From 90d3a502c57695267ff13e1dc536b9ad52c4d72e Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Sep 26 2014 04:45:17 +0000 Subject: import nss-util-3.16.2-2.el7_0 --- diff --git a/SOURCES/cve-2014-1568-utils.patch b/SOURCES/cve-2014-1568-utils.patch new file mode 100644 index 0000000..2b55e28 --- /dev/null +++ b/SOURCES/cve-2014-1568-utils.patch @@ -0,0 +1,273 @@ +angeset patch +# User Kai Engert +# Date 1411493332 -7200 +# Node ID fb7208e91ae8e819b38a80480f816efb32fbfab3 +# Parent 4e90910ad2f9741978820ec2314b12a504d78c4e +Fix bug 1064636, patch part 1, r=rrelyea + +diff --git a/lib/util/manifest.mn b/lib/util/manifest.mn +--- a/lib/util/manifest.mn ++++ b/lib/util/manifest.mn +@@ -17,16 +17,17 @@ EXPORTS = \ + nssrwlkt.h \ + nssutil.h \ + pkcs11.h \ + pkcs11f.h \ + pkcs11p.h \ + pkcs11t.h \ + pkcs11n.h \ + pkcs11u.h \ ++ pkcs1sig.h \ + portreg.h \ + secasn1.h \ + secasn1t.h \ + seccomon.h \ + secder.h \ + secdert.h \ + secdig.h \ + secdigt.h \ +@@ -53,16 +54,17 @@ CSRCS = \ + dersubr.c \ + dertime.c \ + errstrs.c \ + nssb64d.c \ + nssb64e.c \ + nssrwlk.c \ + nssilock.c \ + oidstring.c \ ++ pkcs1sig.c \ + portreg.c \ + secalgid.c \ + secasn1d.c \ + secasn1e.c \ + secasn1u.c \ + secitem.c \ + secload.c \ + secoid.c \ +diff --git a/lib/util/nssutil.def b/lib/util/nssutil.def +--- a/lib/util/nssutil.def ++++ b/lib/util/nssutil.def +@@ -266,8 +266,14 @@ NSSUTIL_QuoteSize; + SECITEM_AllocArray; + SECITEM_DupArray; + SECITEM_FreeArray; + SECITEM_ReallocItemV2; + SECITEM_ZfreeArray; + ;+ local: + ;+ *; + ;+}; ++;+NSSUTIL_3.17.1 { # NSS Utilities 3.17.1 release ++;+ global: ++_SGN_VerifyPKCS1DigestInfo; ++;+ local: ++;+ *; ++;+}; +diff --git a/lib/util/pkcs1sig.c b/lib/util/pkcs1sig.c +new file mode 100644 +--- /dev/null ++++ b/lib/util/pkcs1sig.c +@@ -0,0 +1,169 @@ ++/* This Source Code Form is subject to the terms of the Mozilla Public ++ * License, v. 2.0. If a copy of the MPL was not distributed with this ++ * file, You can obtain one at http://mozilla.org/MPL/2.0/. ++ */ ++ ++#include "pkcs1sig.h" ++#include "hasht.h" ++#include "secerr.h" ++#include "secasn1t.h" ++#include "secoid.h" ++ ++typedef struct pkcs1PrefixStr pkcs1Prefix; ++struct pkcs1PrefixStr { ++ unsigned int len; ++ PRUint8 *data; ++}; ++ ++typedef struct pkcs1PrefixesStr pkcs1Prefixes; ++struct pkcs1PrefixesStr { ++ unsigned int digestLen; ++ pkcs1Prefix prefixWithParams; ++ pkcs1Prefix prefixWithoutParams; ++}; ++ ++/* The value for SGN_PKCS1_DIGESTINFO_MAX_PREFIX_LEN_EXCLUDING_OID is based on ++ * the possible prefix encodings as explained below. ++ */ ++#define MAX_PREFIX_LEN_EXCLUDING_OID 10 ++ ++static SECStatus ++encodePrefix(const SECOidData *hashOid, unsigned int digestLen, ++ pkcs1Prefix *prefix, PRBool withParams) ++{ ++ /* with params coding is: ++ * Sequence (2 bytes) { ++ * Sequence (2 bytes) { ++ * Oid (2 bytes) { ++ * Oid value (derOid->oid.len) ++ * } ++ * NULL (2 bytes) ++ * } ++ * OCTECT (2 bytes); ++ * ++ * without params coding is: ++ * Sequence (2 bytes) { ++ * Sequence (2 bytes) { ++ * Oid (2 bytes) { ++ * Oid value (derOid->oid.len) ++ * } ++ * } ++ * OCTECT (2 bytes); ++ */ ++ ++ unsigned int innerSeqLen = 2 + hashOid->oid.len; ++ unsigned int outerSeqLen = 2 + innerSeqLen + 2 + digestLen; ++ unsigned int extra = 0; ++ ++ if (withParams) { ++ innerSeqLen += 2; ++ outerSeqLen += 2; ++ extra = 2; ++ } ++ ++ if (innerSeqLen >= 128 || ++ outerSeqLen >= 128 || ++ (outerSeqLen + 2 - digestLen) > ++ (MAX_PREFIX_LEN_EXCLUDING_OID + hashOid->oid.len)) { ++ /* this is actually a library failure, It shouldn't happen */ ++ PORT_SetError(SEC_ERROR_INVALID_ARGS); ++ return SECFailure; ++ } ++ ++ prefix->len = 6 + hashOid->oid.len + extra + 2; ++ prefix->data = PORT_Alloc(prefix->len); ++ if (!prefix->data) { ++ PORT_SetError(SEC_ERROR_NO_MEMORY); ++ return SECFailure; ++ } ++ ++ prefix->data[0] = SEC_ASN1_SEQUENCE|SEC_ASN1_CONSTRUCTED; ++ prefix->data[1] = outerSeqLen; ++ prefix->data[2] = SEC_ASN1_SEQUENCE|SEC_ASN1_CONSTRUCTED; ++ prefix->data[3] = innerSeqLen; ++ prefix->data[4] = SEC_ASN1_OBJECT_ID; ++ prefix->data[5] = hashOid->oid.len; ++ PORT_Memcpy(&prefix->data[6], hashOid->oid.data, hashOid->oid.len); ++ if (withParams) { ++ prefix->data[6 + hashOid->oid.len] = SEC_ASN1_NULL; ++ prefix->data[6 + hashOid->oid.len + 1] = 0; ++ } ++ prefix->data[6 + hashOid->oid.len + extra] = SEC_ASN1_OCTET_STRING; ++ prefix->data[6 + hashOid->oid.len + extra + 1] = digestLen; ++ ++ return SECSuccess; ++} ++ ++SECStatus ++_SGN_VerifyPKCS1DigestInfo(SECOidTag digestAlg, ++ const SECItem* digest, ++ const SECItem* dataRecoveredFromSignature, ++ PRBool unsafeAllowMissingParameters) ++{ ++ SECOidData *hashOid; ++ pkcs1Prefixes pp; ++ const pkcs1Prefix* expectedPrefix; ++ SECStatus rv, rv2, rv3; ++ ++ if (!digest || !digest->data || ++ !dataRecoveredFromSignature || !dataRecoveredFromSignature->data) { ++ PORT_SetError(SEC_ERROR_INVALID_ARGS); ++ return SECFailure; ++ } ++ ++ hashOid = SECOID_FindOIDByTag(digestAlg); ++ if (hashOid == NULL) { ++ PORT_SetError(SEC_ERROR_INVALID_ARGS); ++ return SECFailure; ++ } ++ ++ pp.digestLen = digest->len; ++ pp.prefixWithParams.data = NULL; ++ pp.prefixWithoutParams.data = NULL; ++ ++ rv2 = encodePrefix(hashOid, pp.digestLen, &pp.prefixWithParams, PR_TRUE); ++ rv3 = encodePrefix(hashOid, pp.digestLen, &pp.prefixWithoutParams, PR_FALSE); ++ ++ rv = SECSuccess; ++ if (rv2 != SECSuccess || rv3 != SECSuccess) { ++ rv = SECFailure; ++ } ++ ++ if (rv == SECSuccess) { ++ /* We don't attempt to avoid timing attacks on these comparisons because ++ * signature verification is a public key operation, not a private key ++ * operation. ++ */ ++ ++ if (dataRecoveredFromSignature->len == ++ pp.prefixWithParams.len + pp.digestLen) { ++ expectedPrefix = &pp.prefixWithParams; ++ } else if (unsafeAllowMissingParameters && ++ dataRecoveredFromSignature->len == ++ pp.prefixWithoutParams.len + pp.digestLen) { ++ expectedPrefix = &pp.prefixWithoutParams; ++ } else { ++ PORT_SetError(SEC_ERROR_BAD_SIGNATURE); ++ rv = SECFailure; ++ } ++ } ++ ++ if (rv == SECSuccess) { ++ if (memcmp(dataRecoveredFromSignature->data, expectedPrefix->data, ++ expectedPrefix->len) || ++ memcmp(dataRecoveredFromSignature->data + expectedPrefix->len, ++ digest->data, digest->len)) { ++ PORT_SetError(SEC_ERROR_BAD_SIGNATURE); ++ rv = SECFailure; ++ } ++ } ++ ++ if (pp.prefixWithParams.data) { ++ PORT_Free(pp.prefixWithParams.data); ++ } ++ if (pp.prefixWithoutParams.data) { ++ PORT_Free(pp.prefixWithoutParams.data); ++ } ++ ++ return rv; ++} +diff --git a/lib/util/pkcs1sig.h b/lib/util/pkcs1sig.h +new file mode 100644 +--- /dev/null ++++ b/lib/util/pkcs1sig.h +@@ -0,0 +1,30 @@ ++/* This Source Code Form is subject to the terms of the Mozilla Public ++ * License, v. 2.0. If a copy of the MPL was not distributed with this ++ * file, You can obtain one at http://mozilla.org/MPL/2.0/. ++ */ ++ ++#ifndef _PKCS1SIG_H_ ++#define _PKCS1SIG_H_ ++ ++#include "hasht.h" ++#include "seccomon.h" ++#include "secoidt.h" ++ ++/* SGN_VerifyPKCS1DigestInfo verifies that the length of the digest is correct ++ * for the given algorithm, then verifies that the recovered data from the ++ * PKCS#1 signature is a properly-formatted DigestInfo that identifies the ++ * given digest algorithm, then verifies that the digest in the DigestInfo ++ * matches the given digest. ++ * ++ * dataRecoveredFromSignature must be the result of calling PK11_VerifyRecover ++ * or equivalent. ++ * ++ * If unsafeAllowMissingParameters is true (not recommended), then a DigestInfo ++ * without the mandatory ASN.1 NULL parameter will also be accepted. ++ */ ++SECStatus _SGN_VerifyPKCS1DigestInfo(SECOidTag digestAlg, ++ const SECItem* digest, ++ const SECItem* dataRecoveredFromSignature, ++ PRBool unsafeAllowMissingParameters); ++ ++#endif /* _PKCS1SIG_H_ */ diff --git a/SOURCES/pkcs1sig-include-prtypes.patch b/SOURCES/pkcs1sig-include-prtypes.patch new file mode 100644 index 0000000..99e1217 --- /dev/null +++ b/SOURCES/pkcs1sig-include-prtypes.patch @@ -0,0 +1,11 @@ +diff -up ./nss/lib/util/pkcs1sig.c.include_prtypes ./nss/lib/util/pkcs1sig.c +--- ./nss/lib/util/pkcs1sig.c.include_prtypes 2014-09-23 14:53:20.586600039 -0700 ++++ ./nss/lib/util/pkcs1sig.c 2014-09-23 14:56:14.569906021 -0700 +@@ -3,6 +3,7 @@ + * file, You can obtain one at http://mozilla.org/MPL/2.0/. + */ + ++#include "prtypes.h" + #include "pkcs1sig.h" + #include "hasht.h" + #include "secerr.h" diff --git a/SPECS/nss-util.spec b/SPECS/nss-util.spec index e8ada76..5f874ad 100644 --- a/SPECS/nss-util.spec +++ b/SPECS/nss-util.spec @@ -3,7 +3,7 @@ Summary: Network Security Services Utilities Library Name: nss-util Version: 3.16.2 -Release: 1%{?dist} +Release: 2%{?dist} License: MPLv2.0 URL: http://www.mozilla.org/projects/security/pki/nss/ Group: System Environment/Libraries @@ -33,6 +33,9 @@ Source3: nss-util-config.in Patch1: build-nss-util-only.patch Patch2: hasht-dont-include-prtypes.patch +# Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=1064636 +Patch6: cve-2014-1568-utils.patch +Patch7: pkcs1sig-include-prtypes.patch %description Utilities for Network Security Services and the Softoken module @@ -55,6 +58,10 @@ Header and library files for doing development with Network Security Services. %setup -q %patch1 -p0 -b .utilonly %patch2 -p0 -b .prtypes +pushd nss +%patch6 -p1 -b .cve-2014-1568 +popd +%patch7 -p0 -b .include_prtypes %build @@ -200,6 +207,7 @@ done %{_includedir}/nss3/pkcs11p.h %{_includedir}/nss3/pkcs11t.h %{_includedir}/nss3/pkcs11u.h +%{_includedir}/nss3/pkcs1sig.h %{_includedir}/nss3/portreg.h %{_includedir}/nss3/secasn1.h %{_includedir}/nss3/secasn1t.h @@ -220,6 +228,9 @@ done %{_includedir}/nss3/templates/templates.c %changelog +* Tue Sep 23 2014 Elio Maldonado - 3.16.2-2 +- Resolves: bug 1145433 - CVE-2014-1568 + * Wed Jul 30 2014 Elio Maldonado - 3.16.2-1 - Update to nss-3.16.2 - Resolves: Bug 1124659 - Rebase RHEL-7.0 to at least NSS 3.16.1 (FF 31)