is-token-present-race.patch
+# To revert the change in:
+# https://hg.mozilla.org/projects/nss/rev/896e3eb3a799
+Patch142: nss-lockcert-api-change.patch
 
 %description
 Network Security Services (NSS) is a set of libraries designed to
@@ -244,13 +241,12 @@
 %patch130 -p1 -b .reorder-cipher-suites-gtests
 %patch131 -p1 -b .disable-tls13-gtests
 %patch135 -p1 -b .check_policy_file
+%patch136 -p1 -R -b .sql-default
+%patch137 -p1 -b .pkcs12-iterations-limit
+%patch138 -p1 -b .devslot-reinsert
+%patch139 -p1 -b .modutil-skip-changepw-fips
 %patch141 -p1 -b .sysinit-getenv
-%patch144 -p1 -b .pk12util-faulty-aes
-%patch145 -p1 -b .increase-pkcs12-iterations
-%patch146 -p1 -b .suppress-modutil-password
-%patch147 -p1 -b .suppress-certutil-password
-%patch148 -p1 -b .pss-fixes
-%patch149 -p1 -b .is-token-present-race
+%patch142 -p1 -R -b .lockcert-api-change
 popd
 
 #########################################################
@@ -356,6 +352,8 @@
 export NSS_BLTEST_NOT_AVAILABLE=1
 
 export NSS_DISABLE_TLS_1_3=1
+
+export NSS_FORCE_FIPS=1
 
 %{__make} -C ./nss/coreconf
 %{__make} -C ./nss/lib/dbm
@@ -849,6 +847,24 @@
 
 
 %changelog
+* Wed Apr 18 2018 Daiki Ueno <dueno@redhat.com> - 3.36.0-5
+- Restore CERT_LockCertTrust and CERT_UnlockCertTrust back in cert.h
+
+* Fri Apr 13 2018 Daiki Ueno <dueno@redhat.com> - 3.36.0-4
+- Work around modutil -changepw error if the old and new passwords are
+  both empty in FIPS mode
+
+* Tue Mar 27 2018 Daiki Ueno <dueno@redhat.com> - 3.36.0-3
+- Decrease the iteration count of PKCS#12 for compatibility with Windows
+- Fix deadlock when a token is re-inserted while a client process is running
+
+* Mon Mar 12 2018 Daiki Ueno <dueno@redhat.com> - 3.36.0-2
+- Set NSS_FORCE_FIPS=1 in %%build
+- Revert the changes to tests assuming the default DB type
+
+* Fri Mar  9 2018 Daiki Ueno <dueno@redhat.com> - 3.36.0-1
+- Rebase to NSS 3.36
+
 * Mon Jan 15 2018 Daiki Ueno <dueno@redhat.com> - 3.34.0-4
 - Re-enable nss-is-token-present-race.patch
 

--
Gitblit v1.8.0