|
 |
892bb0 |
diff -up ./nss/lib/softoken/pkcs11c.c.no-small-primes ./nss/lib/softoken/pkcs11c.c
|
|
|
892bb0 |
--- ./nss/lib/softoken/pkcs11c.c.no-small-primes 2020-09-11 13:41:59.364630218 -0700
|
|
|
892bb0 |
+++ ./nss/lib/softoken/pkcs11c.c 2020-09-11 13:44:19.722377883 -0700
|
|
|
892bb0 |
@@ -5103,7 +5103,7 @@ sftk_PairwiseConsistencyCheck(CK_SESSION
|
|
|
892bb0 |
/* subprime not supplied, In this case look it up.
|
|
|
892bb0 |
* This only works with approved primes, but in FIPS mode
|
|
|
892bb0 |
* that's the only kine of prime that will get here */
|
|
|
892bb0 |
- subPrimePtr = sftk_VerifyDH_Prime(&prime);
|
|
|
892bb0 |
+ subPrimePtr = sftk_VerifyDH_Prime(&prime,isFIPS);
|
|
|
892bb0 |
if (subPrimePtr == NULL) {
|
|
|
892bb0 |
crv = CKR_GENERAL_ERROR;
|
|
|
892bb0 |
goto done;
|
|
|
892bb0 |
@@ -8332,7 +8332,7 @@ NSC_DeriveKey(CK_SESSION_HANDLE hSession
|
|
|
892bb0 |
|
|
|
892bb0 |
/* if the prime is an approved prime, we can skip all the other
|
|
|
892bb0 |
* checks. */
|
|
|
892bb0 |
- subPrime = sftk_VerifyDH_Prime(&dhPrime);
|
|
|
892bb0 |
+ subPrime = sftk_VerifyDH_Prime(&dhPrime,isFIPS);
|
|
|
892bb0 |
if (subPrime == NULL) {
|
|
|
892bb0 |
SECItem dhSubPrime;
|
|
|
892bb0 |
/* In FIPS mode we only accept approved primes */
|
|
|
892bb0 |
diff -up ./nss/lib/softoken/pkcs11i.h.no-small-primes ./nss/lib/softoken/pkcs11i.h
|
|
|
892bb0 |
--- ./nss/lib/softoken/pkcs11i.h.no-small-primes 2020-09-11 13:42:10.056687173 -0700
|
|
|
892bb0 |
+++ ./nss/lib/softoken/pkcs11i.h 2020-09-11 13:44:52.361551747 -0700
|
|
|
892bb0 |
@@ -926,7 +926,7 @@ char **NSC_ModuleDBFunc(unsigned long fu
|
|
|
892bb0 |
/* dh verify functions */
|
|
|
892bb0 |
/* verify that dhPrime matches one of our known primes, and if so return
|
|
|
892bb0 |
* it's subprime value */
|
|
|
892bb0 |
-const SECItem *sftk_VerifyDH_Prime(SECItem *dhPrime);
|
|
|
892bb0 |
+const SECItem *sftk_VerifyDH_Prime(SECItem *dhPrime, PRBool isFIPS);
|
|
|
892bb0 |
/* check if dhSubPrime claims dhPrime is a safe prime. */
|
|
|
892bb0 |
SECStatus sftk_IsSafePrime(SECItem *dhPrime, SECItem *dhSubPrime, PRBool *isSafe);
|
|
|
892bb0 |
|
|
|
892bb0 |
diff -up ./nss/lib/softoken/sftkdhverify.c.no-small-primes ./nss/lib/softoken/sftkdhverify.c
|
|
|
892bb0 |
--- ./nss/lib/softoken/sftkdhverify.c.no-small-primes 2020-09-11 13:42:25.216767929 -0700
|
|
|
892bb0 |
+++ ./nss/lib/softoken/sftkdhverify.c 2020-09-11 13:46:59.570229369 -0700
|
|
|
892bb0 |
@@ -1171,11 +1171,15 @@ static const SECItem subprime_tls_8192=
|
|
|
892bb0 |
* verify that dhPrime matches one of our known primes
|
|
|
892bb0 |
*/
|
|
|
892bb0 |
const SECItem *
|
|
|
892bb0 |
-sftk_VerifyDH_Prime(SECItem *dhPrime)
|
|
|
892bb0 |
+sftk_VerifyDH_Prime(SECItem *dhPrime, PRBool isFIPS)
|
|
|
892bb0 |
{
|
|
|
892bb0 |
/* use the length to decide which primes to check */
|
|
|
892bb0 |
switch (dhPrime->len) {
|
|
|
892bb0 |
case 1536 / PR_BITS_PER_BYTE:
|
|
|
892bb0 |
+ /* don't accept 1536 bit primes in FIPS mode */
|
|
|
892bb0 |
+ if (isFIPS) {
|
|
|
892bb0 |
+ break;
|
|
|
892bb0 |
+ }
|
|
|
892bb0 |
if (PORT_Memcmp(dhPrime->data, prime_ike_1536,
|
|
|
892bb0 |
sizeof(prime_ike_1536)) == 0) {
|
|
|
892bb0 |
return &subprime_ike_1536;
|