rpms / nss

Clone
Source Code
GIT

Blame SOURCES/nss-leading-zero.patch

c4 c5 c5-plus c6 c6-plus c7 c7-aarch64 c7-alt c7-beta c8 c8-beta c8-sig-altarch-armhfp c8s c9 c9-beta
  1.   d34767ca648f8439d1b71a0a102b2df1cf1d94aa
  2.   SOURCES
  3.   nss-leading-zero.patch
Blob History Raw
3d912a 
# HG changeset patch
3d912a 
# User Kevin Jacobs <kjacobs@mozilla.com>
3d912a 
# Date 1560499074 0
3d912a 
#      Fri Jun 14 07:57:54 2019 +0000
3d912a 
# Branch NSS_3_44_BRANCH
3d912a 
# Node ID 876bca2723a1f969422edc93e7504420d8331d3c
3d912a 
# Parent  20671f860c2619dc27208d64a84a759fdffc5ed1
3d912a 
Bug 1540541 - Don't unnecessarily strip leading 0's from key material during PKCS11 import. r=jcj,mt
3d912a
3d912a 
Differential Revision: https://phabricator.services.mozilla.com/D31671
3d912a
3d912a 
diff --git a/lib/freebl/ecl/ecp_25519.c b/lib/freebl/ecl/ecp_25519.c
3d912a 
--- a/lib/freebl/ecl/ecp_25519.c
3d912a 
+++ b/lib/freebl/ecl/ecp_25519.c
3d912a 
@@ -114,6 +114,9 @@ ec_Curve25519_pt_mul(SECItem *X, SECItem
3d912a 
         }
3d912a 
         px = P->data;
3d912a 
     }
3d912a 
+    if (k->len != 32) {
3d912a 
+        return SECFailure;
3d912a 
+    }
3d912a
3d912a 
     SECStatus rv = ec_Curve25519_mul(X->data, k->data, px);
3d912a 
     if (NSS_SecureMemcmpZero(X->data, X->len) == 0) {
3d912a 
diff --git a/lib/pk11wrap/pk11akey.c b/lib/pk11wrap/pk11akey.c
3d912a 
--- a/lib/pk11wrap/pk11akey.c
3d912a 
+++ b/lib/pk11wrap/pk11akey.c
3d912a 
@@ -190,7 +190,6 @@ PK11_ImportPublicKey(PK11SlotInfo *slot,
3d912a 
                 attrs++;
3d912a 
                 PK11_SETATTRS(attrs, CKA_DERIVE, &cktrue, sizeof(CK_BBOOL));
3d912a 
                 attrs++;
3d912a 
-                signedattr = attrs;
3d912a 
                 PK11_SETATTRS(attrs, CKA_EC_PARAMS,
3d912a 
                               pubKey->u.ec.DEREncodedParams.data,
3d912a 
                               pubKey->u.ec.DEREncodedParams.len);
3d912a 
@@ -222,12 +221,14 @@ PK11_ImportPublicKey(PK11SlotInfo *slot,
3d912a 
                 PORT_SetError(SEC_ERROR_BAD_KEY);
3d912a 
                 return CK_INVALID_HANDLE;
3d912a 
         }
3d912a 
-
3d912a 
         templateCount = attrs - theTemplate;
3d912a 
-        signedcount = attrs - signedattr;
3d912a 
         PORT_Assert(templateCount <= (sizeof(theTemplate) / sizeof(CK_ATTRIBUTE)));
3d912a 
-        for (attrs = signedattr; signedcount; attrs++, signedcount--) {
3d912a 
-            pk11_SignedToUnsigned(attrs);
3d912a 
+        if (pubKey->keyType != ecKey) {
3d912a 
+            PORT_Assert(signedattr);
3d912a 
+            signedcount = attrs - signedattr;
3d912a 
+            for (attrs = signedattr; signedcount; attrs++, signedcount--) {
3d912a 
+                pk11_SignedToUnsigned(attrs);
3d912a 
+            }
3d912a 
         }
3d912a 
         rv = PK11_CreateNewObject(slot, CK_INVALID_SESSION, theTemplate,
3d912a 
                                   templateCount, isToken, &objectID);
3d912a 
@@ -1074,9 +1075,13 @@ pk11_loadPrivKeyWithFlags(PK11SlotInfo *
3d912a 
                                         &cktrue, &ckfalse);
3d912a
3d912a 
     /* Not everyone can handle zero padded key values, give
3d912a 
-      * them the raw data as unsigned */
3d912a 
-    for (ap = attrs; extra_count; ap++, extra_count--) {
3d912a 
-        pk11_SignedToUnsigned(ap);
3d912a 
+     * them the raw data as unsigned. The exception is EC,
3d912a 
+     * where the values are encoded or zero-preserving
3d912a 
+     * per-RFC5915 */
3d912a 
+    if (privKey->keyType != ecKey) {
3d912a 
+        for (ap = attrs; extra_count; ap++, extra_count--) {
3d912a 
+            pk11_SignedToUnsigned(ap);
3d912a 
+        }
3d912a 
     }
3d912a
3d912a 
     /* now Store the puppies */
3d912a 
diff --git a/lib/pk11wrap/pk11cert.c b/lib/pk11wrap/pk11cert.c
3d912a 
--- a/lib/pk11wrap/pk11cert.c
3d912a 
+++ b/lib/pk11wrap/pk11cert.c
3d912a 
@@ -184,7 +184,9 @@ PK11_IsUserCert(PK11SlotInfo *slot, CERT
3d912a 
             SECKEY_DestroyPublicKey(pubKey);
3d912a 
             return PR_FALSE;
3d912a 
         }
3d912a 
-        pk11_SignedToUnsigned(&theTemplate);
3d912a 
+        if (pubKey->keyType != ecKey) {
3d912a 
+            pk11_SignedToUnsigned(&theTemplate);
3d912a 
+        }
3d912a 
         if (pk11_FindObjectByTemplate(slot, &theTemplate, 1) != CK_INVALID_HANDLE) {
3d912a 
             SECKEY_DestroyPublicKey(pubKey);
3d912a 
             return PR_TRUE;
3d912a 
diff --git a/lib/pk11wrap/pk11pk12.c b/lib/pk11wrap/pk11pk12.c
3d912a 
--- a/lib/pk11wrap/pk11pk12.c
3d912a 
+++ b/lib/pk11wrap/pk11pk12.c
3d912a 
@@ -505,7 +505,7 @@ PK11_ImportAndReturnPrivateKey(PK11SlotI
3d912a 
             }
3d912a 
             PK11_SETATTRS(attrs, CKA_ID, ck_id->data, ck_id->len);
3d912a 
             attrs++;
3d912a 
-            signedattr = attrs;
3d912a 
+            /* No signed attrs for EC */
3d912a 
             /* curveOID always is a copy of AlgorithmID.parameters. */
3d912a 
             PK11_SETATTRS(attrs, CKA_EC_PARAMS, lpk->u.ec.curveOID.data,
3d912a 
                           lpk->u.ec.curveOID.len);
3d912a 
@@ -523,11 +523,12 @@ PK11_ImportAndReturnPrivateKey(PK11SlotI
3d912a 
     }
3d912a 
     templateCount = attrs - theTemplate;
3d912a 
     PORT_Assert(templateCount <= sizeof(theTemplate) / sizeof(CK_ATTRIBUTE));
3d912a 
-    PORT_Assert(signedattr != NULL);
3d912a 
-    signedcount = attrs - signedattr;
3d912a 
-
3d912a 
-    for (ap = signedattr; signedcount; ap++, signedcount--) {
3d912a 
-        pk11_SignedToUnsigned(ap);
3d912a 
+    if (lpk->keyType != ecKey) {
3d912a 
+        PORT_Assert(signedattr);
3d912a 
+        signedcount = attrs - signedattr;
3d912a 
+        for (ap = signedattr; signedcount; ap++, signedcount--) {
3d912a 
+            pk11_SignedToUnsigned(ap);
3d912a 
+        }
3d912a 
     }
3d912a
3d912a 
     rv = PK11_CreateNewObject(slot, CK_INVALID_SESSION,
3d912a 
diff --git a/lib/softoken/legacydb/lgattr.c b/lib/softoken/legacydb/lgattr.c
3d912a 
--- a/lib/softoken/legacydb/lgattr.c
3d912a 
+++ b/lib/softoken/legacydb/lgattr.c
3d912a 
@@ -950,9 +950,9 @@ lg_FindECPrivateKeyAttribute(NSSLOWKEYPr
3d912a 
         case CKA_UNWRAP:
3d912a 
             return LG_CLONE_ATTR(attribute, type, lg_StaticFalseAttr);
3d912a 
         case CKA_VALUE:
3d912a 
-            return lg_CopyPrivAttrSigned(attribute, type,
3d912a 
-                                         key->u.ec.privateValue.data,
3d912a 
-                                         key->u.ec.privateValue.len, sdbpw);
3d912a 
+            return lg_CopyPrivAttribute(attribute, type,
3d912a 
+                                        key->u.ec.privateValue.data,
3d912a 
+                                        key->u.ec.privateValue.len, sdbpw);
3d912a 
         case CKA_EC_PARAMS:
3d912a 
             return lg_CopyAttributeSigned(attribute, type,
3d912a 
                                           key->u.ec.ecParams.DEREncoding.data,
3d912a 
diff --git a/lib/softoken/pkcs11c.c b/lib/softoken/pkcs11c.c
3d912a 
--- a/lib/softoken/pkcs11c.c
3d912a 
+++ b/lib/softoken/pkcs11c.c
3d912a 
@@ -7747,7 +7747,7 @@ NSC_DeriveKey(CK_SESSION_HANDLE hSession
3d912a
3d912a 
             rv = ECDH_Derive(&ecPoint, &privKey->u.ec.ecParams, &ecScalar,
3d912a 
                              withCofactor, &tmp);
3d912a 
-            PORT_Free(ecScalar.data);
3d912a 
+            PORT_ZFree(ecScalar.data, ecScalar.len);
3d912a 
             ecScalar.data = NULL;
3d912a 
             if (privKey != sourceKey->objectInfo) {
3d912a 
                 nsslowkey_DestroyPrivateKey(privKey);

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation