|
 |
5f43a7 |
diff -up ./lib/softoken/pkcs11c.c.orig ./lib/softoken/pkcs11c.c
|
|
|
5f43a7 |
--- ./lib/softoken/pkcs11c.c.orig 2020-10-15 16:06:47.380122702 -0700
|
|
|
5f43a7 |
+++ ./lib/softoken/pkcs11c.c 2020-10-15 16:07:56.891482521 -0700
|
|
|
5f43a7 |
@@ -5101,7 +5101,7 @@ sftk_PairwiseConsistencyCheck(CK_SESSION
|
|
|
5f43a7 |
/* subprime not supplied, In this case look it up.
|
|
|
5f43a7 |
* This only works with approved primes, but in FIPS mode
|
|
|
5f43a7 |
* that's the only kine of prime that will get here */
|
|
|
5f43a7 |
- subPrimePtr = sftk_VerifyDH_Prime(&prime);
|
|
|
5f43a7 |
+ subPrimePtr = sftk_VerifyDH_Prime(&prime,isFIPS);
|
|
|
5f43a7 |
if (subPrimePtr == NULL) {
|
|
|
5f43a7 |
crv = CKR_GENERAL_ERROR;
|
|
|
5f43a7 |
goto done;
|
|
|
5f43a7 |
@@ -8293,7 +8293,7 @@ NSC_DeriveKey(CK_SESSION_HANDLE hSession
|
|
|
5f43a7 |
|
|
|
5f43a7 |
/* if the prime is an approved prime, we can skip all the other
|
|
|
5f43a7 |
* checks. */
|
|
|
5f43a7 |
- subPrime = sftk_VerifyDH_Prime(&dhPrime);
|
|
|
5f43a7 |
+ subPrime = sftk_VerifyDH_Prime(&dhPrime,isFIPS);
|
|
|
5f43a7 |
if (subPrime == NULL) {
|
|
|
5f43a7 |
SECItem dhSubPrime;
|
|
|
5f43a7 |
/* In FIPS mode we only accept approved primes */
|
|
|
5f43a7 |
diff -up ./lib/softoken/pkcs11i.h.orig ./lib/softoken/pkcs11i.h
|
|
|
5f43a7 |
--- ./lib/softoken/pkcs11i.h.orig 2020-10-15 16:06:47.380122702 -0700
|
|
|
5f43a7 |
+++ ./lib/softoken/pkcs11i.h 2020-10-15 16:07:56.892482526 -0700
|
|
|
5f43a7 |
@@ -926,7 +926,7 @@ char **NSC_ModuleDBFunc(unsigned long fu
|
|
|
5f43a7 |
/* dh verify functions */
|
|
|
5f43a7 |
/* verify that dhPrime matches one of our known primes, and if so return
|
|
|
5f43a7 |
* it's subprime value */
|
|
|
5f43a7 |
-const SECItem *sftk_VerifyDH_Prime(SECItem *dhPrime);
|
|
|
5f43a7 |
+const SECItem *sftk_VerifyDH_Prime(SECItem *dhPrime, PRBool isFIPS);
|
|
|
5f43a7 |
/* check if dhSubPrime claims dhPrime is a safe prime. */
|
|
|
5f43a7 |
SECStatus sftk_IsSafePrime(SECItem *dhPrime, SECItem *dhSubPrime, PRBool *isSafe);
|
|
|
5f43a7 |
|
|
|
5f43a7 |
diff -up ./lib/softoken/sftkdhverify.c.orig ./lib/softoken/sftkdhverify.c
|
|
|
5f43a7 |
--- ./lib/softoken/sftkdhverify.c.orig 2020-10-15 16:06:47.370122650 -0700
|
|
|
5f43a7 |
+++ ./lib/softoken/sftkdhverify.c 2020-10-15 16:07:56.893482531 -0700
|
|
|
5f43a7 |
@@ -1171,11 +1171,15 @@ static const SECItem subprime_tls_8192=
|
|
|
5f43a7 |
* verify that dhPrime matches one of our known primes
|
|
|
5f43a7 |
*/
|
|
|
5f43a7 |
const SECItem *
|
|
|
5f43a7 |
-sftk_VerifyDH_Prime(SECItem *dhPrime)
|
|
|
5f43a7 |
+sftk_VerifyDH_Prime(SECItem *dhPrime, PRBool isFIPS)
|
|
|
5f43a7 |
{
|
|
|
5f43a7 |
/* use the length to decide which primes to check */
|
|
|
5f43a7 |
switch (dhPrime->len) {
|
|
|
5f43a7 |
case 1536 / PR_BITS_PER_BYTE:
|
|
|
5f43a7 |
+ /* don't accept 1536 bit primes in FIPS mode */
|
|
|
5f43a7 |
+ if (isFIPS) {
|
|
|
5f43a7 |
+ break;
|
|
|
5f43a7 |
+ }
|
|
|
5f43a7 |
if (PORT_Memcmp(dhPrime->data, prime_ike_1536,
|
|
|
5f43a7 |
sizeof(prime_ike_1536)) == 0) {
|
|
|
5f43a7 |
return &subprime_ike_1536;
|