diff --git a/.gitignore b/.gitignore
index 7286e8d..9f715bd 100644
--- a/.gitignore
+++ b/.gitignore
@@ -10,7 +10,7 @@ SOURCES/cert8.db.xml
SOURCES/cert9.db.xml
SOURCES/key3.db.xml
SOURCES/key4.db.xml
-SOURCES/nss-3.34.0.tar.gz
+SOURCES/nss-3.36.0.tar.gz
SOURCES/nss-config.xml
SOURCES/secmod.db.xml
SOURCES/setup-nsssysinit.xml
diff --git a/.nss.metadata b/.nss.metadata
index 7b7738a..43619b7 100644
--- a/.nss.metadata
+++ b/.nss.metadata
@@ -10,7 +10,7 @@ bd748cf6e1465a1bbe6e751b72ffc0076aff0b50 SOURCES/blank-secmod.db
7cbb7841b1aefe52534704bf2a4358bfea1aa477 SOURCES/cert9.db.xml
24c123810543ff0f6848647d6d910744e275fb01 SOURCES/key3.db.xml
af51b16a56fda1f7525a0eed3ecbdcbb4133be0c SOURCES/key4.db.xml
-01388dc47540744bb4b3c32cd8b77f1e770c4661 SOURCES/nss-3.34.0.tar.gz
+e9d8137e035efed17bd0ca12db497dbeff9b828e SOURCES/nss-3.36.0.tar.gz
2905c9b06e7e686c9e3c0b5736a218766d4ae4c2 SOURCES/nss-config.xml
ca9ebf79c1437169a02527c18b1e3909943c4be9 SOURCES/secmod.db.xml
bcbe05281b38d843273f91ae3f9f19f70c7d97b3 SOURCES/setup-nsssysinit.xml
diff --git a/SOURCES/Bug-1001841-disable-sslv2-tests.patch b/SOURCES/Bug-1001841-disable-sslv2-tests.patch
index 40e3e6d..96569b2 100644
--- a/SOURCES/Bug-1001841-disable-sslv2-tests.patch
+++ b/SOURCES/Bug-1001841-disable-sslv2-tests.patch
@@ -1,10 +1,11 @@
diff -up nss/tests/ssl/ssl.sh.disableSSL2tests nss/tests/ssl/ssl.sh
---- nss/tests/ssl/ssl.sh.disableSSL2tests 2017-09-20 08:47:27.000000000 +0200
-+++ nss/tests/ssl/ssl.sh 2017-10-06 16:19:10.812108552 +0200
-@@ -69,8 +69,14 @@ ssl_init()
-
+--- nss/tests/ssl/ssl.sh.disableSSL2tests 2018-03-05 16:58:32.000000000 +0100
++++ nss/tests/ssl/ssl.sh 2018-03-09 17:24:07.047568191 +0100
+@@ -68,9 +68,14 @@ ssl_init()
+ NSS_SSL_RUN=${NSS_SSL_RUN:-$nss_ssl_run}
+
# Test case files
- SSLCOV=${QADIR}/ssl/sslcov.txt
+- SSLCOV=${QADIR}/ssl/sslcov.txt
+ if [ "${NSS_NO_SSL2}" = "1" ]; then
+ SSLCOV=${QADIR}/ssl/sslcov.noSSL2orExport.txt
+ SSLSTRESS=${QADIR}/ssl/sslstress.noSSL2orExport.txt
@@ -17,7 +18,7 @@ diff -up nss/tests/ssl/ssl.sh.disableSSL2tests nss/tests/ssl/ssl.sh
SSLPOLICY=${QADIR}/ssl/sslpolicy.txt
REQUEST_FILE=${QADIR}/ssl/sslreq.dat
-@@ -128,7 +134,11 @@ is_selfserv_alive()
+@@ -128,7 +133,11 @@ is_selfserv_alive()
fi
echo "kill -0 ${PID} >/dev/null 2>/dev/null"
@@ -29,7 +30,7 @@ diff -up nss/tests/ssl/ssl.sh.disableSSL2tests nss/tests/ssl/ssl.sh
echo "selfserv with PID ${PID} found at `date`"
}
-@@ -152,7 +162,11 @@ wait_for_selfserv()
+@@ -152,7 +161,11 @@ wait_for_selfserv()
${BINDIR}/tstclnt -4 -p ${PORT} -h ${HOSTADDR} ${CLIENT_OPTIONS} -q \
-d ${P_R_CLIENTDIR} $verbose < ${REQUEST_FILE}
if [ $? -ne 0 ]; then
@@ -41,7 +42,7 @@ diff -up nss/tests/ssl/ssl.sh.disableSSL2tests nss/tests/ssl/ssl.sh
fi
fi
is_selfserv_alive
-@@ -275,7 +289,7 @@ ssl_cov()
+@@ -275,7 +288,7 @@ ssl_cov()
start_selfserv # Launch the server
VMIN="ssl3"
@@ -50,7 +51,7 @@ diff -up nss/tests/ssl/ssl.sh.disableSSL2tests nss/tests/ssl/ssl.sh
ignore_blank_lines ${SSLCOV} | \
while read ectype testmax param testname
-@@ -283,6 +297,12 @@ ssl_cov()
+@@ -283,6 +296,12 @@ ssl_cov()
echo "${testname}" | grep "EXPORT" > /dev/null
EXP=$?
diff --git a/SOURCES/enable-fips-when-system-is-in-fips-mode.patch b/SOURCES/enable-fips-when-system-is-in-fips-mode.patch
index 72c0cb4..dde5dcb 100644
--- a/SOURCES/enable-fips-when-system-is-in-fips-mode.patch
+++ b/SOURCES/enable-fips-when-system-is-in-fips-mode.patch
@@ -1,7 +1,7 @@
diff -up nss/lib/pk11wrap/pk11pars.c.852023_enable_fips_when_in_fips_mode nss/lib/pk11wrap/pk11pars.c
---- nss/lib/pk11wrap/pk11pars.c.852023_enable_fips_when_in_fips_mode 2017-01-13 17:01:05.278296965 +0100
-+++ nss/lib/pk11wrap/pk11pars.c 2017-01-13 17:04:52.968903200 +0100
-@@ -672,6 +672,10 @@ SECMOD_CreateModuleEx(const char *librar
+--- nss/lib/pk11wrap/pk11pars.c.852023_enable_fips_when_in_fips_mode 2018-03-05 16:58:32.000000000 +0100
++++ nss/lib/pk11wrap/pk11pars.c 2018-03-09 17:24:39.815838810 +0100
+@@ -671,6 +671,10 @@ SECMOD_CreateModuleEx(const char *librar
mod->internal = NSSUTIL_ArgHasFlag("flags", "internal", nssc);
mod->isFIPS = NSSUTIL_ArgHasFlag("flags", "FIPS", nssc);
@@ -13,9 +13,9 @@ diff -up nss/lib/pk11wrap/pk11pars.c.852023_enable_fips_when_in_fips_mode nss/li
slotParams = NSSUTIL_ArgGetParamValue("slotParams", nssc);
mod->slotInfo = NSSUTIL_ArgParseSlotInfo(mod->arena, slotParams,
diff -up nss/lib/pk11wrap/pk11util.c.852023_enable_fips_when_in_fips_mode nss/lib/pk11wrap/pk11util.c
---- nss/lib/pk11wrap/pk11util.c.852023_enable_fips_when_in_fips_mode 2017-01-13 17:01:05.278296965 +0100
-+++ nss/lib/pk11wrap/pk11util.c 2017-01-13 17:06:24.171723872 +0100
-@@ -94,6 +94,26 @@ SECMOD_Shutdown()
+--- nss/lib/pk11wrap/pk11util.c.852023_enable_fips_when_in_fips_mode 2018-03-05 16:58:32.000000000 +0100
++++ nss/lib/pk11wrap/pk11util.c 2018-03-09 17:25:46.804347730 +0100
+@@ -95,6 +95,26 @@ SECMOD_Shutdown()
return SECSuccess;
}
@@ -42,7 +42,7 @@ diff -up nss/lib/pk11wrap/pk11util.c.852023_enable_fips_when_in_fips_mode nss/li
/*
* retrieve the internal module
*/
-@@ -427,7 +447,7 @@ SECMOD_DeleteInternalModule(const char *
+@@ -428,7 +448,7 @@ SECMOD_DeleteInternalModule(const char *
SECMODModuleList **mlpp;
SECStatus rv = SECFailure;
@@ -51,18 +51,18 @@ diff -up nss/lib/pk11wrap/pk11util.c.852023_enable_fips_when_in_fips_mode nss/li
PORT_SetError(SEC_ERROR_MODULE_STUCK);
return rv;
}
-@@ -902,7 +922,7 @@ SECMOD_DestroyModuleList(SECMODModuleLis
- PRBool
- SECMOD_CanDeleteInternalModule(void)
- {
+@@ -963,7 +983,7 @@ SECMOD_CanDeleteInternalModule(void)
+ #ifdef NSS_FIPS_DISABLED
+ return PR_FALSE;
+ #else
- return (PRBool)(pendingModule == NULL);
+ return (PRBool) ((pendingModule == NULL) && !SECMOD_GetSystemFIPSEnabled());
+ #endif
}
- /*
diff -up nss/lib/pk11wrap/secmodi.h.852023_enable_fips_when_in_fips_mode nss/lib/pk11wrap/secmodi.h
---- nss/lib/pk11wrap/secmodi.h.852023_enable_fips_when_in_fips_mode 2017-01-13 17:01:05.278296965 +0100
-+++ nss/lib/pk11wrap/secmodi.h 2017-01-13 17:07:08.897624098 +0100
+--- nss/lib/pk11wrap/secmodi.h.852023_enable_fips_when_in_fips_mode 2018-03-05 16:58:32.000000000 +0100
++++ nss/lib/pk11wrap/secmodi.h 2018-03-09 17:24:39.816838788 +0100
@@ -115,6 +115,13 @@ PK11SymKey *pk11_TokenKeyGenWithFlagsAnd
CK_MECHANISM_TYPE pk11_GetPBECryptoMechanism(SECAlgorithmID *algid,
SECItem **param, SECItem *pwd, PRBool faulty3DES);
diff --git a/SOURCES/nss-certutil-suppress-password.patch b/SOURCES/nss-certutil-suppress-password.patch
deleted file mode 100644
index 985ac21..0000000
--- a/SOURCES/nss-certutil-suppress-password.patch
+++ /dev/null
@@ -1,20 +0,0 @@
-# HG changeset patch
-# User Daiki Ueno <dueno@redhat.com>
-# Date 1513770602 -3600
-# Wed Dec 20 12:50:02 2017 +0100
-# Node ID 29b2a346746fb03316cf97c8c7b0837b714c255b
-# Parent 5a14f42384eb22b67e0465949c03555eff41e4af
-Bug 1426361, certutil: check CKF_LOGIN_REQUIRED as well as CKF_USER_PIN_INITIALIZED, r=rrelyea
-
-diff --git a/cmd/certutil/certutil.c b/cmd/certutil/certutil.c
---- a/cmd/certutil/certutil.c
-+++ b/cmd/certutil/certutil.c
-@@ -3171,7 +3171,7 @@ certutil_main(int argc, char **argv, PRB
- certutil.commands[cmd_CreateAndAddCert].activated ||
- certutil.commands[cmd_AddCert].activated ||
- certutil.commands[cmd_AddEmailCert].activated) {
-- if (PK11_NeedUserInit(slot)) {
-+ if (PK11_NeedLogin(slot) && PK11_NeedUserInit(slot)) {
- char *password = NULL;
- /* fetch the password from the command line or the file
- * if no password is supplied, initialize the password to NULL */
diff --git a/SOURCES/nss-devslot-reinsert.patch b/SOURCES/nss-devslot-reinsert.patch
new file mode 100644
index 0000000..f68a81a
--- /dev/null
+++ b/SOURCES/nss-devslot-reinsert.patch
@@ -0,0 +1,95 @@
+# HG changeset patch
+# User Daiki Ueno <dueno@redhat.com>
+# Date 1521731296 -3600
+# Thu Mar 22 16:08:16 2018 +0100
+# Node ID 6ae3ab8a1e7b4161f3f8eee90db7a745acced408
+# Parent dedf5290c679153e5b3555ba9c711fe62323c156
+Bug 1447628, devslot: avoid deadlock when re-inserting a token, r=rrelyea
+
+diff --git a/lib/dev/devslot.c b/lib/dev/devslot.c
+--- a/lib/dev/devslot.c
++++ b/lib/dev/devslot.c
+@@ -96,10 +96,16 @@ nssSlot_ResetDelay(
+ }
+
+ static PRBool
+-within_token_delay_period(const NSSSlot *slot)
++token_status_checked(const NSSSlot *slot)
+ {
+ PRIntervalTime time;
+ int lastPingState = slot->lastTokenPingState;
++ /* When called from the same thread, that means
++ * nssSlot_IsTokenPresent() is called recursively through
++ * nssSlot_Refresh(). Return immediately in that case. */
++ if (slot->isPresentThread == PR_GetCurrentThread()) {
++ return PR_TRUE;
++ }
+ /* Set the delay time for checking the token presence */
+ if (s_token_delay_time == 0) {
+ s_token_delay_time = PR_SecondsToInterval(NSSSLOT_TOKEN_DELAY_TIME);
+@@ -130,7 +136,7 @@ nssSlot_IsTokenPresent(
+
+ /* avoid repeated calls to check token status within set interval */
+ PZ_Lock(slot->isPresentLock);
+- if (within_token_delay_period(slot)) {
++ if (token_status_checked(slot)) {
+ CK_FLAGS ckFlags = slot->ckFlags;
+ PZ_Unlock(slot->isPresentLock);
+ return ((ckFlags & CKF_TOKEN_PRESENT) != 0);
+@@ -146,12 +152,12 @@ nssSlot_IsTokenPresent(
+
+ /* set up condition so only one thread is active in this part of the code at a time */
+ PZ_Lock(slot->isPresentLock);
+- while (slot->inIsPresent) {
++ while (slot->isPresentThread) {
+ PR_WaitCondVar(slot->isPresentCondition, 0);
+ }
+ /* if we were one of multiple threads here, the first thread will have
+ * given us the answer, no need to make more queries of the token. */
+- if (within_token_delay_period(slot)) {
++ if (token_status_checked(slot)) {
+ CK_FLAGS ckFlags = slot->ckFlags;
+ PZ_Unlock(slot->isPresentLock);
+ return ((ckFlags & CKF_TOKEN_PRESENT) != 0);
+@@ -159,7 +165,7 @@ nssSlot_IsTokenPresent(
+ /* this is the winning thread, block all others until we've determined
+ * if the token is present and that it needs initialization. */
+ slot->lastTokenPingState = nssSlotLastPingState_Update;
+- slot->inIsPresent = PR_TRUE;
++ slot->isPresentThread = PR_GetCurrentThread();
+
+ PZ_Unlock(slot->isPresentLock);
+
+@@ -257,7 +263,7 @@ done:
+ slot->lastTokenPingTime = PR_IntervalNow();
+ slot->lastTokenPingState = nssSlotLastPingState_Valid;
+ }
+- slot->inIsPresent = PR_FALSE;
++ slot->isPresentThread = NULL;
+ PR_NotifyAllCondVar(slot->isPresentCondition);
+ PZ_Unlock(slot->isPresentLock);
+ return isPresent;
+diff --git a/lib/dev/devt.h b/lib/dev/devt.h
+--- a/lib/dev/devt.h
++++ b/lib/dev/devt.h
+@@ -92,7 +92,7 @@ struct NSSSlotStr {
+ PK11SlotInfo *pk11slot;
+ PZLock *isPresentLock;
+ PRCondVar *isPresentCondition;
+- PRBool inIsPresent;
++ PRThread *isPresentThread;
+ };
+
+ struct nssSessionStr {
+diff --git a/lib/pk11wrap/dev3hack.c b/lib/pk11wrap/dev3hack.c
+--- a/lib/pk11wrap/dev3hack.c
++++ b/lib/pk11wrap/dev3hack.c
+@@ -122,7 +122,7 @@ nssSlot_CreateFromPK11SlotInfo(NSSTrustD
+ rvSlot->lock = (nss3slot->isThreadSafe) ? NULL : nss3slot->sessionLock;
+ rvSlot->isPresentLock = PZ_NewLock(nssiLockOther);
+ rvSlot->isPresentCondition = PR_NewCondVar(rvSlot->isPresentLock);
+- rvSlot->inIsPresent = PR_FALSE;
++ rvSlot->isPresentThread = NULL;
+ rvSlot->lastTokenPingState = nssSlotLastPingState_Reset;
+ return rvSlot;
+ }
diff --git a/SOURCES/nss-increase-pkcs12-iterations.patch b/SOURCES/nss-increase-pkcs12-iterations.patch
deleted file mode 100644
index 72fedd4..0000000
--- a/SOURCES/nss-increase-pkcs12-iterations.patch
+++ /dev/null
@@ -1,26 +0,0 @@
-# HG changeset patch
-# User Kai Engert <kaie@kuix.de>
-# Date 1511356939 -3600
-# Wed Nov 22 14:22:19 2017 +0100
-# Node ID 93109d4cbedd397f5e75a2096257f9842a0ac5a1
-# Parent 6a27e4b4c92c8c3694132b75a1a54c23688789bd
-Bug 1278071, increase number of iterations for export to PKCS #12, r=fkiefer
-
-diff --git a/lib/pkcs7/p7create.c b/lib/pkcs7/p7create.c
---- a/lib/pkcs7/p7create.c
-+++ b/lib/pkcs7/p7create.c
-@@ -18,7 +18,13 @@
- #include "secder.h"
- #include "secpkcs5.h"
-
--const int NSS_PBE_DEFAULT_ITERATION_COUNT = 100000; /* used in p12e.c too */
-+const int NSS_PBE_DEFAULT_ITERATION_COUNT = /* used in p12e.c too */
-+#ifdef DEBUG
-+ 10000
-+#else
-+ 1000000
-+#endif
-+ ;
-
- static SECStatus
- sec_pkcs7_init_content_info(SEC_PKCS7ContentInfo *cinfo, PLArenaPool *poolp,
diff --git a/SOURCES/nss-is-token-present-race.patch b/SOURCES/nss-is-token-present-race.patch
deleted file mode 100644
index 9c85f74..0000000
--- a/SOURCES/nss-is-token-present-race.patch
+++ /dev/null
@@ -1,191 +0,0 @@
-# HG changeset patch
-# User Robert Relyea <rrelyea@redhat.com>
-# Date 1516007838 -3600
-# Mon Jan 15 10:17:18 2018 +0100
-# Node ID 33d9c969cd6548c335ce43fa8909b96ef323f670
-# Parent db32ef3be38eb06a91babbcbb48285284d704dbd
-Bug 1054373, Crash in PK11_DoesMechanism due to race condition, r=rsleevi
-
-diff --git a/lib/dev/devslot.c b/lib/dev/devslot.c
---- a/lib/dev/devslot.c
-+++ b/lib/dev/devslot.c
-@@ -33,6 +33,8 @@ nssSlot_Destroy(
- if (PR_ATOMIC_DECREMENT(&slot->base.refCount) == 0) {
- PK11_FreeSlot(slot->pk11slot);
- PZ_DestroyLock(slot->base.lock);
-+ PZ_DestroyCondVar(slot->isPresentCondition);
-+ PZ_DestroyLock(slot->isPresentLock);
- return nssArena_Destroy(slot->base.arena);
- }
- }
-@@ -117,35 +119,61 @@ nssSlot_IsTokenPresent(
- nssSession *session;
- CK_SLOT_INFO slotInfo;
- void *epv;
-+ PRBool isPresent = PR_FALSE;
-+
- /* permanent slots are always present unless they're disabled */
- if (nssSlot_IsPermanent(slot)) {
- return !PK11_IsDisabled(slot->pk11slot);
- }
-+
- /* avoid repeated calls to check token status within set interval */
-+ PZ_Lock(slot->isPresentLock);
- if (within_token_delay_period(slot)) {
-- return ((slot->ckFlags & CKF_TOKEN_PRESENT) != 0);
-+ CK_FLAGS ckFlags = slot->ckFlags;
-+ PZ_Unlock(slot->isPresentLock);
-+ return ((ckFlags & CKF_TOKEN_PRESENT) != 0);
- }
-+ PZ_Unlock(slot->isPresentLock);
-
-- /* First obtain the slot info */
-+ /* First obtain the slot epv before we set up the condition
-+ * variable, so we can just return if we couldn't get it. */
- epv = slot->epv;
- if (!epv) {
- return PR_FALSE;
- }
-+
-+ /* set up condition so only one thread is active in this part of the code at a time */
-+ PZ_Lock(slot->isPresentLock);
-+ while (slot->inIsPresent) {
-+ PR_WaitCondVar(slot->isPresentCondition, 0);
-+ }
-+ /* if we were one of multiple threads here, the first thread will have
-+ * given us the answer, no need to make more queries of the token. */
-+ if (within_token_delay_period(slot)) {
-+ CK_FLAGS ckFlags = slot->ckFlags;
-+ PZ_Unlock(slot->isPresentLock);
-+ return ((ckFlags & CKF_TOKEN_PRESENT) != 0);
-+ }
-+ /* this is the winning thread, block all others until we've determined
-+ * if the token is present and that it needs initialization. */
-+ slot->inIsPresent = PR_TRUE;
-+ PZ_Unlock(slot->isPresentLock);
-+
- nssSlot_EnterMonitor(slot);
- ckrv = CKAPI(epv)->C_GetSlotInfo(slot->slotID, &slotInfo);
- nssSlot_ExitMonitor(slot);
- if (ckrv != CKR_OK) {
- slot->token->base.name[0] = 0; /* XXX */
-- slot->lastTokenPing = PR_IntervalNow();
-- return PR_FALSE;
-+ isPresent = PR_FALSE;
-+ goto done;
- }
- slot->ckFlags = slotInfo.flags;
- /* check for the presence of the token */
- if ((slot->ckFlags & CKF_TOKEN_PRESENT) == 0) {
- if (!slot->token) {
- /* token was never present */
-- slot->lastTokenPing = PR_IntervalNow();
-- return PR_FALSE;
-+ isPresent = PR_FALSE;
-+ goto done;
- }
- session = nssToken_GetDefaultSession(slot->token);
- if (session) {
-@@ -167,15 +195,15 @@ nssSlot_IsTokenPresent(
- slot->token->base.name[0] = 0; /* XXX */
- /* clear the token cache */
- nssToken_Remove(slot->token);
-- slot->lastTokenPing = PR_IntervalNow();
-- return PR_FALSE;
-+ isPresent = PR_FALSE;
-+ goto done;
- }
- /* token is present, use the session info to determine if the card
- * has been removed and reinserted.
- */
- session = nssToken_GetDefaultSession(slot->token);
- if (session) {
-- PRBool isPresent = PR_FALSE;
-+ PRBool tokenRemoved;
- nssSession_EnterMonitor(session);
- if (session->handle != CK_INVALID_SESSION) {
- CK_SESSION_INFO sessionInfo;
-@@ -187,12 +215,12 @@ nssSlot_IsTokenPresent(
- session->handle = CK_INVALID_SESSION;
- }
- }
-- isPresent = session->handle != CK_INVALID_SESSION;
-+ tokenRemoved = (session->handle == CK_INVALID_SESSION);
- nssSession_ExitMonitor(session);
- /* token not removed, finished */
-- if (isPresent) {
-- slot->lastTokenPing = PR_IntervalNow();
-- return PR_TRUE;
-+ if (!tokenRemoved) {
-+ isPresent = PR_TRUE;
-+ goto done;
- }
- }
- /* the token has been removed, and reinserted, or the slot contains
-@@ -203,15 +231,27 @@ nssSlot_IsTokenPresent(
- nssToken_Remove(slot->token);
- /* token has been removed, need to refresh with new session */
- nssrv = nssSlot_Refresh(slot);
-+ isPresent = PR_TRUE;
- if (nssrv != PR_SUCCESS) {
- slot->token->base.name[0] = 0; /* XXX */
- slot->ckFlags &= ~CKF_TOKEN_PRESENT;
-- /* TODO: insert a barrier here to avoid reordering of the assingments */
-- slot->lastTokenPing = PR_IntervalNow();
-- return PR_FALSE;
-+ isPresent = PR_FALSE;
- }
-+done:
-+ /* Once we've set up the condition variable,
-+ * Before returning, it's necessary to:
-+ * 1) Set the lastTokenPing time so that any other threads waiting on this
-+ * initialization and any future calls within the initialization window
-+ * return the just-computed status.
-+ * 2) Indicate we're complete, waking up all other threads that may still
-+ * be waiting on initialization can progress.
-+ */
-+ PZ_Lock(slot->isPresentLock);
- slot->lastTokenPing = PR_IntervalNow();
-- return PR_TRUE;
-+ slot->inIsPresent = PR_FALSE;
-+ PR_NotifyAllCondVar(slot->isPresentCondition);
-+ PZ_Unlock(slot->isPresentLock);
-+ return isPresent;
- }
-
- NSS_IMPLEMENT void *
-@@ -229,7 +269,7 @@ nssSlot_GetToken(
-
- if (nssSlot_IsTokenPresent(slot)) {
- /* Even if a token should be present, check `slot->token` too as it
-- * might be gone already. This would happen mostly on shutdown. */
-+ * might be gone already. This would happen mostly on shutdown. */
- nssSlot_EnterMonitor(slot);
- if (slot->token)
- rvToken = nssToken_AddRef(slot->token);
-diff --git a/lib/dev/devt.h b/lib/dev/devt.h
---- a/lib/dev/devt.h
-+++ b/lib/dev/devt.h
-@@ -81,6 +81,9 @@ struct NSSSlotStr {
- PZLock *lock;
- void *epv;
- PK11SlotInfo *pk11slot;
-+ PZLock *isPresentLock;
-+ PRCondVar *isPresentCondition;
-+ PRBool inIsPresent;
- };
-
- struct nssSessionStr {
-diff --git a/lib/pk11wrap/dev3hack.c b/lib/pk11wrap/dev3hack.c
---- a/lib/pk11wrap/dev3hack.c
-+++ b/lib/pk11wrap/dev3hack.c
-@@ -120,6 +120,9 @@ nssSlot_CreateFromPK11SlotInfo(NSSTrustD
- /* Grab the slot name from the PKCS#11 fixed-length buffer */
- rvSlot->base.name = nssUTF8_Duplicate(nss3slot->slot_name, td->arena);
- rvSlot->lock = (nss3slot->isThreadSafe) ? NULL : nss3slot->sessionLock;
-+ rvSlot->isPresentLock = PZ_NewLock(nssiLockOther);
-+ rvSlot->isPresentCondition = PR_NewCondVar(rvSlot->isPresentLock);
-+ rvSlot->inIsPresent = PR_FALSE;
- return rvSlot;
- }
-
diff --git a/SOURCES/nss-lockcert-api-change.patch b/SOURCES/nss-lockcert-api-change.patch
new file mode 100644
index 0000000..0eba9a4
--- /dev/null
+++ b/SOURCES/nss-lockcert-api-change.patch
@@ -0,0 +1,68 @@
+# HG changeset patch
+# User Franziskus Kiefer <franziskuskiefer@gmail.com>
+# Date 1486546862 -3600
+# Wed Feb 08 10:41:02 2017 +0100
+# Node ID 896e3eb3a79933a51886949c7adb67ef37b721c0
+# Parent a8d77070526320ad0edc7ba164ce97f10c4f7d94
+Bug 1278965 - tsan race in CERTCertificate, r=wtc,ttaubert
+
+diff --git a/lib/certdb/cert.h b/lib/certdb/cert.h
+--- a/lib/certdb/cert.h
++++ b/lib/certdb/cert.h
+@@ -1405,24 +1405,11 @@ void CERT_SetStatusConfig(CERTCertDBHand
+ void CERT_LockCertRefCount(CERTCertificate *cert);
+
+ /*
+- * Free the cert reference count lock
++ * Release the cert reference count lock
+ */
+ void CERT_UnlockCertRefCount(CERTCertificate *cert);
+
+ /*
+- * Acquire the cert trust lock
+- * There is currently one global lock for all certs, but I'm putting a cert
+- * arg here so that it will be easy to make it per-cert in the future if
+- * that turns out to be necessary.
+- */
+-void CERT_LockCertTrust(const CERTCertificate *cert);
+-
+-/*
+- * Free the cert trust lock
+- */
+-void CERT_UnlockCertTrust(const CERTCertificate *cert);
+-
+-/*
+ * Digest the cert's subject public key using the specified algorithm.
+ * NOTE: this digests the value of the BIT STRING subjectPublicKey (excluding
+ * the tag, length, and number of unused bits) rather than the whole
+diff --git a/lib/certdb/certi.h b/lib/certdb/certi.h
+--- a/lib/certdb/certi.h
++++ b/lib/certdb/certi.h
+@@ -378,14 +378,27 @@ PRUint32 cert_CountDNSPatterns(CERTGener
+ SECStatus cert_CheckLeafTrust(CERTCertificate* cert, SECCertUsage usage,
+ unsigned int* failedFlags, PRBool* isTrusted);
+
+ /*
+ * Acquire the cert temp/perm lock
+ */
+ void CERT_LockCertTempPerm(const CERTCertificate* cert);
+
+ /*
+ * Release the temp/perm lock
+ */
+ void CERT_UnlockCertTempPerm(const CERTCertificate* cert);
+
++/*
++ * Acquire the cert trust lock
++ * There is currently one global lock for all certs, but I'm putting a cert
++ * arg here so that it will be easy to make it per-cert in the future if
++ * that turns out to be necessary.
++ */
++void CERT_LockCertTrust(const CERTCertificate* cert);
++
++/*
++ * Release the cert trust lock
++ */
++void CERT_UnlockCertTrust(const CERTCertificate* cert);
++
+ #endif /* _CERTI_H_ */
diff --git a/SOURCES/nss-modutil-skip-changepw-fips.patch b/SOURCES/nss-modutil-skip-changepw-fips.patch
new file mode 100644
index 0000000..9ed2983
--- /dev/null
+++ b/SOURCES/nss-modutil-skip-changepw-fips.patch
@@ -0,0 +1,22 @@
+# HG changeset patch
+# User Daiki Ueno <dueno@redhat.com>
+# Date 1523546409 -7200
+# Thu Apr 12 17:20:09 2018 +0200
+# Node ID 919e116728f29263c17ec31716ac2bd04c10e9ca
+# Parent 2eefd697d661efb82a77c84d893e6fbceefdf458
+Bug 1453408, modutil -changepw fails in FIPS mode if password is an empty string
+
+diff --git a/cmd/modutil/pk11.c b/cmd/modutil/pk11.c
+--- a/cmd/modutil/pk11.c
++++ b/cmd/modutil/pk11.c
+@@ -764,6 +764,10 @@ ChangePW(char *tokenName, char *pwFile,
+ ret = CHANGEPW_FAILED_ERR;
+ goto loser;
+ }
++ } else if (PK11_IsFIPS() && *newpw == '\0' && PK11_CheckUserPassword(slot, newpw) == SECSuccess) {
++ /* Workaround to suppress harmless error in FIPS mode:
++ * When explicitly setting empty password while the old
++ * password is also empty, skip */
+ } else {
+ if (PK11_ChangePW(slot, oldpw, newpw) != SECSuccess) {
+ PR_fprintf(PR_STDERR, errStrings[CHANGEPW_FAILED_ERR], tokenName);
diff --git a/SOURCES/nss-modutil-suppress-password.patch b/SOURCES/nss-modutil-suppress-password.patch
deleted file mode 100644
index 160f995..0000000
--- a/SOURCES/nss-modutil-suppress-password.patch
+++ /dev/null
@@ -1,20 +0,0 @@
-# HG changeset patch
-# User Daiki Ueno <dueno@redhat.com>
-# Date 1510244757 -3600
-# Thu Nov 09 17:25:57 2017 +0100
-# Node ID 523734e69b5cdd7c2c9047e705e858da352a3b24
-# Parent 54be8a4501d454b2b7454e4a44ea013738e0b693
-Bug 1415847, modutil: Suppress unnecessary password prompt, r=kaie
-
-diff --git a/cmd/modutil/pk11.c b/cmd/modutil/pk11.c
---- a/cmd/modutil/pk11.c
-+++ b/cmd/modutil/pk11.c
-@@ -728,7 +728,7 @@ ChangePW(char *tokenName, char *pwFile,
- ret = BAD_PW_ERR;
- goto loser;
- }
-- } else {
-+ } else if (PK11_NeedLogin(slot)) {
- for (matching = PR_FALSE; !matching;) {
- oldpw = SECU_GetPasswordString(NULL, "Enter old password: ");
- if (PK11_CheckUserPassword(slot, oldpw) == SECSuccess) {
diff --git a/SOURCES/nss-pk12util-faulty-aes.patch b/SOURCES/nss-pk12util-faulty-aes.patch
deleted file mode 100644
index c6d22cc..0000000
--- a/SOURCES/nss-pk12util-faulty-aes.patch
+++ /dev/null
@@ -1,43 +0,0 @@
-From 0615bf4ad6c7e07cc1b7dee4bded01fe8974ad0b Mon Sep 17 00:00:00 2001
-From: Daiki Ueno <dueno@redhat.com>
-Date: Wed, 27 Sep 2017 11:11:10 +0200
-Subject: [PATCH] pk11wrap: Add backward compatibility with faulty PBES2 AES
- schemes
-
----
- lib/pk11wrap/pk11pbe.c | 19 ++++++++++++++++++-
- 1 file changed, 18 insertions(+), 1 deletion(-)
-
-diff --git a/lib/pk11wrap/pk11pbe.c b/lib/pk11wrap/pk11pbe.c
-index bea9333f6..5f68f399e 100644
---- a/lib/pk11wrap/pk11pbe.c
-+++ b/lib/pk11wrap/pk11pbe.c
-@@ -367,7 +367,24 @@ sec_pkcs5v2_key_length(SECAlgorithmID *algid, SECAlgorithmID *cipherAlgId)
- cipherAlg = SECOID_GetAlgorithmTag(cipherAlgId);
-
- if (sec_pkcs5_is_algorithm_v2_aes_algorithm(cipherAlg)) {
-- length = sec_pkcs5v2_aes_key_length(cipherAlg);
-+ /* Previously, the PKCS#12 files created with the old NSS
-+ * releases encoded the maximum key size of AES (that is 32)
-+ * in the keyLength field of PBKDF2-params. That resulted in
-+ * always performing AES-256 even if AES-128-CBC or
-+ * AES-192-CBC is specified in the encryptionScheme field of
-+ * PBES2-params. This is wrong, but for compatibility reasons,
-+ * check the keyLength field and use the value if it is 32.
-+ */
-+ if (p5_param.keyLength.data != NULL) {
-+ length = DER_GetInteger(&p5_param.keyLength);
-+ }
-+ /* If the keyLength field is present and contains a value
-+ * other than 32, that means the file is created outside of
-+ * NSS, which we don't care about. Note that the following
-+ * also handles the case when the field is absent. */
-+ if (length != 32) {
-+ length = sec_pkcs5v2_aes_key_length(cipherAlg);
-+ }
- } else if (p5_param.keyLength.data != NULL) {
- length = DER_GetInteger(&p5_param.keyLength);
- } else {
---
-2.13.5
-
diff --git a/SOURCES/nss-pkcs12-iterations-limit.patch b/SOURCES/nss-pkcs12-iterations-limit.patch
new file mode 100644
index 0000000..8b035b8
--- /dev/null
+++ b/SOURCES/nss-pkcs12-iterations-limit.patch
@@ -0,0 +1,24 @@
+# HG changeset patch
+# User J.C. Jones <jjones@mozilla.com>
+# Date 1521824312 25200
+# Fri Mar 23 09:58:32 2018 -0700
+# Branch NSS_3_36_BRANCH
+# Node ID ba3f1cc8a8e644ee6f8a763624d97e987816304d
+# Parent 2355c9e3bba477c947a09a2fe8b1ed8971fab1cb
+Bug 1278071 - Limit iterations for PKCS #12 export for Windows r=kaie
+
+Per Bug 1436873, Windows is limited on importing PKCS12 files of 600k rounds
+or less. So for compatibility's sake, let's limit there, too.
+
+diff --git a/lib/pkcs7/p7create.c b/lib/pkcs7/p7create.c
+--- a/lib/pkcs7/p7create.c
++++ b/lib/pkcs7/p7create.c
+@@ -22,7 +22,7 @@ const int NSS_PBE_DEFAULT_ITERATION_COUN
+ #ifdef DEBUG
+ 10000
+ #else
+- 1000000
++ 600000
+ #endif
+ ;
+
diff --git a/SOURCES/nss-pss-fixes.patch b/SOURCES/nss-pss-fixes.patch
deleted file mode 100644
index 964e792..0000000
--- a/SOURCES/nss-pss-fixes.patch
+++ /dev/null
@@ -1,649 +0,0 @@
-# HG changeset patch
-# User Daiki Ueno <dueno@redhat.com>
-# Date 1510136005 -3600
-# Wed Nov 08 11:13:25 2017 +0100
-# Node ID 6da6e699fa02bbf1763acba4176f994c6a5ddf62
-# Parent d515199921dd703087f7e0e03eb71058a015934d
-Bug 1415171, Fix handling of default RSA-PSS parameters, r=mt
-
-Reviewers: mt, rrelyea
-
-Reviewed By: mt
-
-Bug #: 1415171
-
-Differential Revision: https://phabricator.services.mozilla.com/D202
-
-diff --git a/cmd/lib/secutil.c b/cmd/lib/secutil.c
---- a/cmd/lib/secutil.c
-+++ b/cmd/lib/secutil.c
-@@ -1192,7 +1192,7 @@ secu_PrintRSAPSSParams(FILE *out, SECIte
- SECU_Indent(out, level + 1);
- fprintf(out, "Salt length: default, %i (0x%2X)\n", 20, 20);
- } else {
-- SECU_PrintInteger(out, ¶m.saltLength, "Salt Length", level + 1);
-+ SECU_PrintInteger(out, ¶m.saltLength, "Salt length", level + 1);
- }
- } else {
- SECU_Indent(out, level + 1);
-diff --git a/lib/cryptohi/seckey.c b/lib/cryptohi/seckey.c
---- a/lib/cryptohi/seckey.c
-+++ b/lib/cryptohi/seckey.c
-@@ -2056,9 +2056,13 @@ sec_RSAPSSParamsToMechanism(CK_RSA_PKCS_
- mech->mgf = CKG_MGF1_SHA1; /* default, MGF1 with SHA-1 */
- }
-
-- rv = SEC_ASN1DecodeInteger((SECItem *)¶ms->saltLength, &saltLength);
-- if (rv != SECSuccess) {
-- return rv;
-+ if (params->saltLength.data) {
-+ rv = SEC_ASN1DecodeInteger((SECItem *)¶ms->saltLength, &saltLength);
-+ if (rv != SECSuccess) {
-+ return rv;
-+ }
-+ } else {
-+ saltLength = 20; /* default, 20 */
- }
- mech->sLen = saltLength;
-
-diff --git a/lib/cryptohi/secsign.c b/lib/cryptohi/secsign.c
---- a/lib/cryptohi/secsign.c
-+++ b/lib/cryptohi/secsign.c
-@@ -610,6 +610,7 @@ sec_CreateRSAPSSParameters(PLArenaPool *
- SECKEYRSAPSSParams pssParams;
- int modBytes, hashLength;
- unsigned long saltLength;
-+ PRBool defaultSHA1 = PR_FALSE;
- SECStatus rv;
-
- if (key->keyType != rsaKey && key->keyType != rsaPssKey) {
-@@ -631,6 +632,7 @@ sec_CreateRSAPSSParameters(PLArenaPool *
- if (rv != SECSuccess) {
- return NULL;
- }
-+ defaultSHA1 = PR_TRUE;
- }
-
- if (pssParams.trailerField.data) {
-@@ -652,15 +654,23 @@ sec_CreateRSAPSSParameters(PLArenaPool *
- /* Determine the hash algorithm to use, based on hashAlgTag and
- * pssParams.hashAlg; there are four cases */
- if (hashAlgTag != SEC_OID_UNKNOWN) {
-+ SECOidTag tag = SEC_OID_UNKNOWN;
-+
- if (pssParams.hashAlg) {
-- if (SECOID_GetAlgorithmTag(pssParams.hashAlg) != hashAlgTag) {
-- PORT_SetError(SEC_ERROR_INVALID_ARGS);
-- return NULL;
-- }
-+ tag = SECOID_GetAlgorithmTag(pssParams.hashAlg);
-+ } else if (defaultSHA1) {
-+ tag = SEC_OID_SHA1;
-+ }
-+
-+ if (tag != SEC_OID_UNKNOWN && tag != hashAlgTag) {
-+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
-+ return NULL;
- }
- } else if (hashAlgTag == SEC_OID_UNKNOWN) {
- if (pssParams.hashAlg) {
- hashAlgTag = SECOID_GetAlgorithmTag(pssParams.hashAlg);
-+ } else if (defaultSHA1) {
-+ hashAlgTag = SEC_OID_SHA1;
- } else {
- /* Find a suitable hash algorithm based on the NIST recommendation */
- if (modBytes <= 384) { /* 128, in NIST 800-57, Part 1 */
-@@ -709,6 +719,11 @@ sec_CreateRSAPSSParameters(PLArenaPool *
- PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
- return NULL;
- }
-+ } else if (defaultSHA1) {
-+ if (hashAlgTag != SEC_OID_SHA1) {
-+ PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
-+ return NULL;
-+ }
- }
-
- hashLength = HASH_ResultLenByOidTag(hashAlgTag);
-@@ -725,6 +740,8 @@ sec_CreateRSAPSSParameters(PLArenaPool *
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return NULL;
- }
-+ } else if (defaultSHA1) {
-+ saltLength = 20;
- }
-
- /* Fill in the parameters */
-diff --git a/tests/cert/cert.sh b/tests/cert/cert.sh
---- a/tests/cert/cert.sh
-+++ b/tests/cert/cert.sh
-@@ -516,6 +516,9 @@ cert_all_CA()
- cert_rsa_pss_CA $CADIR TestCA-rsa-pss -x "CTu,CTu,CTu" ${D_CA} "1" SHA256
- rm $CLIENT_CADIR/rsapssroot.cert $SERVER_CADIR/rsapssroot.cert
-
-+ ALL_CU_SUBJECT="CN=NSS Test CA (RSA-PSS-SHA1), O=BOGUS NSS, L=Mountain View, ST=California, C=US"
-+ cert_rsa_pss_CA $CADIR TestCA-rsa-pss-sha1 -x "CTu,CTu,CTu" ${D_CA} "1" SHA1
-+ rm $CLIENT_CADIR/rsapssroot.cert $SERVER_CADIR/rsapssroot.cert
-
- #
- # Create EC version of TestCA
-@@ -2054,7 +2057,7 @@ check_sign_algo()
- {
- certu -L -n "$CERTNAME" -d "${PROFILEDIR}" -f "${R_PWFILE}" | \
- sed -n '/^ *Data:/,/^$/{
--/^ Signature Algorithm/,/^ *Salt Length/s/^ //p
-+/^ Signature Algorithm/,/^ *Salt length/s/^ //p
- }' > ${TMP}/signalgo.txt
-
- diff ${TMP}/signalgo.exp ${TMP}/signalgo.txt
-@@ -2088,6 +2091,12 @@ cert_test_rsapss()
- CU_ACTION="Verify RSA-PSS CA Cert"
- certu -V -u L -e -n "TestCA-rsa-pss" -d "${PROFILEDIR}" -f "${R_PWFILE}"
-
-+ CU_ACTION="Import RSA-PSS CA Cert (SHA1)"
-+ certu -A -n "TestCA-rsa-pss-sha1" -t "C,," -d "${PROFILEDIR}" -f "${R_PWFILE}" \
-+ -i "${R_CADIR}/TestCA-rsa-pss-sha1.ca.cert" 2>&1
-+
-+ CERTSERIAL=200
-+
- # Subject certificate: RSA
- # Issuer certificate: RSA
- # Signature: RSA-PSS (explicit, with --pss-sign)
-@@ -2098,7 +2107,7 @@ cert_test_rsapss()
- certu -R -d "${PROFILEDIR}" -f "${R_PWFILE}" -z "${R_NOISE_FILE}" -o req 2>&1
-
- CU_ACTION="Sign ${CERTNAME}'s Request"
-- certu -C -c "TestCA" --pss-sign -m 200 -v 60 -d "${P_R_CADIR}" \
-+ certu -C -c "TestCA" --pss-sign -m "${CERTSERIAL}" -v 60 -d "${P_R_CADIR}" \
- -i req -o "${CERTNAME}.cert" -f "${R_PWFILE}" "$1" 2>&1
-
- CU_ACTION="Import $CERTNAME's Cert"
-@@ -2113,10 +2122,12 @@ Signature Algorithm: PKCS #1 RSA-PSS Sig
- Hash algorithm: SHA-256
- Mask algorithm: PKCS #1 MGF1 Mask Generation Function
- Mask hash algorithm: SHA-256
-- Salt Length: 32 (0x20)
-+ Salt length: 32 (0x20)
- EOF
- check_sign_algo
-
-+ CERTSERIAL=`expr $CERTSERIAL + 1`
-+
- # Subject certificate: RSA
- # Issuer certificate: RSA
- # Signature: RSA-PSS (explict, with --pss-sign -Z SHA512)
-@@ -2127,7 +2138,7 @@ EOF
- certu -R -d "${PROFILEDIR}" -f "${R_PWFILE}" -z "${R_NOISE_FILE}" -o req 2>&1
-
- CU_ACTION="Sign ${CERTNAME}'s Request"
-- certu -C -c "TestCA" --pss-sign -Z SHA512 -m 201 -v 60 -d "${P_R_CADIR}" \
-+ certu -C -c "TestCA" --pss-sign -Z SHA512 -m "${CERTSERIAL}" -v 60 -d "${P_R_CADIR}" \
- -i req -o "${CERTNAME}.cert" -f "${R_PWFILE}" "$1" 2>&1
-
- CU_ACTION="Import $CERTNAME's Cert"
-@@ -2142,10 +2153,12 @@ Signature Algorithm: PKCS #1 RSA-PSS Sig
- Hash algorithm: SHA-512
- Mask algorithm: PKCS #1 MGF1 Mask Generation Function
- Mask hash algorithm: SHA-512
-- Salt Length: 64 (0x40)
-+ Salt length: 64 (0x40)
- EOF
- check_sign_algo
-
-+ CERTSERIAL=`expr $CERTSERIAL + 1`
-+
- # Subject certificate: RSA
- # Issuer certificate: RSA-PSS
- # Signature: RSA-PSS
-@@ -2156,7 +2169,69 @@ EOF
- certu -R -d "${PROFILEDIR}" -f "${R_PWFILE}" -z "${R_NOISE_FILE}" -o req 2>&1
-
- CU_ACTION="Sign ${CERTNAME}'s Request"
-- certu -C -c "TestCA-rsa-pss" -m 202 -v 60 -d "${P_R_CADIR}" \
-+ certu -C -c "TestCA-rsa-pss" -m "${CERTSERIAL}" -v 60 -d "${P_R_CADIR}" \
-+ -i req -o "${CERTNAME}.cert" -f "${R_PWFILE}" "$1" 2>&1
-+
-+ CU_ACTION="Import $CERTNAME's Cert"
-+ certu -A -n "$CERTNAME" -t ",," -d "${PROFILEDIR}" -f "${R_PWFILE}" \
-+ -i "${CERTNAME}.cert" 2>&1
-+
-+ CU_ACTION="Verify $CERTNAME's Cert"
-+ certu -V -u V -e -n "$CERTNAME" -d "${PROFILEDIR}" -f "${R_PWFILE}"
-+ cat > ${TMP}/signalgo.exp <<EOF
-+Signature Algorithm: PKCS #1 RSA-PSS Signature
-+ Parameters:
-+ Hash algorithm: SHA-256
-+ Mask algorithm: PKCS #1 MGF1 Mask Generation Function
-+ Mask hash algorithm: SHA-256
-+ Salt length: 32 (0x20)
-+EOF
-+ check_sign_algo
-+
-+ CERTSERIAL=`expr $CERTSERIAL + 1`
-+
-+ # Subject certificate: RSA-PSS
-+ # Issuer certificate: RSA
-+ # Signature: RSA-PSS (explicit, with --pss-sign)
-+ CERTNAME="TestUser-rsa-pss4"
-+
-+ CU_ACTION="Generate Cert Request for $CERTNAME"
-+ CU_SUBJECT="CN=$CERTNAME, E=${CERTNAME}@bogus.com, O=BOGUS NSS, L=Mountain View, ST=California, C=US"
-+ certu -R -d "${PROFILEDIR}" -f "${R_PWFILE}" -z "${R_NOISE_FILE}" --pss -o req 2>&1
-+
-+ CU_ACTION="Sign ${CERTNAME}'s Request"
-+ certu -C -c "TestCA" --pss-sign -m "${CERTSERIAL}" -v 60 -d "${P_R_CADIR}" \
-+ -i req -o "${CERTNAME}.cert" -f "${R_PWFILE}" "$1" 2>&1
-+
-+ CU_ACTION="Import $CERTNAME's Cert"
-+ certu -A -n "$CERTNAME" -t ",," -d "${PROFILEDIR}" -f "${R_PWFILE}" \
-+ -i "${CERTNAME}.cert" 2>&1
-+
-+ CU_ACTION="Verify $CERTNAME's Cert"
-+ certu -V -u V -e -n "$CERTNAME" -d "${PROFILEDIR}" -f "${R_PWFILE}"
-+ cat > ${TMP}/signalgo.exp <<EOF
-+Signature Algorithm: PKCS #1 RSA-PSS Signature
-+ Parameters:
-+ Hash algorithm: SHA-256
-+ Mask algorithm: PKCS #1 MGF1 Mask Generation Function
-+ Mask hash algorithm: SHA-256
-+ Salt length: 32 (0x20)
-+EOF
-+ check_sign_algo
-+
-+ CERTSERIAL=`expr $CERTSERIAL + 1`
-+
-+ # Subject certificate: RSA-PSS
-+ # Issuer certificate: RSA-PSS
-+ # Signature: RSA-PSS (explicit, with --pss-sign)
-+ CERTNAME="TestUser-rsa-pss5"
-+
-+ CU_ACTION="Generate Cert Request for $CERTNAME"
-+ CU_SUBJECT="CN=$CERTNAME, E=${CERTNAME}@bogus.com, O=BOGUS NSS, L=Mountain View, ST=California, C=US"
-+ certu -R -d "${PROFILEDIR}" -f "${R_PWFILE}" -z "${R_NOISE_FILE}" --pss -o req 2>&1
-+
-+ CU_ACTION="Sign ${CERTNAME}'s Request"
-+ certu -C -c "TestCA-rsa-pss" --pss-sign -m "${CERTSERIAL}" -v 60 -d "${P_R_CADIR}" \
- -i req -o "${CERTNAME}.cert" -f "${R_PWFILE}" "$1" 2>&1
-
- CU_ACTION="Import $CERTNAME's Cert"
-@@ -2171,21 +2246,24 @@ Signature Algorithm: PKCS #1 RSA-PSS Sig
- Hash algorithm: SHA-256
- Mask algorithm: PKCS #1 MGF1 Mask Generation Function
- Mask hash algorithm: SHA-256
-- Salt Length: 32 (0x20)
-+ Salt length: 32 (0x20)
- EOF
- check_sign_algo
-
-+ CERTSERIAL=`expr $CERTSERIAL + 1`
-+
- # Subject certificate: RSA-PSS
-- # Issuer certificate: RSA
-- # Signature: RSA-PSS (explicit, with --pss-sign)
-- CERTNAME="TestUser-rsa-pss4"
-+ # Issuer certificate: RSA-PSS
-+ # Signature: RSA-PSS (implicit, without --pss-sign)
-+ CERTNAME="TestUser-rsa-pss6"
-
- CU_ACTION="Generate Cert Request for $CERTNAME"
- CU_SUBJECT="CN=$CERTNAME, E=${CERTNAME}@bogus.com, O=BOGUS NSS, L=Mountain View, ST=California, C=US"
- certu -R -d "${PROFILEDIR}" -f "${R_PWFILE}" -z "${R_NOISE_FILE}" --pss -o req 2>&1
-
- CU_ACTION="Sign ${CERTNAME}'s Request"
-- certu -C -c "TestCA" --pss-sign -m 203 -v 60 -d "${P_R_CADIR}" \
-+ # Sign without --pss-sign nor -Z option
-+ certu -C -c "TestCA-rsa-pss" -m "${CERTSERIAL}" -v 60 -d "${P_R_CADIR}" \
- -i req -o "${CERTNAME}.cert" -f "${R_PWFILE}" "$1" 2>&1
-
- CU_ACTION="Import $CERTNAME's Cert"
-@@ -2200,21 +2278,40 @@ Signature Algorithm: PKCS #1 RSA-PSS Sig
- Hash algorithm: SHA-256
- Mask algorithm: PKCS #1 MGF1 Mask Generation Function
- Mask hash algorithm: SHA-256
-- Salt Length: 32 (0x20)
-+ Salt length: 32 (0x20)
- EOF
- check_sign_algo
-
-+ CERTSERIAL=`expr $CERTSERIAL + 1`
-+
- # Subject certificate: RSA-PSS
- # Issuer certificate: RSA-PSS
-- # Signature: RSA-PSS (explicit, with --pss-sign)
-- CERTNAME="TestUser-rsa-pss5"
-+ # Signature: RSA-PSS (with conflicting hash algorithm)
-+ CERTNAME="TestUser-rsa-pss7"
-
- CU_ACTION="Generate Cert Request for $CERTNAME"
- CU_SUBJECT="CN=$CERTNAME, E=${CERTNAME}@bogus.com, O=BOGUS NSS, L=Mountain View, ST=California, C=US"
- certu -R -d "${PROFILEDIR}" -f "${R_PWFILE}" -z "${R_NOISE_FILE}" --pss -o req 2>&1
-
- CU_ACTION="Sign ${CERTNAME}'s Request"
-- certu -C -c "TestCA-rsa-pss" --pss-sign -m 204 -v 60 -d "${P_R_CADIR}" \
-+ RETEXPECTED=255
-+ certu -C -c "TestCA-rsa-pss" --pss-sign -Z SHA512 -m "${CERTSERIAL}" -v 60 -d "${P_R_CADIR}" \
-+ -i req -o "${CERTNAME}.cert" -f "${R_PWFILE}" "$1" 2>&1
-+ RETEXPECTED=0
-+
-+ CERTSERIAL=`expr $CERTSERIAL + 1`
-+
-+ # Subject certificate: RSA-PSS
-+ # Issuer certificate: RSA-PSS
-+ # Signature: RSA-PSS (with compatible hash algorithm)
-+ CERTNAME="TestUser-rsa-pss8"
-+
-+ CU_ACTION="Generate Cert Request for $CERTNAME"
-+ CU_SUBJECT="CN=$CERTNAME, E=${CERTNAME}@bogus.com, O=BOGUS NSS, L=Mountain View, ST=California, C=US"
-+ certu -R -d "${PROFILEDIR}" -f "${R_PWFILE}" -z "${R_NOISE_FILE}" --pss -o req 2>&1
-+
-+ CU_ACTION="Sign ${CERTNAME}'s Request"
-+ certu -C -c "TestCA-rsa-pss" --pss-sign -Z SHA256 -m "${CERTSERIAL}" -v 60 -d "${P_R_CADIR}" \
- -i req -o "${CERTNAME}.cert" -f "${R_PWFILE}" "$1" 2>&1
-
- CU_ACTION="Import $CERTNAME's Cert"
-@@ -2229,21 +2326,23 @@ Signature Algorithm: PKCS #1 RSA-PSS Sig
- Hash algorithm: SHA-256
- Mask algorithm: PKCS #1 MGF1 Mask Generation Function
- Mask hash algorithm: SHA-256
-- Salt Length: 32 (0x20)
-+ Salt length: 32 (0x20)
- EOF
- check_sign_algo
-
-- # Subject certificate: RSA-PSS
-- # Issuer certificate: RSA-PSS
-- # Signature: RSA-PSS (implicit, without --pss-sign)
-- CERTNAME="TestUser-rsa-pss6"
-+ CERTSERIAL=`expr $CERTSERIAL + 1`
-+
-+ # Subject certificate: RSA
-+ # Issuer certificate: RSA
-+ # Signature: RSA-PSS (explict, with --pss-sign -Z SHA1)
-+ CERTNAME="TestUser-rsa-pss9"
-
- CU_ACTION="Generate Cert Request for $CERTNAME"
- CU_SUBJECT="CN=$CERTNAME, E=${CERTNAME}@bogus.com, O=BOGUS NSS, L=Mountain View, ST=California, C=US"
-- certu -R -d "${PROFILEDIR}" -f "${R_PWFILE}" -z "${R_NOISE_FILE}" --pss -o req 2>&1
-+ certu -R -d "${PROFILEDIR}" -f "${R_PWFILE}" -z "${R_NOISE_FILE}" -o req 2>&1
-
- CU_ACTION="Sign ${CERTNAME}'s Request"
-- certu -C -c "TestCA-rsa-pss" -m 205 -v 60 -d "${P_R_CADIR}" \
-+ certu -C -c "TestCA" --pss-sign -Z SHA1 -m "${CERTSERIAL}" -v 60 -d "${P_R_CADIR}" \
- -i req -o "${CERTNAME}.cert" -f "${R_PWFILE}" "$1" 2>&1
-
- CU_ACTION="Import $CERTNAME's Cert"
-@@ -2255,39 +2354,27 @@ EOF
- cat > ${TMP}/signalgo.exp <<EOF
- Signature Algorithm: PKCS #1 RSA-PSS Signature
- Parameters:
-- Hash algorithm: SHA-256
-- Mask algorithm: PKCS #1 MGF1 Mask Generation Function
-- Mask hash algorithm: SHA-256
-- Salt Length: 32 (0x20)
-+ Hash algorithm: default, SHA-1
-+ Mask algorithm: default, MGF1
-+ Mask hash algorithm: default, SHA-1
-+ Salt length: default, 20 (0x14)
- EOF
- check_sign_algo
-
-+ CERTSERIAL=`expr $CERTSERIAL + 1`
-+
- # Subject certificate: RSA-PSS
- # Issuer certificate: RSA-PSS
-- # Signature: RSA-PSS (with conflicting hash algorithm)
-- CERTNAME="TestUser-rsa-pss7"
-+ # Signature: RSA-PSS (implicit, without --pss-sign, default parameters)
-+ CERTNAME="TestUser-rsa-pss10"
-
- CU_ACTION="Generate Cert Request for $CERTNAME"
- CU_SUBJECT="CN=$CERTNAME, E=${CERTNAME}@bogus.com, O=BOGUS NSS, L=Mountain View, ST=California, C=US"
-- certu -R -d "${PROFILEDIR}" -f "${R_PWFILE}" -z "${R_NOISE_FILE}" --pss -o req 2>&1
-+ certu -R -d "${PROFILEDIR}" -f "${R_PWFILE}" -z "${R_NOISE_FILE}" -o req 2>&1
-
- CU_ACTION="Sign ${CERTNAME}'s Request"
-- RETEXPECTED=255
-- certu -C -c "TestCA-rsa-pss" --pss-sign -Z SHA512 -m 206 -v 60 -d "${P_R_CADIR}" \
-- -i req -o "${CERTNAME}.cert" -f "${R_PWFILE}" "$1" 2>&1
-- RETEXPECTED=0
--
-- # Subject certificate: RSA-PSS
-- # Issuer certificate: RSA-PSS
-- # Signature: RSA-PSS (with compatible hash algorithm)
-- CERTNAME="TestUser-rsa-pss8"
--
-- CU_ACTION="Generate Cert Request for $CERTNAME"
-- CU_SUBJECT="CN=$CERTNAME, E=${CERTNAME}@bogus.com, O=BOGUS NSS, L=Mountain View, ST=California, C=US"
-- certu -R -d "${PROFILEDIR}" -f "${R_PWFILE}" -z "${R_NOISE_FILE}" --pss -o req 2>&1
--
-- CU_ACTION="Sign ${CERTNAME}'s Request"
-- certu -C -c "TestCA-rsa-pss" --pss-sign -Z SHA256 -m 207 -v 60 -d "${P_R_CADIR}" \
-+ # Sign without --pss-sign nor -Z option
-+ certu -C -c "TestCA-rsa-pss-sha1" -m "${CERTSERIAL}" -v 60 -d "${P_R_CADIR}" \
- -i req -o "${CERTNAME}.cert" -f "${R_PWFILE}" "$1" 2>&1
-
- CU_ACTION="Import $CERTNAME's Cert"
-@@ -2299,12 +2386,29 @@ EOF
- cat > ${TMP}/signalgo.exp <<EOF
- Signature Algorithm: PKCS #1 RSA-PSS Signature
- Parameters:
-- Hash algorithm: SHA-256
-- Mask algorithm: PKCS #1 MGF1 Mask Generation Function
-- Mask hash algorithm: SHA-256
-- Salt Length: 32 (0x20)
-+ Hash algorithm: default, SHA-1
-+ Mask algorithm: default, MGF1
-+ Mask hash algorithm: default, SHA-1
-+ Salt length: default, 20 (0x14)
- EOF
- check_sign_algo
-+
-+ CERTSERIAL=`expr $CERTSERIAL + 1`
-+
-+ # Subject certificate: RSA-PSS
-+ # Issuer certificate: RSA-PSS
-+ # Signature: RSA-PSS (with conflicting hash algorithm, default parameters)
-+ CERTNAME="TestUser-rsa-pss11"
-+
-+ CU_ACTION="Generate Cert Request for $CERTNAME"
-+ CU_SUBJECT="CN=$CERTNAME, E=${CERTNAME}@bogus.com, O=BOGUS NSS, L=Mountain View, ST=California, C=US"
-+ certu -R -d "${PROFILEDIR}" -f "${R_PWFILE}" -z "${R_NOISE_FILE}" --pss -o req 2>&1
-+
-+ CU_ACTION="Sign ${CERTNAME}'s Request"
-+ RETEXPECTED=255
-+ certu -C -c "TestCA-rsa-pss-sha1" --pss-sign -Z SHA256 -m "${CERTSERIAL}" -v 60 -d "${P_R_CADIR}" \
-+ -i req -o "${CERTNAME}.cert" -f "${R_PWFILE}" "$1" 2>&1
-+ RETEXPECTED=0
- }
-
- ############################## cert_cleanup ############################
-# HG changeset patch
-# User Daiki Ueno <dueno@redhat.com>
-# Date 1514884761 -3600
-# Tue Jan 02 10:19:21 2018 +0100
-# Node ID 5a14f42384eb22b67e0465949c03555eff41e4af
-# Parent e577b1df8dabb31466cebad07fdbe0883290bede
-Bug 1423557, cryptohi: make RSA-PSS parameter check stricter, r=mt
-
-Summary: This adds a check on unsupported hash/mask algorithms and invalid trailer field, when converting SECKEYRSAPSSParams to CK_RSA_PKCS_PSS_PARAMS for both signing and verification. It also add missing support for SHA224 as underlying hash algorithm.
-
-Reviewers: mt
-
-Reviewed By: mt
-
-Bug #: 1423557
-
-Differential Revision: https://phabricator.services.mozilla.com/D322
-
-diff --git a/lib/cryptohi/seckey.c b/lib/cryptohi/seckey.c
---- a/lib/cryptohi/seckey.c
-+++ b/lib/cryptohi/seckey.c
-@@ -1984,13 +1984,14 @@ sec_GetHashMechanismByOidTag(SECOidTag t
- return CKM_SHA384;
- case SEC_OID_SHA256:
- return CKM_SHA256;
-+ case SEC_OID_SHA224:
-+ return CKM_SHA224;
-+ case SEC_OID_SHA1:
-+ return CKM_SHA_1;
- default:
- PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
-- /* fallthrough */
-- case SEC_OID_SHA1:
-- break;
-+ return CKM_INVALID_MECHANISM;
- }
-- return CKM_SHA_1;
- }
-
- static CK_RSA_PKCS_MGF_TYPE
-@@ -2003,13 +2004,14 @@ sec_GetMgfTypeByOidTag(SECOidTag tag)
- return CKG_MGF1_SHA384;
- case SEC_OID_SHA256:
- return CKG_MGF1_SHA256;
-+ case SEC_OID_SHA224:
-+ return CKG_MGF1_SHA224;
-+ case SEC_OID_SHA1:
-+ return CKG_MGF1_SHA1;
- default:
- PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
-- /* fallthrough */
-- case SEC_OID_SHA1:
-- break;
-+ return 0;
- }
-- return CKG_MGF1_SHA1;
- }
-
- SECStatus
-@@ -2019,6 +2021,7 @@ sec_RSAPSSParamsToMechanism(CK_RSA_PKCS_
- SECStatus rv = SECSuccess;
- SECOidTag hashAlgTag;
- unsigned long saltLength;
-+ unsigned long trailerField;
-
- PORT_Memset(mech, 0, sizeof(CK_RSA_PKCS_PSS_PARAMS));
-
-@@ -2028,6 +2031,9 @@ sec_RSAPSSParamsToMechanism(CK_RSA_PKCS_
- hashAlgTag = SEC_OID_SHA1; /* default, SHA-1 */
- }
- mech->hashAlg = sec_GetHashMechanismByOidTag(hashAlgTag);
-+ if (mech->hashAlg == CKM_INVALID_MECHANISM) {
-+ return SECFailure;
-+ }
-
- if (params->maskAlg) {
- SECAlgorithmID maskHashAlg;
-@@ -2050,6 +2056,9 @@ sec_RSAPSSParamsToMechanism(CK_RSA_PKCS_
- }
- maskHashAlgTag = SECOID_GetAlgorithmTag(&maskHashAlg);
- mech->mgf = sec_GetMgfTypeByOidTag(maskHashAlgTag);
-+ if (mech->mgf == 0) {
-+ return SECFailure;
-+ }
- } else {
- mech->mgf = CKG_MGF1_SHA1; /* default, MGF1 with SHA-1 */
- }
-@@ -2064,5 +2073,18 @@ sec_RSAPSSParamsToMechanism(CK_RSA_PKCS_
- }
- mech->sLen = saltLength;
-
-+ if (params->trailerField.data) {
-+ rv = SEC_ASN1DecodeInteger((SECItem *)¶ms->trailerField, &trailerField);
-+ if (rv != SECSuccess) {
-+ return rv;
-+ }
-+ if (trailerField != 1) {
-+ /* the value must be 1, which represents the trailer field
-+ * with hexadecimal value 0xBC */
-+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
-+ return SECFailure;
-+ }
-+ }
-+
- return rv;
- }
-diff --git a/tests/cert/TestCA-bogus-rsa-pss1.crt b/tests/cert/TestCA-bogus-rsa-pss1.crt
-new file mode 100644
---- /dev/null
-+++ b/tests/cert/TestCA-bogus-rsa-pss1.crt
-@@ -0,0 +1,26 @@
-+-----BEGIN CERTIFICATE-----
-+MIIEbDCCAxqgAwIBAgIBATBHBgkqhkiG9w0BAQowOqAPMA0GCWCGSAFlAwQCAQUA
-+oRwwGgYJKoZIhvcNAQEIMA0GCWCGSAFlAwQCAQUAogMCASCjBAICEmcwgYMxCzAJ
-+BgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1Nb3VudGFp
-+biBWaWV3MRIwEAYDVQQKEwlCT0dVUyBOU1MxMzAxBgNVBAMTKk5TUyBUZXN0IENB
-+IChSU0EtUFNTIGludmFsaWQgdHJhaWxlckZpZWxkKTAgFw0xNzEyMDcxMjU3NDBa
-+GA8yMDY3MTIwNzEyNTc0MFowgYMxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxp
-+Zm9ybmlhMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRIwEAYDVQQKEwlCT0dVUyBO
-+U1MxMzAxBgNVBAMTKk5TUyBUZXN0IENBIChSU0EtUFNTIGludmFsaWQgdHJhaWxl
-+ckZpZWxkKTCCAVwwRwYJKoZIhvcNAQEKMDqgDzANBglghkgBZQMEAgEFAKEcMBoG
-+CSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgowQCAhJnA4IBDwAwggEKAoIB
-+AQDgkKJk+PoFpESak7kMQ0w147/xilUZCG7hDGG2uuGTbX8jqy9N9pxzB9sJjgJX
-+yYND0XEmrUQ2Memmy8jufhXML5DekW1tr3Gi2L3VivbIReJZfXk1xDMvNbB/Gjjo
-+SoPyu8C4hnevjgMlmqG3KdMkB+eN6PnBG64YFyki3vnLO5iTNHEBTgFYo0gTX4uK
-+xl0hLtiDL+4K5l7BwVgxZwQF6uHoHjrjjlhkzR0FwjjqR8U0pH20Pb6IlRsFMv07
-+/1GHf+jm34pKb/1ZNzAbiKxYv7YAQUWEZ7e/GSXgA6gbTpV9ueiLkVucUeXN/mXK
-+Tqb4zivi5FaSGVl8SJnqsJXJAgMBAAGjOTA3MBQGCWCGSAGG+EIBAQEB/wQEAwIC
-+BDAPBgNVHRMECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwICBDBHBgkqhkiG9w0BAQow
-+OqAPMA0GCWCGSAFlAwQCAQUAoRwwGgYJKoZIhvcNAQEIMA0GCWCGSAFlAwQCAQUA
-+ogMCASCjBAICEmcDggEBAJht9t9p/dlhJtx7ShDvUXyq8N4tCoGKdREM83K/jlW8
-+HxdHOz5PuvZx+UMlaUtqZVIriSCnRtEWkoSo0hWmcv1rp80it2G1zLfLPYdyrPba
-+nQmE1iFb69Wr9dwrX7o/CII+WHQgoIGeFGntZ8YRZTe5+JeiGAlAyZCqUKbl9lhh
-+pCpf1YYxb3VI8mAGVi0jwabWBEbInGBZYH9HP0nK7/Tflk6UY3f4h4Fbkk5D4WZA
-+hFfkebx6Wh90QGiKQhp4/N+dYira8bKvWqqn0VqwzBoJBU/RmMaJVpwqFFvcaUJh
-+uEKUPeQbqkYvj1WJYmy4ettVwi4OZU50+kCaRQhMsFA=
-+-----END CERTIFICATE-----
-diff --git a/tests/cert/TestCA-bogus-rsa-pss2.crt b/tests/cert/TestCA-bogus-rsa-pss2.crt
-new file mode 100644
---- /dev/null
-+++ b/tests/cert/TestCA-bogus-rsa-pss2.crt
-@@ -0,0 +1,24 @@
-+-----BEGIN CERTIFICATE-----
-+MIIEFzCCAs2gAwIBAgIBATA/BgkqhkiG9w0BAQowMqAOMAwGCCqGSIb3DQIFBQCh
-+GzAZBgkqhkiG9w0BAQgwDAYIKoZIhvcNAgUFAKIDAgEgMH4xCzAJBgNVBAYTAlVT
-+MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRIw
-+EAYDVQQKEwlCT0dVUyBOU1MxLjAsBgNVBAMTJU5TUyBUZXN0IENBIChSU0EtUFNT
-+IGludmFsaWQgaGFzaEFsZykwIBcNMTcxMjA3MTQwNjQ0WhgPMjA2ODAxMDcxNDA2
-+NDRaMH4xCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQH
-+Ew1Nb3VudGFpbiBWaWV3MRIwEAYDVQQKEwlCT0dVUyBOU1MxLjAsBgNVBAMTJU5T
-+UyBUZXN0IENBIChSU0EtUFNTIGludmFsaWQgaGFzaEFsZykwggEgMAsGCSqGSIb3
-+DQEBCgOCAQ8AMIIBCgKCAQEAtDXA73yTOgs8zVYNMCtuQ9a07UgbfeQbjHp3pkF6
-+7rsC/Q28mrLh+zLkht5e7qU/Qf/8a2ZkcYhPOBAjCzjgIXOdE2lsWvdVujOJLR0x
-+Fesd3hDLRmL6f6momc+j1/Tw3bKyZinaeJ9BFRv9c94SayB3QUe+6+TNJKASwlhj
-+sx6mUsND+h3DkuL77gi7hIUpUXfFSwa+zM69VLhIu+/WRZfG8gfKkCAIGUC3WYJa
-+eU1HgQKfVSXW0ok4ototXWEe9ohU+Z1tO9LJStcY8mMpig7EU9zbpObhG46Sykfu
-+aKsubB9J+gFgwP5Tb85tRYT6SbHeHR6U/N8GBrKdRcomWwIDAQABozwwOjAUBglg
-+hkgBhvhCAQEBAf8EBAMCAgQwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8E
-+BAMCAgQwPwYJKoZIhvcNAQEKMDKgDjAMBggqhkiG9w0CBQUAoRswGQYJKoZIhvcN
-+AQEIMAwGCCqGSIb3DQIFBQCiAwIBIAOCAQEAjeemeTxh2xrMUJ6Z5Yn2nH2FbcPY
-+fTHJcdfXjfNBkrMl5pe2/lk0JyNuACTuTYFCxdWNRL1coN//h9DSUbF3dpF1ex6D
-+difo+6PwxkO2aPVGPYw4DSivt4SFbn5dKGgVqBQfnmNK7p/iT91AcErg/grRrNL+
-+4jeT0UiRjQYeX9xKJArv+ocIidNpQL3QYxXuBLZxVC92Af69ol7WG8QBRLnFi1p2
-+g6q8hOHqOfB29qnsSo3PkI1yuShOl50tRLbNgyotEfZdk1N3oXvapoBsm/jlcdCT
-+0aKelCSQYYAfyl5PKCpa1lgBm7zfcHSDStMhEEFu/fbnJhqO9g9znj3STQ==
-+-----END CERTIFICATE-----
-diff --git a/tests/cert/cert.sh b/tests/cert/cert.sh
---- a/tests/cert/cert.sh
-+++ b/tests/cert/cert.sh
-@@ -2095,6 +2095,20 @@ cert_test_rsapss()
- certu -A -n "TestCA-rsa-pss-sha1" -t "C,," -d "${PROFILEDIR}" -f "${R_PWFILE}" \
- -i "${R_CADIR}/TestCA-rsa-pss-sha1.ca.cert" 2>&1
-
-+ CU_ACTION="Import Bogus RSA-PSS CA Cert (invalid trailerField)"
-+ certu -A -n "TestCA-bogus-rsa-pss1" -t "C,," -d "${PROFILEDIR}" -f "${R_PWFILE}" \
-+ -i "${QADIR}/cert/TestCA-bogus-rsa-pss1.crt" 2>&1
-+ RETEXPECTED=255
-+ certu -V -b 1712101010Z -n TestCA-bogus-rsa-pss1 -u L -e -d "${PROFILEDIR}" -f "${R_PWFILE}" 2>&1
-+ RETEXPECTED=0
-+
-+ CU_ACTION="Import Bogus RSA-PSS CA Cert (invalid hashAlg)"
-+ certu -A -n "TestCA-bogus-rsa-pss2" -t "C,," -d "${PROFILEDIR}" -f "${R_PWFILE}" \
-+ -i "${QADIR}/cert/TestCA-bogus-rsa-pss2.crt" 2>&1
-+ RETEXPECTED=255
-+ certu -V -b 1712101010Z -n TestCA-bogus-rsa-pss2 -u L -e -d "${PROFILEDIR}" -f "${R_PWFILE}" 2>&1
-+ RETEXPECTED=0
-+
- CERTSERIAL=200
-
- # Subject certificate: RSA
diff --git a/SOURCES/nss-reorder-cipher-suites-gtests.patch b/SOURCES/nss-reorder-cipher-suites-gtests.patch
index 7a75e50..0675959 100644
--- a/SOURCES/nss-reorder-cipher-suites-gtests.patch
+++ b/SOURCES/nss-reorder-cipher-suites-gtests.patch
@@ -1,7 +1,7 @@
diff -up nss/gtests/ssl_gtest/ssl_auth_unittest.cc.reorder-cipher-suites-gtests nss/gtests/ssl_gtest/ssl_auth_unittest.cc
---- nss/gtests/ssl_gtest/ssl_auth_unittest.cc.reorder-cipher-suites-gtests 2017-09-20 08:47:27.000000000 +0200
-+++ nss/gtests/ssl_gtest/ssl_auth_unittest.cc 2017-10-06 16:41:39.223713982 +0200
-@@ -222,7 +222,9 @@ static SSLNamedGroup NamedGroupForEcdsa3
+--- nss/gtests/ssl_gtest/ssl_auth_unittest.cc.reorder-cipher-suites-gtests 2018-03-05 16:58:32.000000000 +0100
++++ nss/gtests/ssl_gtest/ssl_auth_unittest.cc 2018-03-09 17:29:32.985313219 +0100
+@@ -231,7 +231,9 @@ static SSLNamedGroup NamedGroupForEcdsa3
// NSS tries to match the group size to the symmetric cipher. In TLS 1.1 and
// 1.0, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is the highest priority suite, so
// we use P-384. With TLS 1.2 on we pick AES-128 GCM so use x25519.
@@ -12,7 +12,7 @@ diff -up nss/gtests/ssl_gtest/ssl_auth_unittest.cc.reorder-cipher-suites-gtests
return ssl_grp_ec_secp384r1;
}
return ssl_grp_ec_curve25519;
-@@ -806,20 +808,24 @@ INSTANTIATE_TEST_CASE_P(
+@@ -870,20 +872,24 @@ INSTANTIATE_TEST_CASE_P(
::testing::Values(TlsAgent::kServerEcdsa256),
::testing::Values(ssl_auth_ecdsa),
::testing::Values(ssl_sig_ecdsa_secp256r1_sha256)));
@@ -39,9 +39,9 @@ diff -up nss/gtests/ssl_gtest/ssl_auth_unittest.cc.reorder-cipher-suites-gtests
INSTANTIATE_TEST_CASE_P(
SignatureSchemeEcdsaSha1, TlsSignatureSchemeConfiguration,
::testing::Combine(TlsConnectTestBase::kTlsVariantsAll,
-@@ -828,4 +834,5 @@ INSTANTIATE_TEST_CASE_P(
+@@ -892,4 +898,5 @@ INSTANTIATE_TEST_CASE_P(
TlsAgent::kServerEcdsa384),
::testing::Values(ssl_auth_ecdsa),
::testing::Values(ssl_sig_ecdsa_sha1)));
+#endif
- }
+ } // namespace nss_test
diff --git a/SOURCES/nss-sql-default.patch b/SOURCES/nss-sql-default.patch
new file mode 100644
index 0000000..fd39778
--- /dev/null
+++ b/SOURCES/nss-sql-default.patch
@@ -0,0 +1,42 @@
+# HG changeset patch
+# User Kai Engert <kaie@kuix.de>
+# Date 1511548994 -3600
+# Fri Nov 24 19:43:14 2017 +0100
+# Node ID b0658ed367633e505d38c0c0f63b801ddbbb21a4
+# Parent 807662e6ba57db5be05036511ac8634466ed473f
+Bug 1377940, Change NSS default storage file format (currently DBM), when no prefix is given, to SQL, r=rrelyea, r=fkiefer
+
+--- a/tests/all.sh
++++ b/tests/all.sh
+@@ -111,6 +111,8 @@ RUN_FIPS=""
+ ########################################################################
+ run_tests()
+ {
++ echo "Running test cycle: ${TEST_MODE} ----------------------"
++ echo "List of tests that will be executed: ${TESTS}"
+ for TEST in ${TESTS}
+ do
+ # NOTE: the spaces are important. If you don't include
+@@ -172,8 +174,9 @@ run_cycle_pkix()
+ NSS_SSL_TESTS=`echo "${NSS_SSL_TESTS}" | sed -e "s/normal//g" -e "s/fips//g" -e "s/_//g"`
+ export -n NSS_SSL_RUN
+
+- # use the default format
++ # use the default format. (unset for the shell, export -n for binaries)
+ export -n NSS_DEFAULT_DB_TYPE
++ unset NSS_DEFAULT_DB_TYPE
+
+ run_tests
+ }
+diff --git a/tests/merge/merge.sh b/tests/merge/merge.sh
+--- a/tests/merge/merge.sh
++++ b/tests/merge/merge.sh
+@@ -98,7 +98,7 @@ merge_init()
+ # are dbm databases.
+ if [ "${TEST_MODE}" = "UPGRADE_DB" ]; then
+ save=${NSS_DEFAULT_DB_TYPE}
+- NSS_DEFAULT_DB_TYPE= ; export NSS_DEFAULT_DB_TYPE
++ NSS_DEFAULT_DB_TYPE=dbm ; export NSS_DEFAULT_DB_TYPE
+ fi
+
+ certutil -N -d ${CONFLICT1DIR} -f ${R_PWFILE}
diff --git a/SOURCES/renegotiate-transitional.patch b/SOURCES/renegotiate-transitional.patch
index ca92f83..5e3dbc7 100644
--- a/SOURCES/renegotiate-transitional.patch
+++ b/SOURCES/renegotiate-transitional.patch
@@ -1,12 +1,12 @@
diff -up nss/lib/ssl/sslsock.c.transitional nss/lib/ssl/sslsock.c
---- nss/lib/ssl/sslsock.c.transitional 2016-08-15 17:57:58.146879056 +0200
-+++ nss/lib/ssl/sslsock.c 2016-08-15 17:58:02.365758224 +0200
-@@ -72,7 +72,7 @@ static sslOptions ssl_defaults = {
- PR_FALSE, /* noLocks */
- PR_FALSE, /* enableSessionTickets */
- PR_FALSE, /* enableDeflate */
-- 2, /* enableRenegotiation (default: requires extension) */
-+ 3, /* enableRenegotiation (default: transitional) */
- PR_FALSE, /* requireSafeNegotiation */
- PR_FALSE, /* enableFalseStart */
- PR_TRUE, /* cbcRandomIV */
+--- nss/lib/ssl/sslsock.c.transitional 2018-03-09 17:21:52.593560971 +0100
++++ nss/lib/ssl/sslsock.c 2018-03-09 17:22:21.096926523 +0100
+@@ -67,7 +67,7 @@ static sslOptions ssl_defaults = {
+ .noLocks = PR_FALSE,
+ .enableSessionTickets = PR_FALSE,
+ .enableDeflate = PR_FALSE,
+- .enableRenegotiation = SSL_RENEGOTIATE_REQUIRES_XTN,
++ .enableRenegotiation = SSL_RENEGOTIATE_TRANSITIONAL,
+ .requireSafeNegotiation = PR_FALSE,
+ .enableFalseStart = PR_FALSE,
+ .cbcRandomIV = PR_TRUE,
diff --git a/SPECS/nss.spec b/SPECS/nss.spec
index ad8821b..984a6fe 100644
--- a/SPECS/nss.spec
+++ b/SPECS/nss.spec
@@ -1,9 +1,9 @@
-%global nspr_version 4.17.0
-%global nss_util_version 3.34.0
+%global nspr_version 4.19.0
+%global nss_util_version 3.36.0
%global nss_util_build -1
# adjust to the version that gets submitted for FIPS validation
-%global nss_softokn_fips_version 3.34.0
-%global nss_softokn_version 3.34.0
+%global nss_softokn_fips_version 3.36.0
+%global nss_softokn_version 3.36.0
# Attention: Separate softokn versions for build and runtime.
%global runtime_required_softokn_build_version -1
# Building NSS doesn't require the same version of softokn built for runtime.
@@ -26,8 +26,8 @@
Summary: Network Security Services
Name: nss
-Version: 3.34.0
-Release: 4%{?dist}
+Version: 3.36.0
+Release: 5%{?dist}
License: MPLv2.0
URL: http://www.mozilla.org/projects/security/pki/nss/
Group: System Environment/Libraries
@@ -123,24 +123,21 @@ Patch130: nss-reorder-cipher-suites-gtests.patch
Patch131: nss-disable-tls13-gtests.patch
# Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=1279520
Patch135: nss-check-policy-file.patch
+# To revert the change in:
+# https://bugzilla.mozilla.org/show_bug.cgi?id=1377940
+Patch136: nss-sql-default.patch
+# Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=1278071
+Patch137: nss-pkcs12-iterations-limit.patch
+# Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=1447628
+Patch138: nss-devslot-reinsert.patch
+# Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=1453408
+Patch139: nss-modutil-skip-changepw-fips.patch
# Work around for yum
# https://bugzilla.redhat.com/show_bug.cgi?id=1469526
Patch141: nss-sysinit-getenv.patch
-
-# Patches backported from 3.35:
-# https://bugzilla.mozilla.org/show_bug.cgi?id=1416265
-Patch144: nss-pk12util-faulty-aes.patch
-# https://bugzilla.mozilla.org/show_bug.cgi?id=1278071
-Patch145: nss-increase-pkcs12-iterations.patch
-# https://bugzilla.mozilla.org/show_bug.cgi?id=1415847
-Patch146: nss-modutil-suppress-password.patch
-# https://bugzilla.mozilla.org/show_bug.cgi?id=1426361
-Patch147: nss-certutil-suppress-password.patch
-# https://bugzilla.mozilla.org/show_bug.cgi?id=1423557
-# https://bugzilla.mozilla.org/show_bug.cgi?id=1415171
-Patch148: nss-pss-fixes.patch
-# https://bugzilla.mozilla.org/show_bug.cgi?id=1054373
-Patch149: nss-is-token-present-race.patch
+# To revert the change in:
+# https://hg.mozilla.org/projects/nss/rev/896e3eb3a799
+Patch142: nss-lockcert-api-change.patch
%description
Network Security Services (NSS) is a set of libraries designed to
@@ -244,13 +241,12 @@ pushd nss
%patch130 -p1 -b .reorder-cipher-suites-gtests
%patch131 -p1 -b .disable-tls13-gtests
%patch135 -p1 -b .check_policy_file
+%patch136 -p1 -R -b .sql-default
+%patch137 -p1 -b .pkcs12-iterations-limit
+%patch138 -p1 -b .devslot-reinsert
+%patch139 -p1 -b .modutil-skip-changepw-fips
%patch141 -p1 -b .sysinit-getenv
-%patch144 -p1 -b .pk12util-faulty-aes
-%patch145 -p1 -b .increase-pkcs12-iterations
-%patch146 -p1 -b .suppress-modutil-password
-%patch147 -p1 -b .suppress-certutil-password
-%patch148 -p1 -b .pss-fixes
-%patch149 -p1 -b .is-token-present-race
+%patch142 -p1 -R -b .lockcert-api-change
popd
#########################################################
@@ -357,6 +353,8 @@ export NSS_BLTEST_NOT_AVAILABLE=1
export NSS_DISABLE_TLS_1_3=1
+export NSS_FORCE_FIPS=1
+
%{__make} -C ./nss/coreconf
%{__make} -C ./nss/lib/dbm
@@ -849,6 +847,24 @@ fi
%changelog
+* Wed Apr 18 2018 Daiki Ueno <dueno@redhat.com> - 3.36.0-5
+- Restore CERT_LockCertTrust and CERT_UnlockCertTrust back in cert.h
+
+* Fri Apr 13 2018 Daiki Ueno <dueno@redhat.com> - 3.36.0-4
+- Work around modutil -changepw error if the old and new passwords are
+ both empty in FIPS mode
+
+* Tue Mar 27 2018 Daiki Ueno <dueno@redhat.com> - 3.36.0-3
+- Decrease the iteration count of PKCS#12 for compatibility with Windows
+- Fix deadlock when a token is re-inserted while a client process is running
+
+* Mon Mar 12 2018 Daiki Ueno <dueno@redhat.com> - 3.36.0-2
+- Set NSS_FORCE_FIPS=1 in %%build
+- Revert the changes to tests assuming the default DB type
+
+* Fri Mar 9 2018 Daiki Ueno <dueno@redhat.com> - 3.36.0-1
+- Rebase to NSS 3.36
+
* Mon Jan 15 2018 Daiki Ueno <dueno@redhat.com> - 3.34.0-4
- Re-enable nss-is-token-present-race.patch