diff --git a/0001-nss-anolis-nameconstraints.patch b/0001-nss-anolis-nameconstraints.patch deleted file mode 100644 index a2ae8a2561530dcc984a78b4c76d7d63c11140c0..0000000000000000000000000000000000000000 --- a/0001-nss-anolis-nameconstraints.patch +++ /dev/null @@ -1,30 +0,0 @@ ---- a/tests/chains/scenarios/nameconstraints.cfg -+++ b/tests/chains/scenarios/nameconstraints.cfg -@@ -154,17 +154,25 @@ verify NameConstraints.server17:x - # Subject: "C = US, ST=CA, O=Foo CN=foo.example.com" - verify NameConstraints.dcissblocked:x - result fail - - # Subject: "C = US, ST=CA, O=Foo CN=foo.example.fr" - verify NameConstraints.dcissallowed:x - result pass - --# Subject: "O = IPA.LOCAL 201901211552, CN = OCSP Subsystem" -+# Subject: "O = IPA.LOCAL 20200120, CN = OCSP and IPSEC" -+# EKUs: OCSPSigning,ipsecUser - # - # This tests that a non server certificate (i.e. id-kp-serverAuth - # not present in EKU) does *NOT* have CN treated as dnsName for --# purposes of Name Constraints validation -+# purposes of Name Constraints validation (certificateUsageStatusResponder) -+# https://hg.mozilla.org/projects/nss/rev/0b30eb1c3650 - verify NameConstraints.ocsp1:x - usage 10 - result pass - -+# This tests that a non server certificate (i.e. id-kp-serverAuth -+# not present in EKU) does *NOT* have CN treated as dnsName for -+# purposes of Name Constraints validation (certificateUsageIPsec) -+verify NameConstraints.ocsp1:x -+ usage 12 -+ result pass diff --git a/Bug-1001841-disable-sslv2-libssl.patch b/Bug-1001841-disable-sslv2-libssl.patch index 99a09192d3932961fbcb6f1ef6e0b789d78e5685..9f8134caab6e3e7d8db2b6a162dc89c6cfd1e71d 100644 --- a/Bug-1001841-disable-sslv2-libssl.patch +++ b/Bug-1001841-disable-sslv2-libssl.patch @@ -1,21 +1,18 @@ diff -up nss/lib/ssl/config.mk.disableSSL2libssl nss/lib/ssl/config.mk ---- nss/lib/ssl/config.mk.disableSSL2libssl 2019-03-28 10:36:01.859196244 +0100 -+++ nss/lib/ssl/config.mk 2019-03-28 10:36:53.250120885 +0100 -@@ -61,6 +61,10 @@ ifdef NSS_DISABLE_TLS_1_3 +--- nss/lib/ssl/config.mk.disableSSL2libssl 2020-07-22 17:20:07.325371407 +0200 ++++ nss/lib/ssl/config.mk 2020-07-22 17:21:23.818815809 +0200 +@@ -53,3 +53,7 @@ endif + ifdef NSS_DISABLE_TLS_1_3 DEFINES += -DNSS_DISABLE_TLS_1_3 endif - ++ +ifdef NSS_NO_SSL2 +DEFINES += -DNSS_NO_SSL2 +endif -+ - ifeq (,$(filter-out DragonFly FreeBSD Linux NetBSD OpenBSD, $(OS_TARGET))) - CFLAGS += -std=gnu99 - endif diff -up nss/lib/ssl/sslsock.c.disableSSL2libssl nss/lib/ssl/sslsock.c ---- nss/lib/ssl/sslsock.c.disableSSL2libssl 2019-03-28 10:36:01.849196454 +0100 -+++ nss/lib/ssl/sslsock.c 2019-03-28 10:36:01.860196223 +0100 -@@ -1363,6 +1363,10 @@ SSLExp_SetMaxEarlyDataSize(PRFileDesc *f +--- nss/lib/ssl/sslsock.c.disableSSL2libssl 2020-07-22 17:20:07.314371487 +0200 ++++ nss/lib/ssl/sslsock.c 2020-07-22 17:20:07.326371400 +0200 +@@ -1405,6 +1405,10 @@ SSLExp_SetMaxEarlyDataSize(PRFileDesc *f static PRBool ssl_IsRemovedCipherSuite(PRInt32 suite) { diff --git a/Bug-1001841-disable-sslv2-tests.patch b/Bug-1001841-disable-sslv2-tests.patch index 093bb540a8f797a4a7e45c5cc5f18f519121bfb6..f943cbbd238149eb16cebb4bbb056cc63effa4e2 100644 --- a/Bug-1001841-disable-sslv2-tests.patch +++ b/Bug-1001841-disable-sslv2-tests.patch @@ -1,7 +1,7 @@ -diff -up nss/tests/ssl/ssl.sh.disableSSL2tests nss/tests/ssl/ssl.sh ---- nss/tests/ssl/ssl.sh.disableSSL2tests 2019-03-16 01:25:08.000000000 +0100 -+++ nss/tests/ssl/ssl.sh 2019-03-28 10:39:14.254180729 +0100 -@@ -68,9 +68,14 @@ ssl_init() +diff -up ./tests/ssl/ssl.sh.disableSSL2tests ./tests/ssl/ssl.sh +--- ./tests/ssl/ssl.sh.disableSSL2tests 2021-05-28 02:50:43.000000000 -0700 ++++ ./tests/ssl/ssl.sh 2021-06-03 15:22:02.725514179 -0700 +@@ -88,9 +88,14 @@ ssl_init() NSS_SSL_RUN=${NSS_SSL_RUN:-$nss_ssl_run} # Test case files @@ -18,7 +18,7 @@ diff -up nss/tests/ssl/ssl.sh.disableSSL2tests nss/tests/ssl/ssl.sh SSLPOLICY=${QADIR}/ssl/sslpolicy.txt REQUEST_FILE=${QADIR}/ssl/sslreq.dat -@@ -128,7 +133,11 @@ is_selfserv_alive() +@@ -159,7 +164,11 @@ is_selfserv_alive() fi echo "kill -0 ${PID} >/dev/null 2>/dev/null" @@ -30,7 +30,7 @@ diff -up nss/tests/ssl/ssl.sh.disableSSL2tests nss/tests/ssl/ssl.sh echo "selfserv with PID ${PID} found at `date`" } -@@ -152,7 +161,11 @@ wait_for_selfserv() +@@ -183,7 +192,11 @@ wait_for_selfserv() ${BINDIR}/tstclnt -4 -p ${PORT} -h ${HOSTADDR} ${CLIENT_OPTIONS} -q \ -d ${P_R_CLIENTDIR} $verbose < ${REQUEST_FILE} if [ $? -ne 0 ]; then @@ -42,16 +42,7 @@ diff -up nss/tests/ssl/ssl.sh.disableSSL2tests nss/tests/ssl/ssl.sh fi fi is_selfserv_alive -@@ -278,7 +291,7 @@ ssl_cov() - start_selfserv $CIPHER_SUITES # Launch the server - - VMIN="ssl3" -- VMAX="tls1.1" -+ VMAX="tls1.2" - - ignore_blank_lines ${SSLCOV} | \ - while read ectype testmax param testname -@@ -286,6 +299,12 @@ ssl_cov() +@@ -332,6 +345,12 @@ ssl_cov() echo "${testname}" | grep "EXPORT" > /dev/null EXP=$? diff --git a/nss-3.44-handle-malformed-ecdh-gtests.patch b/nss-3.44-handle-malformed-ecdh-gtests.patch deleted file mode 100644 index 225f023a1e1b7e65a0b498019e28b6935115c1fd..0000000000000000000000000000000000000000 --- a/nss-3.44-handle-malformed-ecdh-gtests.patch +++ /dev/null @@ -1,580 +0,0 @@ -diff -up ./gtests/pk11_gtest/manifest.mn.handle-malformed-ecdh-gtests ./gtests/pk11_gtest/manifest.mn ---- ./gtests/pk11_gtest/manifest.mn.handle-malformed-ecdh-gtests 2019-12-05 10:56:41.827832606 -0800 -+++ ./gtests/pk11_gtest/manifest.mn 2019-12-05 10:59:53.802966671 -0800 -@@ -10,16 +10,18 @@ CPPSRCS = \ - pk11_aeskeywrap_unittest.cc \ - pk11_chacha20poly1305_unittest.cc \ - pk11_curve25519_unittest.cc \ -+ pk11_der_private_key_import_unittest.cc \ - pk11_ecdsa_unittest.cc \ - pk11_encrypt_derive_unittest.cc \ - pk11_export_unittest.cc \ - pk11_import_unittest.cc \ -+ pk11_keygen.cc \ -+ pk11_key_unittest.cc \ - pk11_pbkdf2_unittest.cc \ - pk11_prf_unittest.cc \ - pk11_prng_unittest.cc \ - pk11_rsapkcs1_unittest.cc \ - pk11_rsapss_unittest.cc \ -- pk11_der_private_key_import_unittest.cc \ - $(NULL) - - INCLUDES += -I$(CORE_DEPTH)/gtests/google_test/gtest/include \ -diff -up ./gtests/pk11_gtest/pk11_gtest.gyp.handle-malformed-ecdh-gtests ./gtests/pk11_gtest/pk11_gtest.gyp ---- ./gtests/pk11_gtest/pk11_gtest.gyp.handle-malformed-ecdh-gtests 2019-12-05 10:56:41.828832617 -0800 -+++ ./gtests/pk11_gtest/pk11_gtest.gyp 2019-12-05 11:01:38.874134681 -0800 -@@ -11,20 +11,22 @@ - 'target_name': 'pk11_gtest', - 'type': 'executable', - 'sources': [ -- 'pk11_aeskeywrap_unittest.cc', - 'pk11_aes_gcm_unittest.cc', -+ 'pk11_aeskeywrap_unittest.cc', - 'pk11_chacha20poly1305_unittest.cc', - 'pk11_cipherop_unittest.cc', - 'pk11_curve25519_unittest.cc', -+ 'pk11_der_private_key_import_unittest.cc', - 'pk11_ecdsa_unittest.cc', - 'pk11_encrypt_derive_unittest.cc', - 'pk11_import_unittest.cc', -+ 'pk11_keygen.cc', -+ 'pk11_key_unittest.cc', - 'pk11_pbkdf2_unittest.cc', - 'pk11_prf_unittest.cc', - 'pk11_prng_unittest.cc', - 'pk11_rsapkcs1_unittest.cc', - 'pk11_rsapss_unittest.cc', -- 'pk11_der_private_key_import_unittest.cc', - '<(DEPTH)/gtests/common/gtests.cc' - ], - 'dependencies': [ -diff -up ./gtests/pk11_gtest/pk11_import_unittest.cc.handle-malformed-ecdh-gtests ./gtests/pk11_gtest/pk11_import_unittest.cc ---- ./gtests/pk11_gtest/pk11_import_unittest.cc.handle-malformed-ecdh-gtests 2019-12-05 10:56:41.821832539 -0800 -+++ ./gtests/pk11_gtest/pk11_import_unittest.cc 2019-12-05 11:08:42.394842692 -0800 -@@ -15,6 +15,7 @@ - #include "nss_scoped_ptrs.h" - #include "gtest/gtest.h" - #include "databuffer.h" -+#include "pk11_keygen.h" - - namespace nss_test { - -@@ -30,7 +31,7 @@ struct PK11GenericObjectsDeleter { - - class Pk11KeyImportTestBase : public ::testing::Test { - public: -- Pk11KeyImportTestBase(CK_MECHANISM_TYPE mech) : mech_(mech) {} -+ Pk11KeyImportTestBase() = default; - virtual ~Pk11KeyImportTestBase() = default; - - void SetUp() override { -@@ -42,12 +43,18 @@ class Pk11KeyImportTestBase : public ::t - password_.reset(SECITEM_DupItem(&pwItem)); - } - -- void Test() { -+ void Test(const Pkcs11KeyPairGenerator& generator) { - // Generate a key and export it. -- KeyType key_type; -+ KeyType key_type = nullKey; - ScopedSECKEYEncryptedPrivateKeyInfo key_info; - ScopedSECItem public_value; -- GenerateAndExport(&key_type, &key_info, &public_value); -+ GenerateAndExport(generator, &key_type, &key_info, &public_value); -+ -+ // Note: NSS is currently unable export wrapped DH keys, so this doesn't -+ // test those beyond generate and verify. -+ if (key_type == dhKey) { -+ return; -+ } - ASSERT_NE(nullptr, key_info); - ASSERT_NE(nullptr, public_value); - -@@ -66,17 +73,6 @@ class Pk11KeyImportTestBase : public ::t - CheckForPublicKey(priv_key, public_value.get()); - } - -- protected: -- class ParamHolder { -- public: -- virtual ~ParamHolder() = default; -- virtual void* get() = 0; -- }; -- -- virtual std::unique_ptr MakeParams() = 0; -- -- CK_MECHANISM_TYPE mech_; -- - private: - SECItem GetPublicComponent(ScopedSECKEYPublicKey& pub_key) { - SECItem null = { siBuffer, NULL, 0}; -@@ -196,20 +192,14 @@ class Pk11KeyImportTestBase : public ::t - } - } - -- void GenerateAndExport(KeyType* key_type, -+ void GenerateAndExport(const Pkcs11KeyPairGenerator& generator, -+ KeyType* key_type, - ScopedSECKEYEncryptedPrivateKeyInfo* key_info, - ScopedSECItem* public_value) { -- auto params = MakeParams(); -- ASSERT_NE(nullptr, params); -- -- SECKEYPublicKey* pub_tmp; -- ScopedSECKEYPrivateKey priv_key( -- PK11_GenerateKeyPair(slot_.get(), mech_, params->get(), &pub_tmp, -- PR_FALSE, PR_TRUE, nullptr)); -- ASSERT_NE(nullptr, priv_key) << "PK11_GenerateKeyPair failed: " -- << PORT_ErrorToName(PORT_GetError()); -- ScopedSECKEYPublicKey pub_key(pub_tmp); -- ASSERT_NE(nullptr, pub_key); -+ ScopedSECKEYPrivateKey priv_key; -+ ScopedSECKEYPublicKey pub_key; -+ generator.GenerateKey(&priv_key, &pub_key); -+ ASSERT_TRUE(priv_key); - - // Wrap and export the key. - ScopedSECKEYEncryptedPrivateKeyInfo epki(PK11_ExportEncryptedPrivKeyInfo( -@@ -239,6 +229,11 @@ class Pk11KeyImportTestBase : public ::t - } - - CheckForPublicKey(priv_key, pub_val); -+ // Note: NSS is currently unable export wrapped DH keys, so this doesn't -+ // test those beyond generate and verify. -+ if (t == dhKey) { -+ return; -+ } - - *key_type = t; - key_info->swap(epki); -@@ -253,82 +248,13 @@ class Pk11KeyImportTest - : public Pk11KeyImportTestBase, - public ::testing::WithParamInterface { - public: -- Pk11KeyImportTest() : Pk11KeyImportTestBase(GetParam()) {} -+ Pk11KeyImportTest() = default; - virtual ~Pk11KeyImportTest() = default; -- -- protected: -- std::unique_ptr MakeParams() override { -- switch (mech_) { -- case CKM_RSA_PKCS_KEY_PAIR_GEN: -- return std::unique_ptr(new RsaParamHolder()); -- -- case CKM_DSA_KEY_PAIR_GEN: -- case CKM_DH_PKCS_KEY_PAIR_GEN: { -- PQGParams* pqg_params = nullptr; -- PQGVerify* pqg_verify = nullptr; -- const unsigned int key_size = 1024; -- SECStatus rv = PK11_PQG_ParamGenV2(key_size, 0, key_size / 16, -- &pqg_params, &pqg_verify); -- if (rv != SECSuccess) { -- ADD_FAILURE() << "PK11_PQG_ParamGenV2 failed"; -- return nullptr; -- } -- EXPECT_NE(nullptr, pqg_verify); -- EXPECT_NE(nullptr, pqg_params); -- PK11_PQG_DestroyVerify(pqg_verify); -- if (mech_ == CKM_DSA_KEY_PAIR_GEN) { -- return std::unique_ptr(new PqgParamHolder(pqg_params)); -- } -- return std::unique_ptr(new DhParamHolder(pqg_params)); -- } -- -- default: -- ADD_FAILURE() << "unknown OID " << mech_; -- } -- return nullptr; -- } -- -- private: -- class RsaParamHolder : public ParamHolder { -- public: -- RsaParamHolder() -- : params_({/*.keySizeInBits = */ 1024, /*.pe = */ 0x010001}) {} -- ~RsaParamHolder() = default; -- -- void* get() override { return ¶ms_; } -- -- private: -- PK11RSAGenParams params_; -- }; -- -- class PqgParamHolder : public ParamHolder { -- public: -- PqgParamHolder(PQGParams* params) : params_(params) {} -- ~PqgParamHolder() = default; -- -- void* get() override { return params_.get(); } -- -- private: -- ScopedPQGParams params_; -- }; -- -- class DhParamHolder : public PqgParamHolder { -- public: -- DhParamHolder(PQGParams* params) -- : PqgParamHolder(params), -- params_({/*.arena = */ nullptr, -- /*.prime = */ params->prime, -- /*.base = */ params->base}) {} -- ~DhParamHolder() = default; -- -- void* get() override { return ¶ms_; } -- -- private: -- SECKEYDHParams params_; -- }; - }; - --TEST_P(Pk11KeyImportTest, GenerateExportImport) { Test(); } -+TEST_P(Pk11KeyImportTest, GenerateExportImport) { -+ Test(Pkcs11KeyPairGenerator(GetParam())); -+} - - INSTANTIATE_TEST_CASE_P(Pk11KeyImportTest, Pk11KeyImportTest, - ::testing::Values(CKM_RSA_PKCS_KEY_PAIR_GEN, -@@ -339,42 +265,13 @@ INSTANTIATE_TEST_CASE_P(Pk11KeyImportTes - class Pk11KeyImportTestEC : public Pk11KeyImportTestBase, - public ::testing::WithParamInterface { - public: -- Pk11KeyImportTestEC() : Pk11KeyImportTestBase(CKM_EC_KEY_PAIR_GEN) {} -+ Pk11KeyImportTestEC() = default; - virtual ~Pk11KeyImportTestEC() = default; -- -- protected: -- std::unique_ptr MakeParams() override { -- return std::unique_ptr(new EcParamHolder(GetParam())); -- } -- -- private: -- class EcParamHolder : public ParamHolder { -- public: -- EcParamHolder(SECOidTag curve_oid) { -- SECOidData* curve = SECOID_FindOIDByTag(curve_oid); -- EXPECT_NE(nullptr, curve); -- -- size_t plen = curve->oid.len + 2; -- extra_.reset(new uint8_t[plen]); -- extra_[0] = SEC_ASN1_OBJECT_ID; -- extra_[1] = static_cast(curve->oid.len); -- memcpy(&extra_[2], curve->oid.data, curve->oid.len); -- -- ec_params_ = {/*.type = */ siBuffer, -- /*.data = */ extra_.get(), -- /*.len = */ static_cast(plen)}; -- } -- ~EcParamHolder() = default; -- -- void* get() override { return &ec_params_; } -- -- private: -- SECKEYECParams ec_params_; -- std::unique_ptr extra_; -- }; - }; - --TEST_P(Pk11KeyImportTestEC, GenerateExportImport) { Test(); } -+TEST_P(Pk11KeyImportTestEC, GenerateExportImport) { -+ Test(Pkcs11KeyPairGenerator(CKM_EC_KEY_PAIR_GEN, GetParam())); -+} - - INSTANTIATE_TEST_CASE_P(Pk11KeyImportTestEC, Pk11KeyImportTestEC, - ::testing::Values(SEC_OID_SECG_EC_SECP256R1, -diff -up ./gtests/pk11_gtest/pk11_keygen.cc.handle-malformed-ecdh-gtests ./gtests/pk11_gtest/pk11_keygen.cc ---- ./gtests/pk11_gtest/pk11_keygen.cc.handle-malformed-ecdh-gtests 2019-12-05 10:56:41.829832628 -0800 -+++ ./gtests/pk11_gtest/pk11_keygen.cc 2019-12-05 10:56:41.829832628 -0800 -@@ -0,0 +1,143 @@ -+/* This Source Code Form is subject to the terms of the Mozilla Public -+ * License, v. 2.0. If a copy of the MPL was not distributed with this file, -+ * You can obtain one at http://mozilla.org/MPL/2.0/. */ -+ -+#include "pk11_keygen.h" -+ -+#include "pk11pub.h" -+#include "pk11pqg.h" -+#include "prerror.h" -+ -+#include "gtest/gtest.h" -+ -+namespace nss_test { -+ -+class ParamHolder { -+ public: -+ virtual void* get() = 0; -+ virtual ~ParamHolder() = default; -+ -+ protected: -+ ParamHolder() = default; -+}; -+ -+void Pkcs11KeyPairGenerator::GenerateKey(ScopedSECKEYPrivateKey* priv_key, -+ ScopedSECKEYPublicKey* pub_key) const { -+ // This function returns if an assertion fails, so don't leak anything. -+ priv_key->reset(nullptr); -+ pub_key->reset(nullptr); -+ -+ auto params = MakeParams(); -+ ASSERT_NE(nullptr, params); -+ -+ ScopedPK11SlotInfo slot(PK11_GetInternalKeySlot()); -+ ASSERT_TRUE(slot); -+ -+ SECKEYPublicKey* pub_tmp; -+ ScopedSECKEYPrivateKey priv_tmp(PK11_GenerateKeyPair( -+ slot.get(), mech_, params->get(), &pub_tmp, PR_FALSE, PR_TRUE, nullptr)); -+ ASSERT_NE(nullptr, priv_tmp) << "PK11_GenerateKeyPair failed: " -+ << PORT_ErrorToName(PORT_GetError()); -+ ASSERT_NE(nullptr, pub_tmp); -+ -+ priv_key->swap(priv_tmp); -+ pub_key->reset(pub_tmp); -+} -+ -+class RsaParamHolder : public ParamHolder { -+ public: -+ RsaParamHolder() : params_({1024, 0x010001}) {} -+ ~RsaParamHolder() = default; -+ -+ void* get() override { return ¶ms_; } -+ -+ private: -+ PK11RSAGenParams params_; -+}; -+ -+class PqgParamHolder : public ParamHolder { -+ public: -+ PqgParamHolder(PQGParams* params) : params_(params) {} -+ ~PqgParamHolder() = default; -+ -+ void* get() override { return params_.get(); } -+ -+ private: -+ ScopedPQGParams params_; -+}; -+ -+class DhParamHolder : public PqgParamHolder { -+ public: -+ DhParamHolder(PQGParams* params) -+ : PqgParamHolder(params), -+ params_({nullptr, params->prime, params->base}) {} -+ ~DhParamHolder() = default; -+ -+ void* get() override { return ¶ms_; } -+ -+ private: -+ SECKEYDHParams params_; -+}; -+ -+class EcParamHolder : public ParamHolder { -+ public: -+ EcParamHolder(SECOidTag curve_oid) { -+ SECOidData* curve = SECOID_FindOIDByTag(curve_oid); -+ EXPECT_NE(nullptr, curve); -+ -+ size_t plen = curve->oid.len + 2; -+ extra_.reset(new uint8_t[plen]); -+ extra_[0] = SEC_ASN1_OBJECT_ID; -+ extra_[1] = static_cast(curve->oid.len); -+ memcpy(&extra_[2], curve->oid.data, curve->oid.len); -+ -+ ec_params_ = {siBuffer, extra_.get(), static_cast(plen)}; -+ } -+ ~EcParamHolder() = default; -+ -+ void* get() override { return &ec_params_; } -+ -+ private: -+ SECKEYECParams ec_params_; -+ std::unique_ptr extra_; -+}; -+ -+std::unique_ptr Pkcs11KeyPairGenerator::MakeParams() const { -+ switch (mech_) { -+ case CKM_RSA_PKCS_KEY_PAIR_GEN: -+ std::cerr << "Generate RSA pair" << std::endl; -+ return std::unique_ptr(new RsaParamHolder()); -+ -+ case CKM_DSA_KEY_PAIR_GEN: -+ case CKM_DH_PKCS_KEY_PAIR_GEN: { -+ PQGParams* pqg_params = nullptr; -+ PQGVerify* pqg_verify = nullptr; -+ const unsigned int key_size = 1024; -+ SECStatus rv = PK11_PQG_ParamGenV2(key_size, 0, key_size / 16, -+ &pqg_params, &pqg_verify); -+ if (rv != SECSuccess) { -+ ADD_FAILURE() << "PK11_PQG_ParamGenV2 failed"; -+ return nullptr; -+ } -+ EXPECT_NE(nullptr, pqg_verify); -+ EXPECT_NE(nullptr, pqg_params); -+ PK11_PQG_DestroyVerify(pqg_verify); -+ if (mech_ == CKM_DSA_KEY_PAIR_GEN) { -+ std::cerr << "Generate DSA pair" << std::endl; -+ return std::unique_ptr(new PqgParamHolder(pqg_params)); -+ } -+ std::cerr << "Generate DH pair" << std::endl; -+ return std::unique_ptr(new DhParamHolder(pqg_params)); -+ } -+ -+ case CKM_EC_KEY_PAIR_GEN: -+ std::cerr << "Generate EC pair on " << curve_ << std::endl; -+ return std::unique_ptr(new EcParamHolder(curve_)); -+ -+ default: -+ ADD_FAILURE() << "unknown OID " << mech_; -+ } -+ return nullptr; -+} -+ -+} // namespace nss_test -diff -up ./gtests/pk11_gtest/pk11_keygen.h.handle-malformed-ecdh-gtests ./gtests/pk11_gtest/pk11_keygen.h ---- ./gtests/pk11_gtest/pk11_keygen.h.handle-malformed-ecdh-gtests 2019-12-05 10:56:41.828832617 -0800 -+++ ./gtests/pk11_gtest/pk11_keygen.h 2019-12-05 10:56:41.828832617 -0800 -@@ -0,0 +1,34 @@ -+/* This Source Code Form is subject to the terms of the Mozilla Public -+ * License, v. 2.0. If a copy of the MPL was not distributed with this file, -+ * You can obtain one at http://mozilla.org/MPL/2.0/. */ -+ -+#include "nss.h" -+#include "secoid.h" -+ -+#include "nss_scoped_ptrs.h" -+ -+namespace nss_test { -+ -+class ParamHolder; -+ -+class Pkcs11KeyPairGenerator { -+ public: -+ Pkcs11KeyPairGenerator(CK_MECHANISM_TYPE mech, SECOidTag curve_oid) -+ : mech_(mech), curve_(curve_oid) {} -+ Pkcs11KeyPairGenerator(CK_MECHANISM_TYPE mech) -+ : Pkcs11KeyPairGenerator(mech, SEC_OID_UNKNOWN) {} -+ -+ CK_MECHANISM_TYPE mechanism() const { return mech_; } -+ SECOidTag curve() const { return curve_; } -+ -+ void GenerateKey(ScopedSECKEYPrivateKey* priv_key, -+ ScopedSECKEYPublicKey* pub_key) const; -+ -+ private: -+ std::unique_ptr MakeParams() const; -+ -+ CK_MECHANISM_TYPE mech_; -+ SECOidTag curve_; -+}; -+ -+} // namespace nss_test -diff -up ./gtests/pk11_gtest/pk11_key_unittest.cc.handle-malformed-ecdh-gtests ./gtests/pk11_gtest/pk11_key_unittest.cc ---- ./gtests/pk11_gtest/pk11_key_unittest.cc.handle-malformed-ecdh-gtests 2019-12-05 10:56:41.828832617 -0800 -+++ ./gtests/pk11_gtest/pk11_key_unittest.cc 2019-12-05 10:56:41.828832617 -0800 -@@ -0,0 +1,80 @@ -+/* This Source Code Form is subject to the terms of the Mozilla Public -+ * License, v. 2.0. If a copy of the MPL was not distributed with this file, -+ * You can obtain one at http://mozilla.org/MPL/2.0/. */ -+ -+#include -+#include "nss.h" -+#include "pk11pub.h" -+#include "pk11pqg.h" -+#include "prerror.h" -+#include "secoid.h" -+ -+#include "gtest/gtest.h" -+#include "nss_scoped_ptrs.h" -+#include "pk11_keygen.h" -+ -+namespace nss_test { -+ -+class Pkcs11NullKeyTestBase : public ::testing::Test { -+ protected: -+ // This constructs a key pair, then erases the public value from the public -+ // key. NSS should reject this. -+ void Test(const Pkcs11KeyPairGenerator& generator, -+ CK_MECHANISM_TYPE dh_mech) { -+ ScopedSECKEYPrivateKey priv; -+ ScopedSECKEYPublicKey pub; -+ generator.GenerateKey(&priv, &pub); -+ ASSERT_TRUE(priv); -+ -+ // These don't leak because they are allocated to the arena associated with -+ // the public key. -+ SECItem* pub_val = nullptr; -+ switch (SECKEY_GetPublicKeyType(pub.get())) { -+ case rsaKey: -+ pub_val = &pub->u.rsa.modulus; -+ break; -+ -+ case dsaKey: -+ pub_val = &pub->u.dsa.publicValue; -+ break; -+ -+ case dhKey: -+ pub_val = &pub->u.dh.publicValue; -+ break; -+ -+ case ecKey: -+ pub_val = &pub->u.ec.publicValue; -+ break; -+ -+ default: -+ FAIL() << "Unknown key type " << SECKEY_GetPublicKeyType(pub.get()); -+ } -+ pub_val->data = nullptr; -+ pub_val->len = 0; -+ -+ ScopedPK11SymKey symKey(PK11_PubDeriveWithKDF( -+ priv.get(), pub.get(), false, nullptr, nullptr, dh_mech, -+ CKM_SHA512_HMAC, CKA_DERIVE, 0, CKD_NULL, nullptr, nullptr)); -+ ASSERT_FALSE(symKey); -+ } -+}; -+ -+class Pkcs11DhNullKeyTest : public Pkcs11NullKeyTestBase {}; -+TEST_F(Pkcs11DhNullKeyTest, UseNullPublicValue) { -+ Test(Pkcs11KeyPairGenerator(CKM_DH_PKCS_KEY_PAIR_GEN), CKM_DH_PKCS_DERIVE); -+} -+ -+class Pkcs11EcdhNullKeyTest : public Pkcs11NullKeyTestBase, -+ public ::testing::WithParamInterface { -+}; -+TEST_P(Pkcs11EcdhNullKeyTest, UseNullPublicValue) { -+ Test(Pkcs11KeyPairGenerator(CKM_EC_KEY_PAIR_GEN, GetParam()), -+ CKM_ECDH1_DERIVE); -+} -+INSTANTIATE_TEST_CASE_P(Pkcs11EcdhNullKeyTest, Pkcs11EcdhNullKeyTest, -+ ::testing::Values(SEC_OID_SECG_EC_SECP256R1, -+ SEC_OID_SECG_EC_SECP384R1, -+ SEC_OID_SECG_EC_SECP521R1, -+ SEC_OID_CURVE25519)); -+ -+} // namespace nss_test -diff --git ./gtests/pk11_gtest/pk11_curve25519_unittest.cc.handle-malformed-ecdh-gtests ./gtests/pk11_gtest/pk11_curve25519_unittest.cc ---- ./gtests/pk11_gtest/pk11_curve25519_unittest.cc.handle-malformed-ecdh-gtests -+++ ./gtests/pk11_gtest/pk11_curve25519_unittest.cc -@@ -40,6 +40,9 @@ - - ScopedCERTSubjectPublicKeyInfo certSpki( - SECKEY_DecodeDERSubjectPublicKeyInfo(&spkiItem)); -+ if (!expect_success && !certSpki) { -+ return; -+ } - ASSERT_TRUE(certSpki); - - ScopedSECKEYPublicKey pubKey(SECKEY_ExtractPublicKey(certSpki.get())); - -diff -up ./gtests/ssl_gtest/tls_connect.cc.addtime ./gtests/ssl_gtest/tls_connect.cc ---- ./gtests/ssl_gtest/tls_connect.cc.addtime 2019-12-06 09:02:39.006583359 -0800 -+++ ./gtests/ssl_gtest/tls_connect.cc 2019-12-06 09:02:54.120745545 -0800 -@@ -292,7 +292,7 @@ void TlsConnectTestBase::Handshake() { - - ASSERT_TRUE_WAIT((client_->state() != TlsAgent::STATE_CONNECTING) && - (server_->state() != TlsAgent::STATE_CONNECTING), -- 5000); -+ 10000); - } - - void TlsConnectTestBase::EnableExtendedMasterSecret() { - diff --git a/nss-3.44-handle-malformed-ecdh.patch b/nss-3.44-handle-malformed-ecdh.patch deleted file mode 100644 index a0a6305f098ed6ff5367ec350af4ec621ccb5658..0000000000000000000000000000000000000000 --- a/nss-3.44-handle-malformed-ecdh.patch +++ /dev/null @@ -1,14 +0,0 @@ -diff --git a/lib/cryptohi/seckey.c b/lib/cryptohi/seckey.c ---- a/lib/cryptohi/seckey.c -+++ b/lib/cryptohi/seckey.c -@@ -639,6 +639,11 @@ - return pubk; - break; - case SEC_OID_ANSIX962_EC_PUBLIC_KEY: -+ /* A basic sanity check on inputs. */ -+ if (spki->algorithm.parameters.len == 0 || newOs.len == 0) { -+ PORT_SetError(SEC_ERROR_INPUT_LEN); -+ break; -+ } - pubk->keyType = ecKey; - pubk->u.ec.size = 0; diff --git a/nss-3.44.tar.gz b/nss-3.44.tar.gz deleted file mode 100644 index b2eaa34348599b3791ccdc080c86df70a7361f46..0000000000000000000000000000000000000000 Binary files a/nss-3.44.tar.gz and /dev/null differ diff --git a/nss-3.53-fix-private_key_mac.patch b/nss-3.53-fix-private_key_mac.patch new file mode 100644 index 0000000000000000000000000000000000000000..60df7d53499556c646a871ae8bc72daa24247828 --- /dev/null +++ b/nss-3.53-fix-private_key_mac.patch @@ -0,0 +1,104 @@ +diff --git a/lib/softoken/sftkpwd.c b/lib/softoken/sftkpwd.c +--- a/lib/softoken/sftkpwd.c ++++ b/lib/softoken/sftkpwd.c +@@ -277,17 +277,19 @@ sftkdb_DecryptAttribute(SFTKDBHandle *ha + *plain = nsspkcs5_CipherData(cipherValue.param, passKey, &cipherValue.value, + PR_FALSE, NULL); + if (*plain == NULL) { + rv = SECFailure; + goto loser; + } + + /* If we are using aes 256, we need to check authentication as well.*/ +- if ((type != CKT_INVALID_TYPE) && (cipherValue.alg == SEC_OID_AES_256_CBC)) { ++ if ((type != CKT_INVALID_TYPE) && ++ (cipherValue.alg == SEC_OID_PKCS5_PBES2) && ++ (cipherValue.param->encAlg == SEC_OID_AES_256_CBC)) { + SECItem signature; + unsigned char signData[SDB_MAX_META_DATA_LEN]; + + /* if we get here from the old legacy db, there is clearly an + * error, don't return the plaintext */ + if (handle == NULL) { + rv = SECFailure; + PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); +@@ -299,17 +301,27 @@ sftkdb_DecryptAttribute(SFTKDBHandle *ha + rv = sftkdb_GetAttributeSignature(handle, handle, id, type, + &signature); + if (rv != SECSuccess) { + goto loser; + } + rv = sftkdb_VerifyAttribute(handle, passKey, CK_INVALID_HANDLE, type, + *plain, &signature); + if (rv != SECSuccess) { +- goto loser; ++ /* handle a bug where old versions of NSS misfiled the signature ++ * attribute on password update */ ++ id |= SFTK_KEYDB_TYPE|SFTK_TOKEN_TYPE; ++ signature.len = sizeof(signData); ++ rv = sftkdb_GetAttributeSignature(handle, handle, id, type, ++ &signature); ++ if (rv != SECSuccess) { ++ goto loser; ++ } ++ rv = sftkdb_VerifyAttribute(handle, passKey, CK_INVALID_HANDLE, ++ type, *plain, &signature); + } + } + + loser: + if (cipherValue.param) { + nsspkcs5_DestroyPBEParameter(cipherValue.param); + } + if (cipherValue.arena) { +@@ -1186,16 +1198,17 @@ sftk_updateEncrypted(PLArenaPool *arena, + }; + const CK_ULONG privAttrCount = sizeof(privAttrTypes) / sizeof(privAttrTypes[0]); + + // We don't know what attributes this object has, so we update them one at a + // time. + unsigned int i; + for (i = 0; i < privAttrCount; i++) { + // Read the old attribute in the clear. ++ CK_OBJECT_HANDLE sdbId = id & SFTK_OBJ_ID_MASK; + CK_ATTRIBUTE privAttr = { privAttrTypes[i], NULL, 0 }; + CK_RV crv = sftkdb_GetAttributeValue(keydb, id, &privAttr, 1); + if (crv != CKR_OK) { + continue; + } + if ((privAttr.ulValueLen == -1) || (privAttr.ulValueLen == 0)) { + continue; + } +@@ -1210,30 +1223,29 @@ sftk_updateEncrypted(PLArenaPool *arena, + if ((privAttr.ulValueLen == -1) || (privAttr.ulValueLen == 0)) { + return CKR_GENERAL_ERROR; + } + SECItem plainText; + SECItem *result; + plainText.data = privAttr.pValue; + plainText.len = privAttr.ulValueLen; + if (sftkdb_EncryptAttribute(arena, keydb, keydb->db, newKey, +- iterationCount, id, privAttr.type, ++ iterationCount, sdbId, privAttr.type, + &plainText, &result) != SECSuccess) { + return CKR_GENERAL_ERROR; + } + privAttr.pValue = result->data; + privAttr.ulValueLen = result->len; + // Clear sensitive data. + PORT_Memset(plainText.data, 0, plainText.len); + + // Write the newly encrypted attributes out directly. +- CK_OBJECT_HANDLE newId = id & SFTK_OBJ_ID_MASK; + keydb->newKey = newKey; + keydb->newDefaultIterationCount = iterationCount; +- crv = (*keydb->db->sdb_SetAttributeValue)(keydb->db, newId, &privAttr, 1); ++ crv = (*keydb->db->sdb_SetAttributeValue)(keydb->db, sdbId, &privAttr, 1); + keydb->newKey = NULL; + if (crv != CKR_OK) { + return crv; + } + } + + return CKR_OK; + } diff --git a/nss-3.66-disable-external-host-test.patch b/nss-3.66-disable-external-host-test.patch new file mode 100644 index 0000000000000000000000000000000000000000..7f0450206980baa99a594cb5d1019ca6f014543c --- /dev/null +++ b/nss-3.66-disable-external-host-test.patch @@ -0,0 +1,14 @@ +diff -up ./tests/ssl/ssl.sh.brew ./tests/ssl/ssl.sh +--- ./tests/ssl/ssl.sh.brew 2021-06-12 11:37:46.153265942 -0700 ++++ ./tests/ssl/ssl.sh 2021-06-12 11:39:43.069925034 -0700 +@@ -1641,7 +1641,9 @@ ssl_run_tests() + if [ "${TEST_MODE}" = "SHARED_DB" ] ; then + ssl_policy_listsuites + ssl_policy_selfserv +- ssl_policy_pkix_ocsp ++ # requires access to external servers, which fails ++ # when running in brew ++ #ssl_policy_pkix_ocsp + ssl_policy + fi + ;; diff --git a/nss-3.66-no-combo-tests.patch b/nss-3.66-no-combo-tests.patch new file mode 100644 index 0000000000000000000000000000000000000000..32f7c3524df11e9acc41844bfbf295fefa787de5 --- /dev/null +++ b/nss-3.66-no-combo-tests.patch @@ -0,0 +1,217 @@ +diff -up ./gtests/freebl_gtest/rsa_unittest.cc.oldsoft ./gtests/freebl_gtest/rsa_unittest.cc +--- ./gtests/freebl_gtest/rsa_unittest.cc.oldsoft 2021-05-28 09:50:43.000000000 +0000 ++++ ./gtests/freebl_gtest/rsa_unittest.cc 2021-06-11 19:06:57.778552974 +0000 +@@ -9,6 +9,7 @@ + + #include "blapi.h" + #include "secitem.h" ++#include "prenv.h" + + template + struct ScopedDelete { +@@ -76,6 +77,13 @@ TEST_F(RSATest, DecryptBlockTestErrors) + in_small, sizeof(in_small)); + EXPECT_EQ(SECFailure, rv); + ++ char *env = PR_GetEnvSecure("NSS_OLD_SOFTOKEN"); ++ if (env) { ++ std::cerr << "Skipping RSA blapi DecryptBlockTestErrors because of" ++ << " semantic differences between old and new softoken." ++ << std::endl; ++ } ++ + uint8_t in[256] = {0}; + // This should fail because the padding checks will fail, + // however, mitigations for Bleichenbacher attacks transform failures +diff -up ./gtests/pk11_gtest/pk11_ike_unittest.cc.oldsoft ./gtests/pk11_gtest/pk11_ike_unittest.cc +--- ./gtests/pk11_gtest/pk11_ike_unittest.cc.oldsoft 2021-05-28 09:50:43.000000000 +0000 ++++ ./gtests/pk11_gtest/pk11_ike_unittest.cc 2021-06-11 19:41:20.381137781 +0000 +@@ -12,8 +12,10 @@ + #include "pk11pub.h" + #include "secerr.h" + #include "sechash.h" ++#include "hasht.h" + #include "util.h" + #include "databuffer.h" ++#include "prenv.h" + + #include "testvectors/ike-sha1-vectors.h" + #include "testvectors/ike-sha256-vectors.h" +@@ -23,6 +25,24 @@ + + namespace nss_test { + ++unsigned mech_to_size(CK_MECHANISM_TYPE mech) { ++ switch (mech) { ++ case CKM_SHA_1_HMAC: ++ return SHA1_LENGTH; ++ case CKM_SHA256_HMAC: ++ return SHA256_LENGTH; ++ case CKM_SHA384_HMAC: ++ return SHA384_LENGTH; ++ case CKM_SHA512_HMAC: ++ return SHA512_LENGTH; ++ case CKM_AES_XCBC_MAC: ++ return AES_BLOCK_SIZE; ++ default: ++ break; ++ } ++ return 0; ++} ++ + class Pkcs11IkeTest : public ::testing::TestWithParam< + std::tuple> { + protected: +@@ -59,6 +79,7 @@ class Pkcs11IkeTest : public ::testing:: + ScopedPK11SymKey gxy_key = nullptr; + ScopedPK11SymKey prev_key = nullptr; + ScopedPK11SymKey ikm = ImportKey(ikm_item); ++ unsigned hashsize = mech_to_size(prf_mech); + + // IKE_PRF structure (used in cases 1, 2 and 3) + CK_NSS_IKE_PRF_DERIVE_PARAMS nss_ike_prf_params = { +@@ -148,6 +169,14 @@ class Pkcs11IkeTest : public ::testing:: + ScopedPK11SymKey okm = ScopedPK11SymKey( + PK11_Derive(ikm.get(), derive_mech, ¶ms_item, + CKM_GENERIC_SECRET_KEY_GEN, CKA_DERIVE, vec.size)); ++ char *env = PR_GetEnvSecure("NSS_OLD_SOFTOKEN"); ++ if (env && (derive_mech == CKM_NSS_IKE1_APP_B_PRF_DERIVE) && ++ (vec.size <= hashsize)) { ++ std::cerr << "Skipping Test #" << std::to_string(vec.id) ++ << ". Old tokens process APP B Prf for small keys incorrectly" ++ << std::endl; ++ return; ++ } + if (vec.valid) { + ASSERT_NE(nullptr, okm.get()) << msg; + ASSERT_EQ(SECSuccess, PK11_ExtractKeyValue(okm.get())) << msg; +diff -up ./gtests/pk11_gtest/pk11_rsaencrypt_unittest.cc.oldsoft ./gtests/pk11_gtest/pk11_rsaencrypt_unittest.cc +--- ./gtests/pk11_gtest/pk11_rsaencrypt_unittest.cc.oldsoft 2021-05-28 09:50:43.000000000 +0000 ++++ ./gtests/pk11_gtest/pk11_rsaencrypt_unittest.cc 2021-06-11 19:06:57.779552981 +0000 +@@ -14,6 +14,7 @@ + #include "nss_scoped_ptrs.h" + #include "pk11pub.h" + #include "databuffer.h" ++#include "prenv.h" + + #include "testvectors/rsa_pkcs1_2048_test-vectors.h" + #include "testvectors/rsa_pkcs1_3072_test-vectors.h" +@@ -45,6 +46,14 @@ class RsaDecryptWycheproofTest + rv = PK11_PrivDecryptPKCS1(priv_key.get(), decrypted.data(), &decrypted_len, + decrypted.size(), vec.ct.data(), vec.ct.size()); + ++ // semantics changed since the old softken ++ char *env = PR_GetEnvSecure("NSS_OLD_SOFTOKEN"); ++ if (env && vec.valid && (rv == SECFailure)) { ++ std::cerr << "Skipping Decrypt test. Old softoken failed on bad data," ++ << "New softoken generates fake data" << std::endl; ++ return; ++ } ++ + if (vec.valid) { + EXPECT_EQ(SECSuccess, rv); + decrypted.resize(decrypted_len); +diff -up ./gtests/pk11_gtest/pk11_rsaoaep_unittest.cc.oldsoft ./gtests/pk11_gtest/pk11_rsaoaep_unittest.cc +--- ./gtests/pk11_gtest/pk11_rsaoaep_unittest.cc.oldsoft 2021-05-28 09:50:43.000000000 +0000 ++++ ./gtests/pk11_gtest/pk11_rsaoaep_unittest.cc 2021-06-11 19:06:57.780552988 +0000 +@@ -13,6 +13,7 @@ + #include "nss.h" + #include "nss_scoped_ptrs.h" + #include "pk11pub.h" ++#include "prenv.h" + + #include "testvectors/rsa_oaep_2048_sha1_mgf1sha1-vectors.h" + #include "testvectors/rsa_oaep_2048_sha256_mgf1sha1-vectors.h" +@@ -161,6 +162,12 @@ TEST(Pkcs11RsaOaepTest, TestOaepWrapUnwr + rv = PK11_ExtractKeyValue(to_wrap.get()); + ASSERT_EQ(rv, SECSuccess); + ++ char *env=PR_GetEnvSecure("NSS_OLD_SOFTOKEN"); ++ if (env) { ++ std::cerr << "Skipping OAEP test, not supported in old softoken\n"; ++ return; ++ } ++ + // References owned by PKCS#11 layer; no need to scope and free. + SECItem* expectedItem = PK11_GetKeyData(to_wrap.get()); + +diff -up ./gtests/pk11_gtest/pk11_rsapkcs1_unittest.cc.oldsoft ./gtests/pk11_gtest/pk11_rsapkcs1_unittest.cc +--- ./gtests/pk11_gtest/pk11_rsapkcs1_unittest.cc.oldsoft 2021-05-28 09:50:43.000000000 +0000 ++++ ./gtests/pk11_gtest/pk11_rsapkcs1_unittest.cc 2021-06-11 19:06:57.781552995 +0000 +@@ -16,6 +16,7 @@ + #include "secerr.h" + #include "sechash.h" + #include "pk11_signature_test.h" ++#include "prenv.h" + + #include "testvectors/rsa_signature_2048_sha224-vectors.h" + #include "testvectors/rsa_signature_2048_sha256-vectors.h" +@@ -175,6 +176,13 @@ TEST(RsaPkcs1Test, Pkcs1MinimumPadding) + SECItem hash_item = {siBuffer, toUcharPtr(hash.data()), + static_cast(hash.len())}; + SECItem sig_item = {siBuffer, toUcharPtr(sig.data()), sig_len}; ++ ++ char *env=PR_GetEnvSecure("NSS_OLD_SOFTOKEN"); ++ if (env) { ++ std::cerr << "Skipping pkcs1 padding test, not supported in old softoken\n"; ++ return; ++ } ++ + rv = VFY_VerifyDigestDirect(&hash_item, short_pub.get(), &sig_item, + SEC_OID_PKCS1_RSA_ENCRYPTION, SEC_OID_SHA512, + nullptr); +diff -up ./gtests/pk11_gtest/pk11_signature_test.cc.oldsoft ./gtests/pk11_gtest/pk11_signature_test.cc +--- ./gtests/pk11_gtest/pk11_signature_test.cc.oldsoft 2021-05-28 09:50:43.000000000 +0000 ++++ ./gtests/pk11_gtest/pk11_signature_test.cc 2021-06-11 19:06:57.781552995 +0000 +@@ -4,6 +4,7 @@ + + #include + #include "nss.h" ++#include "prenv.h" + #include "pk11pub.h" + #include "sechash.h" + #include "prerror.h" +@@ -77,6 +78,25 @@ bool Pk11SignatureTest::SignData(ScopedS + EXPECT_LT(0, (int)sigLen); + sig->Allocate(static_cast(sigLen)); + ++ char *env=PR_GetEnvSecure("NSS_OLD_SOFTOKEN"); ++ if (env != NULL) { ++ std::cerr << "Skipping combo mechanism 0x" << std::hex << combo_ ++ << ", no token support.\n"; ++ DataBuffer hash; ++ if (!ComputeHash(data, &hash)) { ++ ADD_FAILURE() << "Failed to compute hash"; ++ return false; ++ } ++ if (!SignHashedData(privKey, hash, sig)) { ++ ADD_FAILURE() << "Failed to sign hashed data"; ++ return false; ++ } ++ ++ return true; ++ } else { ++ std::cerr << "PR_GetEnvSecure(\"NSS_OLD_SOFTOKEN\") return null!!!\n"; ++ } ++ + // test the hash and verify interface */ + PK11Context* context = PK11_CreateContextByPrivKey( + combo_, CKA_SIGN, privKey.get(), parameters()); +@@ -160,6 +180,17 @@ void Pk11SignatureTest::Verify(const Pkc + EXPECT_EQ(rv, valid ? SECSuccess : SECFailure); + } + ++ /* old softokens don't understand all the new combo mechanism. */ ++ /* skip it */ ++ char *env=PR_GetEnvSecure("NSS_OLD_SOFTOKEN"); ++ if (env != NULL) { ++ std::cerr << "Skipping combo mechanism 0x" << std::hex << combo_ ++ << ", no token support.\n"; ++ return; ++ } else { ++ std::cerr << "PR_GetEnvSecure(\"NSS_OLD_SOFTOKEN\") return null!!!\n"; ++ } ++ + // test the hash and verify interface */ + PK11Context* context = PK11_CreateContextByPubKey( + combo_, CKA_VERIFY, pubKey.get(), parameters(), NULL); diff --git a/nss-3.66-no-small-primes.patch b/nss-3.66-no-small-primes.patch new file mode 100644 index 0000000000000000000000000000000000000000..31be31643421c4b1641225a80ca5270d6e47a9de --- /dev/null +++ b/nss-3.66-no-small-primes.patch @@ -0,0 +1,86 @@ +diff -up ./gtests/softoken_gtest/softoken_dh_vectors.h.orig ./gtests/softoken_gtest/softoken_dh_vectors.h +--- ./gtests/softoken_gtest/softoken_dh_vectors.h.orig 2021-06-02 16:57:50.557008790 -0700 ++++ ./gtests/softoken_gtest/softoken_dh_vectors.h 2021-06-02 16:59:52.781735096 -0700 +@@ -2872,7 +2872,7 @@ static const DhTestVector DH_TEST_VECTOR + {siBuffer, (unsigned char *)g2, sizeof(g2)}, + {siBuffer, NULL, 0}, + {siBuffer, NULL, 0}, +- IKE_APPROVED, ++ SAFE_PRIME, + CLASS_1536}, + {"IKE 2048", + {siBuffer, (unsigned char *)prime_ike_2048, sizeof(prime_ike_2048)}, +@@ -2952,7 +2952,7 @@ static const DhTestVector DH_TEST_VECTOR + {siBuffer, (unsigned char *)sub2_prime_ike_1536, + sizeof(sub2_prime_ike_1536)}, + {siBuffer, NULL, 0}, +- IKE_APPROVED, ++ SAFE_PRIME, + CLASS_1536}, + {"IKE 2048 with subprime", + {siBuffer, (unsigned char *)prime_ike_2048, sizeof(prime_ike_2048)}, +diff -up ./lib/softoken/pkcs11c.c.orig ./lib/softoken/pkcs11c.c +--- ./lib/softoken/pkcs11c.c.orig 2021-05-28 02:50:43.000000000 -0700 ++++ ./lib/softoken/pkcs11c.c 2021-06-02 16:52:01.196932757 -0700 +@@ -5193,7 +5193,7 @@ sftk_PairwiseConsistencyCheck(CK_SESSION + /* subprime not supplied, In this case look it up. + * This only works with approved primes, but in FIPS mode + * that's the only kine of prime that will get here */ +- subPrimePtr = sftk_VerifyDH_Prime(&prime); ++ subPrimePtr = sftk_VerifyDH_Prime(&prime,isFIPS); + if (subPrimePtr == NULL) { + crv = CKR_GENERAL_ERROR; + goto done; +@@ -8351,7 +8351,7 @@ NSC_DeriveKey(CK_SESSION_HANDLE hSession + + /* if the prime is an approved prime, we can skip all the other + * checks. */ +- subPrime = sftk_VerifyDH_Prime(&dhPrime); ++ subPrime = sftk_VerifyDH_Prime(&dhPrime,isFIPS); + if (subPrime == NULL) { + SECItem dhSubPrime; + /* If the caller set the subprime value, it means that +diff -up ./lib/softoken/pkcs11i.h.orig ./lib/softoken/pkcs11i.h +--- ./lib/softoken/pkcs11i.h.orig 2021-06-02 16:52:01.196932757 -0700 ++++ ./lib/softoken/pkcs11i.h 2021-06-02 16:52:54.281248207 -0700 +@@ -946,7 +946,7 @@ char **NSC_ModuleDBFunc(unsigned long fu + /* dh verify functions */ + /* verify that dhPrime matches one of our known primes, and if so return + * it's subprime value */ +-const SECItem *sftk_VerifyDH_Prime(SECItem *dhPrime); ++const SECItem *sftk_VerifyDH_Prime(SECItem *dhPrime, PRBool isFIPS); + /* check if dhSubPrime claims dhPrime is a safe prime. */ + SECStatus sftk_IsSafePrime(SECItem *dhPrime, SECItem *dhSubPrime, PRBool *isSafe); + /* map an operation Attribute to a Mechanism flag */ +diff -up ./lib/softoken/pkcs11u.c.orig ./lib/softoken/pkcs11u.c +--- ./lib/softoken/pkcs11u.c.orig 2021-06-02 16:54:23.387777705 -0700 ++++ ./lib/softoken/pkcs11u.c 2021-06-02 16:54:51.012941866 -0700 +@@ -2312,7 +2312,7 @@ sftk_handleSpecial(SFTKSlot *slot, CK_ME + if (crv != CKR_OK) { + return PR_FALSE; + } +- dhSubPrime = sftk_VerifyDH_Prime(&dhPrime); ++ dhSubPrime = sftk_VerifyDH_Prime(&dhPrime, PR_TRUE); + SECITEM_ZfreeItem(&dhPrime, PR_FALSE); + return (dhSubPrime) ? PR_TRUE : PR_FALSE; + } +diff -up ./lib/softoken/sftkdhverify.c.orig ./lib/softoken/sftkdhverify.c +--- ./lib/softoken/sftkdhverify.c.orig 2021-05-28 02:50:43.000000000 -0700 ++++ ./lib/softoken/sftkdhverify.c 2021-06-02 16:52:01.196932757 -0700 +@@ -1171,11 +1171,15 @@ static const SECItem subprime_tls_8192 = + * verify that dhPrime matches one of our known primes + */ + const SECItem * +-sftk_VerifyDH_Prime(SECItem *dhPrime) ++sftk_VerifyDH_Prime(SECItem *dhPrime, PRBool isFIPS) + { + /* use the length to decide which primes to check */ + switch (dhPrime->len) { + case 1536 / PR_BITS_PER_BYTE: ++ /* don't accept 1536 bit primes in FIPS mode */ ++ if (isFIPS) { ++ break; ++ } + if (PORT_Memcmp(dhPrime->data, prime_ike_1536, + sizeof(prime_ike_1536)) == 0) { + return &subprime_ike_1536; diff --git a/nss-3.66-restore-old-pkcs12-default.patch b/nss-3.66-restore-old-pkcs12-default.patch new file mode 100644 index 0000000000000000000000000000000000000000..54f020cdea42914f66b1b87da3953c0790393be0 --- /dev/null +++ b/nss-3.66-restore-old-pkcs12-default.patch @@ -0,0 +1,44 @@ +diff -up ./cmd/pk12util/pk12util.c.orig ./cmd/pk12util/pk12util.c +--- ./cmd/pk12util/pk12util.c.orig 2021-05-28 02:50:43.000000000 -0700 ++++ ./cmd/pk12util/pk12util.c 2021-06-15 17:05:37.200262345 -0700 +@@ -1031,9 +1031,11 @@ main(int argc, char **argv) + char *export_file = NULL; + char *dbprefix = ""; + SECStatus rv; +- SECOidTag cipher = SEC_OID_AES_256_CBC; +- SECOidTag hash = SEC_OID_SHA256; +- SECOidTag certCipher = SEC_OID_AES_128_CBC; ++ SECOidTag cipher = ++ SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC; ++ SECOidTag hash = SEC_OID_SHA1; ++ SECOidTag certCipher = ++ SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC; + int keyLen = 0; + int certKeyLen = 0; + secuCommand pk12util; +@@ -1147,6 +1149,9 @@ main(int argc, char **argv) + } + } + ++ if (PK11_IsFIPS()) { ++ certCipher = SEC_OID_UNKNOWN; ++ } + if (pk12util.options[opt_CertCipher].activated) { + char *cipherString = pk12util.options[opt_CertCipher].arg; + +diff -up ./tests/tools/tools.sh.orig ./tests/tools/tools.sh +--- ./tests/tools/tools.sh.orig 2021-06-15 17:06:27.650564449 -0700 ++++ ./tests/tools/tools.sh 2021-06-15 17:07:59.934117192 -0700 +@@ -47,9 +47,9 @@ + "PKCS #5 Password Based Encryption with SHA-1 and DES-CBC" + + # if we change the defaults in pk12util, update these variables +- export CERT_ENCRYPTION_DEFAULT="AES-128-CBC" +- export KEY_ENCRYPTION_DEFAULT="AES-256-CBC" +- export HASH_DEFAULT="SHA-256" ++ export CERT_ENCRYPTION_DEFAULT=${pkcs12v2pbeWithSha1And40BitRc2Cbc} ++ export KEY_ENCRYPTION_DEFAULT=${pkcs12v2pbeWithSha1AndTripleDESCBC} ++ export HASH_DEFAULT="SHA-1" + + export PKCS5v1_PBE_CIPHERS="${pkcs5pbeWithMD2AndDEScbc},\ + ${pkcs5pbeWithMD5AndDEScbc},\ diff --git a/nss-3.67-cve-2021-43527-test.patch b/nss-3.67-cve-2021-43527-test.patch new file mode 100644 index 0000000000000000000000000000000000000000..51cb8e0af918709bf70f63a9fb27296f668c41cb --- /dev/null +++ b/nss-3.67-cve-2021-43527-test.patch @@ -0,0 +1,325 @@ +diff --git a/tests/cert/Leaf-bogus-dsa.crt b/tests/cert/Leaf-bogus-dsa.crt +new file mode 100644 +--- /dev/null ++++ b/tests/cert/Leaf-bogus-dsa.crt +@@ -0,0 +1,143 @@ ++-----BEGIN CERTIFICATE----- ++MIIaZzCCCkWgAwIBAgIBATALBgcqhkjOOAQDBQAwMTEvMC0GA1UEAxMmZGVjb2Rl ++RUNvckRTQVNpZ25hdHVyZS10ZXN0Q2FzZS90YXZpc28wHhcNMjEwMTAxMDAwMDAw ++WhcNNDEwMTAxMDAwMDAwWjAxMS8wLQYDVQQDEyZkZWNvZGVFQ29yRFNBU2lnbmF0 ++dXJlLXRlc3RDYXNlL3RhdmlzbzCCCaYwggkaBgcqhkjOOAQBMIIJDQKBgQCqqqqq ++qqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqq ++qqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqq ++qqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgKCCAEAu7u7u7u7u7u7u7u7u7u7 ++u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7 ++u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7 ++u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7 ++u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7 ++u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7 ++u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7 ++u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7 ++u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7 ++u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7 ++u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7 ++u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7 ++u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7 ++u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7 ++u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7 ++u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7 ++u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7 ++u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7 ++u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7 ++u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7 ++u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7 ++u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7 ++u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7 ++u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7 ++u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7 ++u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7 ++u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7 ++u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7 ++u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7 ++u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7 ++u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7 ++u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7 ++u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7 ++u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7 ++u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7 ++u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7 ++u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7 ++u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7 ++u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7 ++u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7 ++u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7 ++u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7 ++u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7 ++u7u7u7u7u7u7u7u7u7u7u7sCgYEAzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzM ++zMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzM ++zMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzM ++zMzMzMwDgYUAAoGB3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d ++3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d ++3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3dMAkG ++ByqGSM44BAMDghAPADCCEAoCgggBAO7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u ++7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u ++7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u ++7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u ++7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u ++7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u ++7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u ++7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u ++7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u ++7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u ++7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u ++7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u ++7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u ++7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u ++7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u ++7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u ++7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u ++7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u ++7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u ++7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u ++7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u ++7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u ++7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u ++7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u ++7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u ++7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u ++7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u ++7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u ++7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u ++7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u ++7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u ++7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u ++7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u ++7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u ++7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u ++7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u ++7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u ++7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u ++7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u ++7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u ++7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u ++7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u ++7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u ++7u7u7u7uAoIIAQD///////////////////////////////////////////////// ++//////////////////////////////////////////////////////////////// ++//////////////////////////////////////////////////////////////// ++//////////////////////////////////////////////////////////////// ++//////////////////////////////////////////////////////////////// ++//////////////////////////////////////////////////////////////// ++//////////////////////////////////////////////////////////////// ++//////////////////////////////////////////////////////////////// ++//////////////////////////////////////////////////////////////// ++//////////////////////////////////////////////////////////////// ++//////////////////////////////////////////////////////////////// ++//////////////////////////////////////////////////////////////// ++//////////////////////////////////////////////////////////////// ++//////////////////////////////////////////////////////////////// ++//////////////////////////////////////////////////////////////// ++//////////////////////////////////////////////////////////////// ++//////////////////////////////////////////////////////////////// ++//////////////////////////////////////////////////////////////// ++//////////////////////////////////////////////////////////////// ++//////////////////////////////////////////////////////////////// ++//////////////////////////////////////////////////////////////// ++//////////////////////////////////////////////////////////////// ++//////////////////////////////////////////////////////////////// ++//////////////////////////////////////////////////////////////// ++//////////////////////////////////////////////////////////////// ++//////////////////////////////////////////////////////////////// ++//////////////////////////////////////////////////////////////// ++//////////////////////////////////////////////////////////////// ++//////////////////////////////////////////////////////////////// ++//////////////////////////////////////////////////////////////// ++//////////////////////////////////////////////////////////////// ++//////////////////////////////////////////////////////////////// ++//////////////////////////////////////////////////////////////// ++//////////////////////////////////////////////////////////////// ++//////////////////////////////////////////////////////////////// ++//////////////////////////////////////////////////////////////// ++//////////////////////////////////////////////////////////////// ++//////////////////////////////////////////////////////////////// ++//////////////////////////////////////////////////////////////// ++//////////////////////////////////////////////////////////////// ++//////////////////////////////////////////////////////////////// ++//////////////////////////////////////////////////////////////// ++/////////////////////////////////////////////////////////w== ++-----END CERTIFICATE----- +diff --git a/tests/cert/Leaf-bogus-rsa-pss.crt b/tests/cert/Leaf-bogus-rsa-pss.crt +new file mode 100644 +--- /dev/null ++++ b/tests/cert/Leaf-bogus-rsa-pss.crt +@@ -0,0 +1,126 @@ ++-----BEGIN CERTIFICATE----- ++MIIXODCCC/WgAwIBAgIBAjApBgkqhkiG9w0BAQowHKACMAChETAPBQAwCwYJYIZI ++AWUDBAIBogMCASAwNzEgMB4GCSqGSIb3DQEJARYRdGF2aXNvQGdvb2dsZS5jb20x ++EzARBgNVBAMTCmJ1ZzE3Mzc0NzAwHhcNMjAwMTAxMDAwMDAwWhcNNDAwMTAxMDAw ++MDAwWjA3MSAwHgYJKoZIhvcNAQkBFhF0YXZpc29AZ29vZ2xlLmNvbTETMBEGA1UE ++AxMKYnVnMTczNzQ3MDCCCywwDQYJKoZIhvcNAQEBBQADggsZADCCCxQCggsLAMRE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE ++RERERERERERERERERERERERERERERERERERERERERERERERERERERQIDAQABMC4G ++CSqGSIb3DQEBCjAhoRowGAYJKoZIhvcNAQEIMAsGCSqGSIb3DQEBCqIDAgEgA4IL ++CwAAxVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV ++VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVU= ++-----END CERTIFICATE----- +diff --git a/tests/cert/cert.sh b/tests/cert/cert.sh +--- a/tests/cert/cert.sh ++++ b/tests/cert/cert.sh +@@ -114,16 +114,28 @@ certu() + cert_log "ERROR: ${CU_ACTION} failed $RET" + else + html_passed "${CU_ACTION}" + fi + + return $RET + } + ++cert_test_vfy() ++{ ++ echo "$SCRIPTNAME: Verify large rsa pss signature --------------" ++ echo " vfychain -a Leaf-bogus-dsa.crt" ++ vfychain -a ${QADIR}/cert/Leaf-bogus-dsa.crt ++ html_msg $? 1 "Verify large dsa signature" ++ echo "$SCRIPTNAME: Verify large rsa pss signature --------------" ++ echo " vfychain -a Leaf-bogus-rsa-pss.crt" ++ vfychain -a ${QADIR}/cert/Leaf-bogus-rsa-pss.crt ++ html_msg $? 1 "Verify large rsa pss signature" ++} ++ + ################################ crlu ################################# + # local shell function to call crlutil, also: writes action and options to + # stdout, sets variable RET and writes results to the html file results + ######################################################################## + crlu() + { + echo "$SCRIPTNAME: ${CU_ACTION} --------------------------" + +@@ -2640,11 +2652,13 @@ if [ -z "$NSS_TEST_DISABLE_CRL" ] ; then + else + echo "$SCRIPTNAME: Skipping CRL Tests" + fi + + if [ -n "$DO_DIST_ST" -a "$DO_DIST_ST" = "TRUE" ] ; then + cert_stresscerts + fi + ++cert_test_vfy ++ + cert_iopr_setup + + cert_cleanup diff --git a/nss-3.67-cve-2021-43527.patch b/nss-3.67-cve-2021-43527.patch new file mode 100644 index 0000000000000000000000000000000000000000..8fc81d341c3353b8dc43be7e9aa7b0a8b9e888f9 --- /dev/null +++ b/nss-3.67-cve-2021-43527.patch @@ -0,0 +1,279 @@ +diff --git a/lib/cryptohi/secvfy.c b/lib/cryptohi/secvfy.c +--- a/lib/cryptohi/secvfy.c ++++ b/lib/cryptohi/secvfy.c +@@ -164,6 +164,37 @@ + PR_FALSE /*XXX: unsafeAllowMissingParameters*/); + } + ++static unsigned int ++checkedSignatureLen(const SECKEYPublicKey *pubk) ++{ ++ unsigned int sigLen = SECKEY_SignatureLen(pubk); ++ if (sigLen == 0) { ++ /* Error set by SECKEY_SignatureLen */ ++ return sigLen; ++ } ++ unsigned int maxSigLen; ++ switch (pubk->keyType) { ++ case rsaKey: ++ case rsaPssKey: ++ maxSigLen = (RSA_MAX_MODULUS_BITS + 7) / 8; ++ break; ++ case dsaKey: ++ maxSigLen = DSA_MAX_SIGNATURE_LEN; ++ break; ++ case ecKey: ++ maxSigLen = 2 * MAX_ECKEY_LEN; ++ break; ++ default: ++ PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG); ++ return 0; ++ } ++ if (sigLen > maxSigLen) { ++ PORT_SetError(SEC_ERROR_INVALID_KEY); ++ return 0; ++ } ++ return sigLen; ++} ++ + /* + * decode the ECDSA or DSA signature from it's DER wrapping. + * The unwrapped/raw signature is placed in the buffer pointed +@@ -174,38 +205,38 @@ + unsigned int len) + { + SECItem *dsasig = NULL; /* also used for ECDSA */ +- SECStatus rv = SECSuccess; + +- if ((algid != SEC_OID_ANSIX9_DSA_SIGNATURE) && +- (algid != SEC_OID_ANSIX962_EC_PUBLIC_KEY)) { +- if (sig->len != len) { +- PORT_SetError(SEC_ERROR_BAD_DER); +- return SECFailure; ++ /* Safety: Ensure algId is as expected and that signature size is within maxmimums */ ++ if (algid == SEC_OID_ANSIX9_DSA_SIGNATURE) { ++ if (len > DSA_MAX_SIGNATURE_LEN) { ++ goto loser; + } +- +- PORT_Memcpy(dsig, sig->data, sig->len); +- return SECSuccess; ++ } else if (algid == SEC_OID_ANSIX962_EC_PUBLIC_KEY) { ++ if (len > MAX_ECKEY_LEN * 2) { ++ goto loser; ++ } ++ } else { ++ goto loser; + } + +- if (algid == SEC_OID_ANSIX962_EC_PUBLIC_KEY) { +- if (len > MAX_ECKEY_LEN * 2) { +- PORT_SetError(SEC_ERROR_BAD_DER); +- return SECFailure; +- } ++ /* Decode and pad to length */ ++ dsasig = DSAU_DecodeDerSigToLen((SECItem *)sig, len); ++ if (dsasig == NULL) { ++ goto loser; + } +- dsasig = DSAU_DecodeDerSigToLen((SECItem *)sig, len); +- +- if ((dsasig == NULL) || (dsasig->len != len)) { +- rv = SECFailure; +- } else { +- PORT_Memcpy(dsig, dsasig->data, dsasig->len); ++ if (dsasig->len != len) { ++ SECITEM_FreeItem(dsasig, PR_TRUE); ++ goto loser; + } + +- if (dsasig != NULL) +- SECITEM_FreeItem(dsasig, PR_TRUE); +- if (rv == SECFailure) +- PORT_SetError(SEC_ERROR_BAD_DER); +- return rv; ++ PORT_Memcpy(dsig, dsasig->data, len); ++ SECITEM_FreeItem(dsasig, PR_TRUE); ++ ++ return SECSuccess; ++ ++loser: ++ PORT_SetError(SEC_ERROR_BAD_DER); ++ return SECFailure; + } + + const SEC_ASN1Template hashParameterTemplate[] = +@@ -281,7 +312,7 @@ + sec_DecodeSigAlg(const SECKEYPublicKey *key, SECOidTag sigAlg, + const SECItem *param, SECOidTag *encalgp, SECOidTag *hashalg) + { +- int len; ++ unsigned int len; + PLArenaPool *arena; + SECStatus rv; + SECItem oid; +@@ -466,48 +497,52 @@ + cx->pkcs1RSADigestInfo = NULL; + rv = SECSuccess; + if (sig) { +- switch (type) { +- case rsaKey: +- rv = recoverPKCS1DigestInfo(hashAlg, &cx->hashAlg, +- &cx->pkcs1RSADigestInfo, +- &cx->pkcs1RSADigestInfoLen, +- cx->key, +- sig, wincx); +- break; +- case rsaPssKey: +- sigLen = SECKEY_SignatureLen(key); +- if (sigLen == 0) { +- /* error set by SECKEY_SignatureLen */ +- rv = SECFailure; ++ rv = SECFailure; ++ if (type == rsaKey) { ++ rv = recoverPKCS1DigestInfo(hashAlg, &cx->hashAlg, ++ &cx->pkcs1RSADigestInfo, ++ &cx->pkcs1RSADigestInfoLen, ++ cx->key, ++ sig, wincx); ++ } else { ++ sigLen = checkedSignatureLen(key); ++ /* Check signature length is within limits */ ++ if (sigLen == 0) { ++ /* error set by checkedSignatureLen */ ++ rv = SECFailure; ++ goto loser; ++ } ++ if (sigLen > sizeof(cx->u)) { ++ PORT_SetError(SEC_ERROR_BAD_SIGNATURE); ++ rv = SECFailure; ++ goto loser; ++ } ++ switch (type) { ++ case rsaPssKey: ++ if (sig->len != sigLen) { ++ PORT_SetError(SEC_ERROR_BAD_SIGNATURE); ++ rv = SECFailure; ++ goto loser; ++ } ++ PORT_Memcpy(cx->u.buffer, sig->data, sigLen); ++ rv = SECSuccess; + break; +- } +- if (sig->len != sigLen) { +- PORT_SetError(SEC_ERROR_BAD_SIGNATURE); ++ case ecKey: ++ case dsaKey: ++ /* decodeECorDSASignature will check sigLen == sig->len after padding */ ++ rv = decodeECorDSASignature(encAlg, sig, cx->u.buffer, sigLen); ++ break; ++ default: ++ /* Unreachable */ + rv = SECFailure; +- break; +- } +- PORT_Memcpy(cx->u.buffer, sig->data, sigLen); +- break; +- case dsaKey: +- case ecKey: +- sigLen = SECKEY_SignatureLen(key); +- if (sigLen == 0) { +- /* error set by SECKEY_SignatureLen */ +- rv = SECFailure; +- break; +- } +- rv = decodeECorDSASignature(encAlg, sig, cx->u.buffer, sigLen); +- break; +- default: +- rv = SECFailure; +- PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG); +- break; ++ goto loser; ++ } ++ } ++ if (rv != SECSuccess) { ++ goto loser; + } + } + +- if (rv) +- goto loser; +- + /* check hash alg again, RSA may have changed it.*/ + if (HASH_GetHashTypeByOidTag(cx->hashAlg) == HASH_AlgNULL) { + /* error set by HASH_GetHashTypeByOidTag */ +@@ -650,11 +685,16 @@ + switch (cx->key->keyType) { + case ecKey: + case dsaKey: +- dsasig.data = cx->u.buffer; +- dsasig.len = SECKEY_SignatureLen(cx->key); ++ dsasig.len = checkedSignatureLen(cx->key); + if (dsasig.len == 0) { + return SECFailure; + } ++ if (dsasig.len > sizeof(cx->u)) { ++ PORT_SetError(SEC_ERROR_BAD_SIGNATURE); ++ return SECFailure; ++ } ++ dsasig.data = cx->u.buffer; ++ + if (sig) { + rv = decodeECorDSASignature(cx->encAlg, sig, dsasig.data, + dsasig.len); +@@ -686,8 +726,13 @@ + } + + rsasig.data = cx->u.buffer; +- rsasig.len = SECKEY_SignatureLen(cx->key); ++ rsasig.len = checkedSignatureLen(cx->key); + if (rsasig.len == 0) { ++ /* Error set by checkedSignatureLen */ ++ return SECFailure; ++ } ++ if (rsasig.len > sizeof(cx->u)) { ++ PORT_SetError(SEC_ERROR_BAD_SIGNATURE); + return SECFailure; + } + if (sig) { +@@ -749,7 +794,6 @@ + SECStatus rv; + VFYContext *cx; + SECItem dsasig; /* also used for ECDSA */ +- + rv = SECFailure; + + cx = vfy_CreateContext(key, sig, encAlg, hashAlg, NULL, wincx); +@@ -757,19 +801,25 @@ + switch (key->keyType) { + case rsaKey: + rv = verifyPKCS1DigestInfo(cx, digest); ++ /* Error (if any) set by verifyPKCS1DigestInfo */ + break; +- case dsaKey: + case ecKey: ++ case dsaKey: + dsasig.data = cx->u.buffer; +- dsasig.len = SECKEY_SignatureLen(cx->key); ++ dsasig.len = checkedSignatureLen(cx->key); + if (dsasig.len == 0) { ++ /* Error set by checkedSignatureLen */ ++ rv = SECFailure; + break; + } +- if (PK11_Verify(cx->key, &dsasig, (SECItem *)digest, cx->wincx) != +- SECSuccess) { ++ if (dsasig.len > sizeof(cx->u)) { + PORT_SetError(SEC_ERROR_BAD_SIGNATURE); +- } else { +- rv = SECSuccess; ++ rv = SECFailure; ++ break; ++ } ++ rv = PK11_Verify(cx->key, &dsasig, (SECItem *)digest, cx->wincx); ++ if (rv != SECSuccess) { ++ PORT_SetError(SEC_ERROR_BAD_SIGNATURE); + } + break; + default: + diff --git a/nss-3.67-fix-pkcs12-policy.patch b/nss-3.67-fix-pkcs12-policy.patch new file mode 100644 index 0000000000000000000000000000000000000000..26912a531a79a48b51237386e1ca71b6e0eb844b --- /dev/null +++ b/nss-3.67-fix-pkcs12-policy.patch @@ -0,0 +1,22 @@ +diff -up ./lib/pkcs12/p12plcy.c.policy_enable_fix ./lib/pkcs12/p12plcy.c +--- ./lib/pkcs12/p12plcy.c.policy_enable_fix 2021-09-21 15:58:46.013861285 -0700 ++++ ./lib/pkcs12/p12plcy.c 2021-09-21 15:59:06.440987853 -0700 +@@ -85,17 +85,12 @@ SECStatus + SEC_PKCS12EnableCipher(long which, int on) + { + int i; +- SECStatus rv; + PRUint32 set = on ? NSS_USE_ALG_IN_PKCS12 : 0; + PRUint32 clear = on ? 0 : NSS_USE_ALG_IN_PKCS12; + + for (i = 0; pkcs12SuiteMaps[i].suite != 0L; i++) { + if (pkcs12SuiteMaps[i].suite == (unsigned long)which) { +- rv = NSS_SetAlgorithmPolicy(pkcs12SuiteMaps[i].algTag, set, clear); +- /* could fail if the policy has been locked */ +- if (rv != SECSuccess) { +- return rv; +- } ++ return NSS_SetAlgorithmPolicy(pkcs12SuiteMaps[i].algTag, set, clear); + } + } + PORT_SetError(SEC_ERROR_INVALID_ALGORITHM); diff --git a/nss-3.67-fix-sdb-timeout.patch b/nss-3.67-fix-sdb-timeout.patch new file mode 100644 index 0000000000000000000000000000000000000000..120cb5b83b0e0526cffb0bf30c87f202131444c3 --- /dev/null +++ b/nss-3.67-fix-sdb-timeout.patch @@ -0,0 +1,63 @@ +diff --git a/lib/softoken/sdb.c b/lib/softoken/sdb.c +--- a/lib/softoken/sdb.c ++++ b/lib/softoken/sdb.c +@@ -1519,16 +1519,18 @@ sdb_Begin(SDB *sdb) + + sqlerr = sqlite3_prepare_v2(sqlDB, BEGIN_CMD, -1, &stmt, NULL); + + do { + sqlerr = sqlite3_step(stmt); + if (sqlerr == SQLITE_BUSY) { + PR_Sleep(SDB_BUSY_RETRY_TIME); + } ++ /* don't retry BEGIN transaction*/ ++ retry = 0; + } while (!sdb_done(sqlerr, &retry)); + + if (stmt) { + sqlite3_reset(stmt); + sqlite3_finalize(stmt); + } + + loser: +diff --git a/lib/softoken/sftkdb.c b/lib/softoken/sftkdb.c +--- a/lib/softoken/sftkdb.c ++++ b/lib/softoken/sftkdb.c +@@ -1521,17 +1521,17 @@ sftkdb_DestroyObject(SFTKDBHandle *handl + if (handle == NULL) { + return CKR_TOKEN_WRITE_PROTECTED; + } + db = SFTK_GET_SDB(handle); + objectID &= SFTK_OBJ_ID_MASK; + + crv = (*db->sdb_Begin)(db); + if (crv != CKR_OK) { +- goto loser; ++ return crv; + } + crv = (*db->sdb_DestroyObject)(db, objectID); + if (crv != CKR_OK) { + goto loser; + } + /* if the database supports meta data, delete any old signatures + * that we may have added */ + if ((db->sdb_flags & SDB_HAS_META) == SDB_HAS_META) { +@@ -2456,17 +2456,17 @@ sftkdb_Update(SFTKDBHandle *handle, SECI + return CKR_OK; + } + /* + * put the whole update under a transaction. This allows us to handle + * any possible race conditions between with the updateID check. + */ + crv = (*handle->db->sdb_Begin)(handle->db); + if (crv != CKR_OK) { +- goto loser; ++ return crv; + } + inTransaction = PR_TRUE; + + /* some one else has already updated this db */ + if (sftkdb_hasUpdate(sftkdb_TypeString(handle), + handle->db, handle->updateID)) { + crv = CKR_OK; + goto done; diff --git a/nss-3.67-fix-ssl-alerts.patch b/nss-3.67-fix-ssl-alerts.patch new file mode 100644 index 0000000000000000000000000000000000000000..10cdaf5b8df47732b67752d04a151c4ae323818c --- /dev/null +++ b/nss-3.67-fix-ssl-alerts.patch @@ -0,0 +1,122 @@ +diff -up ./lib/ssl/ssl3con.c.alert-fix ./lib/ssl/ssl3con.c +--- ./lib/ssl/ssl3con.c.alert-fix 2021-06-10 05:33:12.000000000 -0700 ++++ ./lib/ssl/ssl3con.c 2021-07-06 17:08:25.894018521 -0700 +@@ -4319,7 +4319,11 @@ ssl_SignatureSchemeValid(SSLSignatureSch + if (!ssl_IsSupportedSignatureScheme(scheme)) { + return PR_FALSE; + } +- if (!ssl_SignatureSchemeMatchesSpkiOid(scheme, spkiOid)) { ++ /* if we are purposefully passed SEC_OID_UNKOWN, it means ++ * we not checking the scheme against a potential key, so skip ++ * the call */ ++ if ((spkiOid != SEC_OID_UNKNOWN) && ++ !ssl_SignatureSchemeMatchesSpkiOid(scheme, spkiOid)) { + return PR_FALSE; + } + if (isTls13) { +@@ -4517,7 +4521,8 @@ ssl_CheckSignatureSchemeConsistency(sslS + } + + /* Verify that the signature scheme matches the signing key. */ +- if (!ssl_SignatureSchemeValid(scheme, spkiOid, isTLS13)) { ++ if ((spkiOid == SEC_OID_UNKNOWN) || ++ !ssl_SignatureSchemeValid(scheme, spkiOid, isTLS13)) { + PORT_SetError(SSL_ERROR_INCORRECT_SIGNATURE_ALGORITHM); + return SECFailure; + } +@@ -4533,6 +4538,7 @@ ssl_CheckSignatureSchemeConsistency(sslS + PRBool + ssl_IsSupportedSignatureScheme(SSLSignatureScheme scheme) + { ++ PRBool isSupported = PR_FALSE; + switch (scheme) { + case ssl_sig_rsa_pkcs1_sha1: + case ssl_sig_rsa_pkcs1_sha256: +@@ -4552,7 +4558,8 @@ ssl_IsSupportedSignatureScheme(SSLSignat + case ssl_sig_dsa_sha384: + case ssl_sig_dsa_sha512: + case ssl_sig_ecdsa_sha1: +- return PR_TRUE; ++ isSupported = PR_TRUE; ++ break; + + case ssl_sig_rsa_pkcs1_sha1md5: + case ssl_sig_none: +@@ -4560,7 +4567,19 @@ ssl_IsSupportedSignatureScheme(SSLSignat + case ssl_sig_ed448: + return PR_FALSE; + } +- return PR_FALSE; ++ if (isSupported) { ++ SECOidTag hashOID = ssl3_HashTypeToOID(ssl_SignatureSchemeToHashType(scheme)); ++ PRUint32 policy; ++ const PRUint32 sigSchemePolicy= ++ NSS_USE_ALG_IN_SSL_KX|NSS_USE_ALG_IN_SIGNATURE; ++ /* check hash policy */ ++ if ((NSS_GetAlgorithmPolicy(hashOID, &policy) == SECSuccess) && ++ ((policy & sigSchemePolicy) != sigSchemePolicy)) { ++ return PR_FALSE; ++ } ++ /* check algorithm policy */ ++ } ++ return isSupported; + } + + PRBool +@@ -6533,6 +6552,9 @@ ssl_PickSignatureScheme(sslSocket *ss, + } + + spkiOid = SECOID_GetAlgorithmTag(&cert->subjectPublicKeyInfo.algorithm); ++ if (spkiOid == SEC_OID_UNKNOWN) { ++ goto loser; ++ } + + /* Now we have to search based on the key type. Go through our preferred + * schemes in order and find the first that can be used. */ +@@ -6547,6 +6569,7 @@ ssl_PickSignatureScheme(sslSocket *ss, + } + } + ++loser: + PORT_SetError(SSL_ERROR_UNSUPPORTED_SIGNATURE_ALGORITHM); + return SECFailure; + } +@@ -7700,7 +7723,8 @@ ssl_ParseSignatureSchemes(const sslSocke + PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); + return SECFailure; + } +- if (ssl_IsSupportedSignatureScheme((SSLSignatureScheme)tmp)) { ++ if (ssl_SignatureSchemeValid((SSLSignatureScheme)tmp, SEC_OID_UNKNOWN, ++ (PRBool)ss->version >= SSL_LIBRARY_VERSION_TLS_1_3)) {; + schemes[numSupported++] = (SSLSignatureScheme)tmp; + } + } +@@ -10286,7 +10310,12 @@ ssl3_HandleCertificateVerify(sslSocket * + PORT_Assert(ss->ssl3.hs.hashType == handshake_hash_record); + rv = ssl_ConsumeSignatureScheme(ss, &b, &length, &sigScheme); + if (rv != SECSuccess) { +- goto loser; /* malformed or unsupported. */ ++ errCode = PORT_GetError(); ++ /* unsupported == illegal_parameter, others == handshake_failure. */ ++ if (errCode == SSL_ERROR_UNSUPPORTED_SIGNATURE_ALGORITHM) { ++ desc = illegal_parameter; ++ } ++ goto alert_loser; + } + rv = ssl_CheckSignatureSchemeConsistency( + ss, sigScheme, &ss->sec.peerCert->subjectPublicKeyInfo); +diff -up ./gtests/ssl_gtest/ssl_extension_unittest.cc.alert-fix ./gtests/ssl_gtest/ssl_extension_unittest.cc +--- ./gtests/ssl_gtest/ssl_extension_unittest.cc.alert-fix 2021-07-07 11:32:11.634376932 -0700 ++++ ./gtests/ssl_gtest/ssl_extension_unittest.cc 2021-07-07 11:33:30.595841110 -0700 +@@ -428,7 +428,10 @@ TEST_P(TlsExtensionTest12Plus, Signature + } + + TEST_P(TlsExtensionTest12Plus, SignatureAlgorithmsTrailingData) { +- const uint8_t val[] = {0x00, 0x02, 0x04, 0x01, 0x00}; // sha-256, rsa ++ // make sure the test uses an algorithm that is legal for ++ // tls 1.3 (or tls 1.3 will through and illegalParameter ++ // instead of a decode error) ++ const uint8_t val[] = {0x00, 0x02, 0x08, 0x09, 0x00}; // sha-256, rsa-pss-pss + DataBuffer extension(val, sizeof(val)); + ClientHelloErrorTest(std::make_shared( + client_, ssl_signature_algorithms_xtn, extension)); diff --git a/nss-3.67-revert-sql-manage-change.patch b/nss-3.67-revert-sql-manage-change.patch new file mode 100644 index 0000000000000000000000000000000000000000..40abcc6c0ddf968aa65553878342dc3a9bcddeb8 --- /dev/null +++ b/nss-3.67-revert-sql-manage-change.patch @@ -0,0 +1,2917 @@ +# HG changeset patch +# User Robert Relyea +# Date 1621548343 25200 +# Thu May 20 15:05:43 2021 -0700 +# Node ID da25615e92c86aa6bd376fd86bf110d15999eb3c +# Parent 2300e178c90fe6d3e170cf7d96556fce6d6b48e7 +Bug 1712184 NSS tools manpages need to be updated to reflect that sqlite is the default database. + +This patch does 2 things: + +1) update certutil.xml pk12util.xml modutil.xml and signver.xml to reflect the fact +the the sql database is default. Many of these also has examples of specifying +sql:dirname which is now the default. I did not replace them with dbm:dirname since +we don't want to encourage regressing back. The one exception is in the paragraph +explaining how to get to the old database format. + +2) I ran make in the diretory to update the .1 and .html files generated from the .xml +files. There are a number of old updates to the .xml files which haven't been picked +up in their corresponding html or man page files. This updates are included in this +patch. + +It is really only necessary to review the changes to the .xml files, the rest were +reviewed when their patches were applied. + +bob + +Differential Revision: https://phabricator.services.mozilla.com/D115658 + +diff --git a/doc/certutil.xml b/doc/certutil.xml +--- a/doc/certutil.xml ++++ b/doc/certutil.xml +@@ -203,17 +203,17 @@ If this option is not used, the validity + + Specify the database directory containing the certificate and key database files. + certutil supports two types of databases: the legacy security databases (cert8.db, key3.db, and secmod.db) and new SQLite databases (cert9.db, key4.db, and pkcs11.txt). + NSS recognizes the following prefixes: + + sql: requests the newer database + dbm: requests the legacy database + +- If no prefix is specified the default type is retrieved from NSS_DEFAULT_DB_TYPE. If NSS_DEFAULT_DB_TYPE is not set then dbm: is the default. ++ If no prefix is specified the default type is retrieved from NSS_DEFAULT_DB_TYPE. If NSS_DEFAULT_DB_TYPE is not set then sql: is the default. + + + + + --dump-ext-val OID + For single cert, print binary DER encoding of extension OID. + + +@@ -843,23 +843,23 @@ Comma separated list of one or more of t + + secmod.db or pkcs11.txt + + + + + These databases must be created before certificates or keys can be generated. + +-certutil -N -d [sql:]directory ++certutil -N -d directory + + Creating a Certificate Request + + A certificate request contains most or all of the information that is used to generate the final certificate. This request is submitted separately to a certificate authority and is then approved by some mechanism (automatically or by human review). Once the request is approved, then the certificate is generated. + +-$ certutil -R -k key-type-or-id [-q pqgfile|curve-name] -g key-size -s subject [-h tokenname] -d [sql:]directory [-p phone] [-o output-file] [-a] ++$ certutil -R -k key-type-or-id [-q pqgfile|curve-name] -g key-size -s subject [-h tokenname] -d directory [-p phone] [-o output-file] [-a] + + The command options requires four arguments: + + + + + to specify either the key type to generate or, when renewing a certificate, the existing key pair to use + +@@ -881,27 +881,27 @@ Comma separated list of one or more of t + + + + The new certificate request can be output in ASCII format () or can be written to a specified file (). + + + For example: + +-$ certutil -R -k rsa -g 1024 -s "CN=John Smith,O=Example Corp,L=Mountain View,ST=California,C=US" -d sql:$HOME/nssdb -p 650-555-0123 -a -o cert.cer ++$ certutil -R -k rsa -g 1024 -s "CN=John Smith,O=Example Corp,L=Mountain View,ST=California,C=US" -d $HOME/nssdb -p 650-555-0123 -a -o cert.cer + + Generating key. This may take a few moments... + + + + Creating a Certificate + + A valid certificate must be issued by a trusted CA. This can be done by specifying a CA certificate () that is stored in the certificate database. If a CA key pair is not available, you can create a self-signed certificate using the argument with the command option. + +-$ certutil -S -k rsa|dsa|ec -n certname -s subject [-c issuer |-x] -t trustargs -d [sql:]directory [-m serial-number] [-v valid-months] [-w offset-months] [-p phone] [-1] [-2] [-3] [-4] [-5 keyword] [-6 keyword] [-7 emailAddress] [-8 dns-names] [--extAIA] [--extSIA] [--extCP] [--extPM] [--extPC] [--extIA] [--extSKID] ++$ certutil -S -k rsa|dsa|ec -n certname -s subject [-c issuer |-x] -t trustargs -d directory [-m serial-number] [-v valid-months] [-w offset-months] [-p phone] [-1] [-2] [-3] [-4] [-5 keyword] [-6 keyword] [-7 emailAddress] [-8 dns-names] [--extAIA] [--extSIA] [--extCP] [--extPM] [--extPC] [--extIA] [--extSKID] + + The series of numbers and options set certificate extensions that can be added to the certificate when it is generated by the CA. Interactive prompts will result. + + + For example, this creates a self-signed certificate: + + $ certutil -S -s "CN=Example CA" -n my-ca-cert -x -t "C,C,C" -1 -2 -5 -m 3650 + +@@ -911,55 +911,55 @@ The interative prompts for key usage and + From there, new certificates can reference the self-signed certificate: + + $ certutil -S -s "CN=My Server Cert" -n my-server-cert -c "my-ca-cert" -t ",," -1 -5 -6 -8 -m 730 + + Generating a Certificate from a Certificate Request + + When a certificate request is created, a certificate can be generated by using the request and then referencing a certificate authority signing certificate (the issuer specified in the argument). The issuing certificate must be in the certificate database in the specified directory. + +-certutil -C -c issuer -i cert-request-file -o output-file [-m serial-number] [-v valid-months] [-w offset-months] -d [sql:]directory [-1] [-2] [-3] [-4] [-5 keyword] [-6 keyword] [-7 emailAddress] [-8 dns-names] ++certutil -C -c issuer -i cert-request-file -o output-file [-m serial-number] [-v valid-months] [-w offset-months] -d directory [-1] [-2] [-3] [-4] [-5 keyword] [-6 keyword] [-7 emailAddress] [-8 dns-names] + + For example: + +-$ certutil -C -c "my-ca-cert" -i /home/certs/cert.req -o cert.cer -m 010 -v 12 -w 1 -d sql:$HOME/nssdb -1 nonRepudiation,dataEncipherment -5 sslClient -6 clientAuth -7 jsmith@example.com ++$ certutil -C -c "my-ca-cert" -i /home/certs/cert.req -o cert.cer -m 010 -v 12 -w 1 -d $HOME/nssdb -1 nonRepudiation,dataEncipherment -5 sslClient -6 clientAuth -7 jsmith@example.com + + Listing Certificates + + The command option lists all of the certificates listed in the certificate database. The path to the directory () is required. + +-$ certutil -L -d sql:/home/my/sharednssdb ++$ certutil -L -d /home/my/sharednssdb + + Certificate Nickname Trust Attributes + SSL,S/MIME,JAR/XPI + + CA Administrator of Instance pki-ca1's Example Domain ID u,u,u + TPS Administrator's Example Domain ID u,u,u + Google Internet Authority ,, + Certificate Authority - Example Domain CT,C,C + + Using additional arguments with can return and print the information for a single, specific certificate. For example, the argument passes the certificate name, while the argument prints the certificate in ASCII format: + + +-$ certutil -L -d sql:$HOME/nssdb -a -n my-ca-cert ++$ certutil -L -d $HOME/nssdb -a -n my-ca-cert + -----BEGIN CERTIFICATE----- + MIIB1DCCAT2gAwIBAgICDkIwDQYJKoZIhvcNAQEFBQAwFTETMBEGA1UEAxMKRXhh + bXBsZSBDQTAeFw0xMzAzMTMxOTEwMjlaFw0xMzA2MTMxOTEwMjlaMBUxEzARBgNV + BAMTCkV4YW1wbGUgQ0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJ4Kzqvz + JyBVgFqDXRYSyTBNw1DrxUU/3GvWA/ngjAwHEv0Cul/6sO/gsCvnABHiH6unns6x + XRzPORlC2WY3gkk7vmlsLvYpyecNazAi/NAwVnU/66HOsaoVFWE+gBQo99UrN2yk + 0BiK/GMFlLm5dXQROgA9ZKKyFdI0LIXtf6SbAgMBAAGjMzAxMBEGCWCGSAGG+EIB + AQQEAwIHADAMBgNVHRMEBTADAQH/MA4GA1UdDwEB/wQEAwICBDANBgkqhkiG9w0B + AQUFAAOBgQA6chkzkACN281d1jKMrc+RHG2UMaQyxiteaLVZO+Ro1nnRUvseDf09 + XKYFwPMJjWCihVku6bw/ihZfuMHhxK22Nue6inNQ6eDu7WmrqL8z3iUrQwxs+WiF + ob2rb8XRVVJkzXdXxlk4uo3UtNvw8sAz7sWD71qxKaIHU5q49zijfg== + -----END CERTIFICATE----- + + For a human-readable display +-$ certutil -L -d sql:$HOME/nssdb -n my-ca-cert ++$ certutil -L -d $HOME/nssdb -n my-ca-cert + Certificate: + Data: + Version: 3 (0x2) + Serial Number: 3650 (0xe42) + Signature Algorithm: PKCS #1 SHA-1 With RSA Encryption + Issuer: "CN=Example CA" + Validity: + Not Before: Wed Mar 13 19:10:29 2013 +@@ -1022,17 +1022,17 @@ Certificate: + + Listing Keys + + Keys are the original material used to encrypt certificate data. The keys generated for certificates are stored separately, in the key database. + + + To list all keys in the database, use the command option and the (required) argument to give the path to the directory. + +-$ certutil -K -d sql:$HOME/nssdb ++$ certutil -K -d $HOME/nssdb + certutil: Checking token "NSS Certificate DB" in slot "NSS User Private Key and Certificate Services " + < 0> rsa 455a6673bde9375c2887ec8bf8016b3f9f35861d Thawte Freemail Member's Thawte Consulting (Pty) Ltd. ID + < 1> rsa 40defeeb522ade11090eacebaaf1196a172127df Example Domain Administrator Cert + < 2> rsa 1d0b06f44f6c03842f7d4f4a1dc78b3bcd1b85a5 John Smith user cert + + There are ways to narrow the keys listed in the search results: + + +@@ -1052,111 +1052,111 @@ certutil: Checking token "NSS Certificat + + + + + Listing Security Modules + + The devices that can be used to store certificates -- both internal databases and external devices like smart cards -- are recognized and used by loading security modules. The command option lists all of the security modules listed in the secmod.db database. The path to the directory () is required. + +-$ certutil -U -d sql:/home/my/sharednssdb ++$ certutil -U -d /home/my/sharednssdb + + slot: NSS User Private Key and Certificate Services + token: NSS Certificate DB + uri: pkcs11:token=NSS%20Certificate%20DB;manufacturer=Mozilla%20Foundation;serial=0000000000000000;model=NSS%203 + + slot: NSS Internal Cryptographic Services + token: NSS Generic Crypto Services + uri: pkcs11:token=NSS%20Generic%20Crypto%20Services;manufacturer=Mozilla%20Foundation;serial=0000000000000000;model=NSS%203 + + Adding Certificates to the Database + + Existing certificates or certificate requests can be added manually to the certificate database, even if they were generated elsewhere. This uses the command option. + +-certutil -A -n certname -t trustargs -d [sql:]directory [-a] [-i input-file] ++certutil -A -n certname -t trustargs -d directory [-a] [-i input-file] + + For example: + +-$ certutil -A -n "CN=My SSL Certificate" -t ",," -d sql:/home/my/sharednssdb -i /home/example-certs/cert.cer ++$ certutil -A -n "CN=My SSL Certificate" -t ",," -d /home/my/sharednssdb -i /home/example-certs/cert.cer + + A related command option, , is used specifically to add email certificates to the certificate database. The command has the same arguments as the command. The trust arguments for certificates have the format SSL,S/MIME,Code-signing, so the middle trust settings relate most to email certificates (though the others can be set). For example: + +-$ certutil -E -n "CN=John Smith Email Cert" -t ",P," -d sql:/home/my/sharednssdb -i /home/example-certs/email.cer ++$ certutil -E -n "CN=John Smith Email Cert" -t ",P," -d /home/my/sharednssdb -i /home/example-certs/email.cer + + Deleting Certificates to the Database + + Certificates can be deleted from a database using the option. The only required options are to give the security database directory and to identify the certificate nickname. + +-certutil -D -d [sql:]directory -n "nickname" ++certutil -D -d directory -n "nickname" + + For example: + +-$ certutil -D -d sql:/home/my/sharednssdb -n "my-ssl-cert" ++$ certutil -D -d /home/my/sharednssdb -n "my-ssl-cert" + + Validating Certificates + + A certificate contains an expiration date in itself, and expired certificates are easily rejected. However, certificates can also be revoked before they hit their expiration date. Checking whether a certificate has been revoked requires validating the certificate. Validation can also be used to ensure that the certificate is only used for the purposes it was initially issued for. Validation is carried out by the command option. + +-certutil -V -n certificate-name [-b time] [-e] [-u cert-usage] -d [sql:]directory ++certutil -V -n certificate-name [-b time] [-e] [-u cert-usage] -d directory + + For example, to validate an email certificate: + +-$ certutil -V -n "John Smith's Email Cert" -e -u S,R -d sql:/home/my/sharednssdb ++$ certutil -V -n "John Smith's Email Cert" -e -u S,R -d /home/my/sharednssdb + + Modifying Certificate Trust Settings + + The trust settings (which relate to the operations that a certificate is allowed to be used for) can be changed after a certificate is created or added to the database. This is especially useful for CA certificates, but it can be performed for any type of certificate. + +-certutil -M -n certificate-name -t trust-args -d [sql:]directory ++certutil -M -n certificate-name -t trust-args -d directory + + For example: + +-$ certutil -M -n "My CA Certificate" -d sql:/home/my/sharednssdb -t "CT,CT,CT" ++$ certutil -M -n "My CA Certificate" -d /home/my/sharednssdb -t "CT,CT,CT" + + Printing the Certificate Chain + + Certificates can be issued in chains because every certificate authority itself has a certificate; when a CA issues a certificate, it essentially stamps that certificate with its own fingerprint. The prints the full chain of a certificate, going from the initial CA (the root CA) through ever intermediary CA to the actual certificate. For example, for an email certificate with two CAs in the chain: + +-$ certutil -d sql:/home/my/sharednssdb -O -n "jsmith@example.com" ++$ certutil -d /home/my/sharednssdb -O -n "jsmith@example.com" + "Builtin Object Token:Thawte Personal Freemail CA" [E=personal-freemail@thawte.com,CN=Thawte Personal Freemail CA,OU=Certification Services Division,O=Thawte Consulting,L=Cape Town,ST=Western Cape,C=ZA] + + "Thawte Personal Freemail Issuing CA - Thawte Consulting" [CN=Thawte Personal Freemail Issuing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA] + + "(null)" [E=jsmith@example.com,CN=Thawte Freemail Member] + + Resetting a Token + + The device which stores certificates -- both external hardware devices and internal software databases -- can be blanked and reused. This operation is performed on the device which stores the data, not directly on the security databases, so the location must be referenced through the token name () as well as any directory path. If there is no external token used, the default value is internal. + +-certutil -T -d [sql:]directory -h token-name -0 security-officer-password ++certutil -T -d directory -h token-name -0 security-officer-password + + Many networks have dedicated personnel who handle changes to security tokens (the security officer). This person must supply the password to access the specified token. For example: + +-$ certutil -T -d sql:/home/my/sharednssdb -h nethsm -0 secret ++$ certutil -T -d /home/my/sharednssdb -h nethsm -0 secret + + Upgrading or Merging the Security Databases + + Many networks or applications may be using older BerkeleyDB versions of the certificate database (cert8.db). Databases can be upgraded to the new SQLite version of the database (cert9.db) using the command option or existing databases can be merged with the new cert9.db databases using the command. + + + The command must give information about the original database and then use the standard arguments (like ) to give the information about the new databases. The command also requires information that the tool uses for the process to upgrade and write over the original database. + +-certutil --upgrade-merge -d [sql:]directory [-P dbprefix] --source-dir directory --source-prefix dbprefix --upgrade-id id --upgrade-token-name name [-@ password-file] ++certutil --upgrade-merge -d directory [-P dbprefix] --source-dir directory --source-prefix dbprefix --upgrade-id id --upgrade-token-name name [-@ password-file] + + For example: + +-$ certutil --upgrade-merge -d sql:/home/my/sharednssdb --source-dir /opt/my-app/alias/ --source-prefix serverapp- --upgrade-id 1 --upgrade-token-name internal ++$ certutil --upgrade-merge -d /home/my/sharednssdb --source-dir /opt/my-app/alias/ --source-prefix serverapp- --upgrade-id 1 --upgrade-token-name internal + + The command only requires information about the location of the original database; since it doesn't change the format of the database, it can write over information without performing interim step. + +-certutil --merge -d [sql:]directory [-P dbprefix] --source-dir directory --source-prefix dbprefix [-@ password-file] ++certutil --merge -d directory [-P dbprefix] --source-dir directory --source-prefix dbprefix [-@ password-file] + + For example: + +-$ certutil --merge -d sql:/home/my/sharednssdb --source-dir /opt/my-app/alias/ --source-prefix serverapp- ++$ certutil --merge -d /home/my/sharednssdb --source-dir /opt/my-app/alias/ --source-prefix serverapp- + + Running certutil Commands from a Batch File + + A series of commands can be run sequentially from a text file with the command option. The only argument for this specifies the input file. + + $ certutil -B -i /path/to/batch-file + + +@@ -1202,27 +1202,26 @@ BerkeleyDB. These new databases provide + + pkcs11.txt, a listing of all of the PKCS #11 modules, contained in a new subdirectory in the security databases directory + + + + + Because the SQLite databases are designed to be shared, these are the shared database type. The shared database type is preferred; the legacy format is included for backward compatibility. + +-By default, the tools (certutil, pk12util, modutil) assume that the given security databases follow the more common legacy type. +-Using the SQLite databases must be manually specified by using the sql: prefix with the given security directory. For example: ++By default, the tools (certutil, pk12util, modutil) assume that the given security databases use the SQLite type. ++Using the legacy databases must be manually specified by using the dbm: prefix with the given security directory. For example: + +-$ certutil -L -d sql:/home/my/sharednssdb ++$ certutil -L -d dbm:/home/my/sharednssdb + +-To set the shared database type as the default type for the tools, set the NSS_DEFAULT_DB_TYPE environment variable to sql: +-export NSS_DEFAULT_DB_TYPE="sql" ++To set the legacy database type as the default type for the tools, set the NSS_DEFAULT_DB_TYPE environment variable to dbm: ++export NSS_DEFAULT_DB_TYPE="dbm" + + This line can be set added to the ~/.bashrc file to make the change permanent. + +-Most applications do not use the shared database by default, but they can be configured to use them. For example, this how-to article covers how to configure Firefox and Thunderbird to use the new shared NSS databases: + + + + https://wiki.mozilla.org/NSS_Shared_DB_Howto + + + For an engineering draft on the changes in the shared NSS databases, see the NSS project wiki: + +diff --git a/doc/html/certutil.html b/doc/html/certutil.html +--- a/doc/html/certutil.html ++++ b/doc/html/certutil.html +@@ -1,21 +1,21 @@ +-CERTUTIL
CERTUTIL

Name

certutil — Manage keys and certificate in both NSS databases and other NSS tokens

Synopsis

certutil [options] [[arguments]]

STATUS

This documentation is still work in progress. Please contribute to the initial review in Mozilla NSS bug 836477 ++CERTUTIL

CERTUTIL

Name

certutil — Manage keys and certificate in both NSS databases and other NSS tokens

Synopsis

certutil [options] [[arguments]]

STATUS

This documentation is still work in progress. Please contribute to the initial review in Mozilla NSS bug 836477 +

Description

The Certificate Database Tool, certutil, is a command-line utility that can create and modify certificate and key databases. It can specifically list, generate, modify, or delete certificates, create or change the password, generate new public and private key pairs, display the contents of the key database, or delete key pairs within the key database.

Certificate issuance, part of the key and certificate management process, requires that keys and certificates be created in the key database. This document discusses certificate and key database management. For information on the security module database management, see the modutil manpage.

Command Options and Arguments

Running certutil always requires one and only one command option to specify the type of certificate operation. Each command option may take zero or more arguments. The command option -H will list all the command options and their relevant arguments.

Command Options

-A

Add an existing certificate to a certificate database. The certificate database should already exist; if one is not present, this command option will initialize one by default.

-B

Run a series of commands from the specified batch file. This requires the -i argument.

-C

Create a new binary certificate file from a binary certificate request file. Use the -i argument to specify the certificate request file. If this argument is not used, certutil prompts for a filename.

-D

Delete a certificate from the certificate database.

--rename

Change the database nickname of a certificate.

-E

Add an email certificate to the certificate database.

-F

Delete a private key and the associated certificate from a database. Specify the key to delete with the -n argument or the -k argument. Specify the database from which to delete the key with the + -d argument. +

+ Some smart cards do not let you remove a public key you have generated. In such a case, only the private key is deleted from the key pair.

-G

Generate a new public and private key pair within a key database. The key database should already exist; if one is not present, this command option will initialize one by default. Some smart cards can store only one key pair. If you create a new key pair for such a card, the previous pair is overwritten.

-H

Display a list of the command options and arguments.

-K

List the key ID of keys in the key database. A key ID is the modulus of the RSA key or the publicValue of the DSA key. IDs are displayed in hexadecimal ("0x" is not shown).

-L

List all the certificates, or display information about a named certificate, in a certificate database. + Use the -h tokenname argument to specify the certificate database on a particular hardware or software token.

-M

Modify a certificate's trust attributes using the values of the -t argument.

-N

Create new certificate and key databases.

-O

Print the certificate chain.

-R

Create a certificate request file that can be submitted to a Certificate Authority (CA) for processing into a finished certificate. Output defaults to standard out unless you use -o output-file argument. + + Use the -a argument to specify ASCII output.

-S

Create an individual certificate and add it to a certificate database.

-T

Reset the key database or token.

-U

List all available modules or print a single named module.

-V

Check the validity of a certificate and its attributes.

-W

Change the password to a key database.

--merge

Merge two databases into one.

--upgrade-merge

Upgrade an old database and merge it into a new database. This is used to migrate legacy NSS databases (cert8.db and key3.db) into the newer SQLite databases (cert9.db and key4.db).

Arguments

Arguments modify a command option and are usually lower case, numbers, or symbols.

-a

Use ASCII format or allow the use of ASCII format for input or output. This formatting follows RFC 1113. +-For certificate requests, ASCII output defaults to standard output unless redirected.

-b validity-time

Specify a time at which a certificate is required to be valid. Use when checking certificate validity with the -V option. The format of the validity-time argument is YYMMDDHHMMSS[+HHMM|-HHMM|Z], which allows offsets to be set relative to the validity end time. Specifying seconds (SS) is optional. When specifying an explicit time, use a Z at the end of the term, YYMMDDHHMMSSZ, to close it. When specifying an offset time, use YYMMDDHHMMSS+HHMM or YYMMDDHHMMSS-HHMM for adding or subtracting time, respectively. ++For certificate requests, ASCII output defaults to standard output unless redirected.

--simple-self-signed

When printing the certificate chain, don't search for a chain if issuer name equals to subject name.

-b validity-time

Specify a time at which a certificate is required to be valid. Use when checking certificate validity with the -V option. The format of the validity-time argument is YYMMDDHHMMSS[+HHMM|-HHMM|Z], which allows offsets to be set relative to the validity end time. Specifying seconds (SS) is optional. When specifying an explicit time, use a Z at the end of the term, YYMMDDHHMMSSZ, to close it. When specifying an offset time, use YYMMDDHHMMSS+HHMM or YYMMDDHHMMSS-HHMM for adding or subtracting time, respectively. +

+ If this option is not used, the validity check defaults to the current system time.

-c issuer

Identify the certificate of the CA from which a new certificate will derive its authenticity. + Use the exact nickname or alias of the CA certificate, or use the CA's email address. Bracket the issuer string +- with quotation marks if it contains spaces.

-d [prefix]directory

Specify the database directory containing the certificate and key database files.

certutil supports two types of databases: the legacy security databases (cert8.db, key3.db, and secmod.db) and new SQLite databases (cert9.db, key4.db, and pkcs11.txt).

NSS recognizes the following prefixes:

  • sql: requests the newer database

  • dbm: requests the legacy database

If no prefix is specified the default type is retrieved from NSS_DEFAULT_DB_TYPE. If NSS_DEFAULT_DB_TYPE is not set then dbm: is the default.

--dump-ext-val OID

For single cert, print binary DER encoding of extension OID.

-e

Check a certificate's signature during the process of validating a certificate.

--email email-address

Specify the email address of a certificate to list. Used with the -L command option.

--extGeneric OID:critical-flag:filename[,OID:critical-flag:filename]...

++ with quotation marks if it contains spaces.

-d [prefix]directory

Specify the database directory containing the certificate and key database files.

certutil supports two types of databases: the legacy security databases (cert8.db, key3.db, and secmod.db) and new SQLite databases (cert9.db, key4.db, and pkcs11.txt).

NSS recognizes the following prefixes:

  • sql: requests the newer database

  • dbm: requests the legacy database

If no prefix is specified the default type is retrieved from NSS_DEFAULT_DB_TYPE. If NSS_DEFAULT_DB_TYPE is not set then sql: is the default.

--dump-ext-val OID

For single cert, print binary DER encoding of extension OID.

-e

Check a certificate's signature during the process of validating a certificate.

--email email-address

Specify the email address of a certificate to list. Used with the -L command option.

--extGeneric OID:critical-flag:filename[,OID:critical-flag:filename]...

+ Add one or multiple extensions that certutil cannot encode yet, by loading their encodings from external files. +

  • OID (example): 1.2.3.4

  • critical-flag: critical or not-critical

  • filename: full path to a file containing an encoded extension

-f password-file

Specify a file that will automatically supply the password to include in a certificate + or to access a certificate database. This is a plain-text file containing one password. Be sure to prevent + unauthorized access to this file.

-g keysize

Set a key size to use when generating new public and private key pairs. The minimum is 512 bits and the maximum is 16384 bits. The default is 2048 bits. Any size between the minimum and maximum is allowed.

-h tokenname

Specify the name of a token to use or act on. If not specified the default token is the internal database slot.

The name can also be a PKCS #11 URI. For example, the NSS internal certificate store can be unambiguously specified as "pkcs11:token=NSS%20Certificate%20DB". For details about the format, see RFC 7512.

-i input_file

Pass an input file to the command. Depending on the command option, an input file can be a specific certificate, a certificate request file, or a batch file of commands.

-k key-type-or-id

Specify the type or specific ID of a key.

+ The valid key type options are rsa, dsa, ec, or all. The default + value is rsa. Specifying the type of key can avoid mistakes caused by + duplicate nicknames. Giving a key type generates a new key pair; + giving the ID of an existing key reuses that key pair (which is +@@ -50,17 +50,17 @@ of the attribute codes: +

  • + C - Trusted CA (implies c) +

  • + T - trusted CA for client authentication (ssl server only) +

    • + The attribute codes for the categories are separated by commas, and the entire set of attributes enclosed by quotation marks. For example: +

    -t "TC,C,T"

    + Use the -L option to see a list of the current certificates and trust attributes in a certificate database.

    +- Note that the output of the -L option may include "u" flag, which means that there is a private key associated with the certificate. It is a dynamic flag and you cannot set it with certutil.

    -u certusage

    Specify a usage context to apply when validating a certificate with the -V option.

    The contexts are the following:

    • C (as an SSL client)

    • V (as an SSL server)

    • L (as an SSL CA)

    • A (as Any CA)

    • Y (Verify CA)

    • S (as an email signer)

    • R (as an email recipient)

    • O (as an OCSP status responder)

    • J (as an object signer)

    -v valid-months

    Set the number of months a new certificate will be valid. The validity period begins at the current system time unless an offset is added or subtracted with the -w option. If this argument is not used, the default validity period is three months.

    -w offset-months

    Set an offset from the current system time, in months, ++ Note that the output of the -L option may include "u" flag, which means that there is a private key associated with the certificate. It is a dynamic flag and you cannot set it with certutil.

    -u certusage

    Specify a usage context to apply when validating a certificate with the -V option.

    The contexts are the following:

    • C (as an SSL client)

    • V (as an SSL server)

    • L (as an SSL CA)

    • A (as Any CA)

    • Y (Verify CA)

    • S (as an email signer)

    • R (as an email recipient)

    • O (as an OCSP status responder)

    • J (as an object signer)

    • I (as an IPSEC user)

    -v valid-months

    Set the number of months a new certificate will be valid. The validity period begins at the current system time unless an offset is added or subtracted with the -w option. If this argument is not used, the default validity period is three months.

    -w offset-months

    Set an offset from the current system time, in months, + for the beginning of a certificate's validity period. Use when creating + the certificate or adding it to a database. Express the offset in integers, + using a minus sign (-) to indicate a negative offset. If this argument is + not used, the validity period begins at the current system time. The length + of the validity period is set with the -v argument.

    -X

    Force the key and certificate database to open in read-write mode. This is used with the -U and -L command options.

    -x

    Use certutil to generate the signature for a certificate being created or added to a database, rather than obtaining a signature from a separate CA.

    -y exp

    Set an alternate exponent value to use in generating a new RSA public key for the database, instead of the default value of 65537. The available alternate values are 3 and 17.

    --pss

    Restrict the generated certificate (with the -S option) or certificate request (with the -R option) to be used with the RSA-PSS signature scheme. This only works when the private key of the certificate or certificate request is RSA.

    --pss-sign

    Sign the generated certificate with the RSA-PSS signature scheme (with the -C or -S option). This only works when the private key of the signer's certificate is RSA. If the signer's certificate is restricted to RSA-PSS, it is not necessary to specify this option.

    -z noise-file

    Read a seed value from the specified file to generate a new private and public key pair. This argument makes it possible to use hardware-generated seed values or manually create a value from the keyboard. The minimum file size is 20 bytes.

    -Z hashAlg

    Specify the hash algorithm to use with the -C, -S or -R command options. Possible keywords:

    • MD2

    • MD4

    • MD5

    • SHA1

    • SHA224

    • SHA256

    • SHA384

    • SHA512

    -0 SSO_password

    Set a site security officer password on a token.

    -1 | --keyUsage keyword,keyword

    Set an X.509 V3 Certificate Type Extension in the certificate. There are several available keywords:

    • + digitalSignature +

    • + nonRepudiation +@@ -105,16 +105,30 @@ of the attribute codes: +

    • + ocspResponder +

    • + stepUp +

    • + msTrustListSign +

    • + critical ++

    • ++ x509Any ++

    • ++ ipsecIKE ++

    • ++ ipsecIKEEnd ++

    • ++ ipsecIKEIntermediate ++

    • ++ ipsecEnd ++

    • ++ ipsecTunnel ++

    • ++ ipsecUser +

    X.509 certificate extensions are described in RFC 5280.

    -7 emailAddrs

    Add a comma-separated list of email addresses to the subject alternative name extension of a certificate or certificate request that is being created or added to the database. Subject alternative name extensions are described in Section 4.2.1.7 of RFC 3280.

    -8 dns-names

    Add a comma-separated list of DNS names to the subject alternative name extension of a certificate or certificate request that is being created or added to the database. Subject alternative name extensions are described in Section 4.2.1.7 of RFC 3280.

    --extAIA

    Add the Authority Information Access extension to the certificate. X.509 certificate extensions are described in RFC 5280.

    --extSIA

    Add the Subject Information Access extension to the certificate. X.509 certificate extensions are described in RFC 5280.

    --extCP

    Add the Certificate Policies extension to the certificate. X.509 certificate extensions are described in RFC 5280.

    --extPM

    Add the Policy Mappings extension to the certificate. X.509 certificate extensions are described in RFC 5280.

    --extPC

    Add the Policy Constraints extension to the certificate. X.509 certificate extensions are described in RFC 5280.

    --extIA

    Add the Inhibit Any Policy Access extension to the certificate. X.509 certificate extensions are described in RFC 5280.

    --extSKID

    Add the Subject Key ID extension to the certificate. X.509 certificate extensions are described in RFC 5280.

    --extNC

    Add a Name Constraint extension to the certificate. X.509 certificate extensions are described in RFC 5280.

    --extSAN type:name[,type:name]...

    + Create a Subject Alt Name extension with one or multiple names. +

    + -type: directory, dn, dns, edi, ediparty, email, ip, ipaddr, other, registerid, rfc822, uri, x400, x400addr +

    --empty-password

    Use empty password when creating new certificate database with -N.

    --keyAttrFlags attrflags

    + PKCS #11 key Attributes. Comma separated list of key attribute flags, selected from the following list of choices: {token | session} {public | private} {sensitive | insensitive} {modifiable | unmodifiable} {extractable | unextractable}

    --keyOpFlagsOn opflags, --keyOpFlagsOff opflags

    + PKCS #11 key Operation Flags. + Comma separated list of one or more of the following: +@@ -126,77 +140,77 @@ Comma separated list of one or more of t +

    • + cert8.db or cert9.db +

    • + key3.db or key4.db +

    • + secmod.db or pkcs11.txt +

    + These databases must be created before certificates or keys can be generated. +- 

    certutil -N -d [sql:]directory

    Creating a Certificate Request

    ++ 

    certutil -N -d directory

    Creating a Certificate Request

    + A certificate request contains most or all of the information that is used to generate the final certificate. This request is submitted separately to a certificate authority and is then approved by some mechanism (automatically or by human review). Once the request is approved, then the certificate is generated. +- 

    $ certutil -R -k key-type-or-id [-q pqgfile|curve-name] -g key-size -s subject [-h tokenname] -d [sql:]directory [-p phone] [-o output-file] [-a]

    ++ 

    $ certutil -R -k key-type-or-id [-q pqgfile|curve-name] -g key-size -s subject [-h tokenname] -d directory [-p phone] [-o output-file] [-a]

    + The -R command options requires four arguments: +

    • + -k to specify either the key type to generate or, when renewing a certificate, the existing key pair to use +

    • + -g to set the keysize of the key to generate +

    • + -s to set the subject name of the certificate +

    • + -d to give the security database directory +

    + The new certificate request can be output in ASCII format (-a) or can be written to a specified file (-o). +

    + For example: +- 

    $ certutil -R -k rsa -g 1024 -s "CN=John Smith,O=Example Corp,L=Mountain View,ST=California,C=US" -d sql:$HOME/nssdb -p 650-555-0123 -a -o cert.cer
++	
    $ certutil -R -k rsa -g 1024 -s "CN=John Smith,O=Example Corp,L=Mountain View,ST=California,C=US" -d $HOME/nssdb -p 650-555-0123 -a -o cert.cer
+ 
+ Generating key.  This may take a few moments...
+ 
+ 
    Creating a Certificate
    
+ 		A valid certificate must be issued by a trusted CA. This can be done by specifying a CA certificate (-c) that is stored in the certificate database. If a CA key pair is not available, you can create a self-signed certificate using the -x argument with the -S command option.
+-	
    $ certutil -S -k rsa|dsa|ec -n certname -s subject [-c issuer |-x] -t trustargs -d [sql:]directory [-m serial-number] [-v valid-months] [-w offset-months] [-p phone] [-1] [-2] [-3] [-4] [-5 keyword] [-6 keyword] [-7 emailAddress] [-8 dns-names] [--extAIA] [--extSIA] [--extCP] [--extPM] [--extPC] [--extIA] [--extSKID]
    
++	
    $ certutil -S -k rsa|dsa|ec -n certname -s subject [-c issuer |-x] -t trustargs -d directory [-m serial-number] [-v valid-months] [-w offset-months] [-p phone] [-1] [-2] [-3] [-4] [-5 keyword] [-6 keyword] [-7 emailAddress] [-8 dns-names] [--extAIA] [--extSIA] [--extCP] [--extPM] [--extPC] [--extIA] [--extSKID]
    
+ 		The series of numbers and --ext* options set certificate extensions that can be added to the certificate when it is generated by the CA. Interactive prompts will result.
+ 	
    
+ 		For example, this creates a self-signed certificate:
+ 	
    $ certutil -S -s "CN=Example CA" -n my-ca-cert -x -t "C,C,C" -1 -2 -5 -m 3650
    
+ The interative prompts for key usage and whether any extensions are critical and responses have been ommitted for brevity.
+ 	
    
+ 		From there, new certificates can reference the self-signed certificate:
+ 	
    $ certutil -S -s "CN=My Server Cert" -n my-server-cert -c "my-ca-cert" -t ",," -1 -5 -6 -8 -m 730
    Generating a Certificate from a Certificate Request
    
+ 		When a certificate request is created, a certificate can be generated by using the request and then referencing a certificate authority signing certificate (the issuer specified in the -c argument). The issuing certificate must be in the certificate database in the specified directory.
+-	
    certutil -C -c issuer -i cert-request-file -o output-file [-m serial-number] [-v valid-months] [-w offset-months] -d [sql:]directory [-1] [-2] [-3] [-4] [-5 keyword] [-6 keyword] [-7 emailAddress] [-8 dns-names]
    
++	
    certutil -C -c issuer -i cert-request-file -o output-file [-m serial-number] [-v valid-months] [-w offset-months] -d directory [-1] [-2] [-3] [-4] [-5 keyword] [-6 keyword] [-7 emailAddress] [-8 dns-names]
    
+ 		For example:
+-	
    $ certutil -C -c "my-ca-cert" -i /home/certs/cert.req -o cert.cer -m 010 -v 12 -w 1 -d sql:$HOME/nssdb -1 nonRepudiation,dataEncipherment -5 sslClient -6 clientAuth -7 jsmith@example.com
    Listing Certificates
    
++	
    $ certutil -C -c "my-ca-cert" -i /home/certs/cert.req -o cert.cer -m 010 -v 12 -w 1 -d $HOME/nssdb -1 nonRepudiation,dataEncipherment -5 sslClient -6 clientAuth -7 jsmith@example.com
    Listing Certificates
    
+ 		The -L command option lists all of the certificates listed in the certificate database. The path to the directory (-d) is required.
+-	
    $ certutil -L -d sql:/home/my/sharednssdb
++	
    $ certutil -L -d /home/my/sharednssdb
+ 
+ Certificate Nickname                                         Trust Attributes
+                                                              SSL,S/MIME,JAR/XPI
+ 
+ CA Administrator of Instance pki-ca1's Example Domain ID     u,u,u
+ TPS Administrator's Example Domain ID                        u,u,u
+ Google Internet Authority                                    ,,   
+ Certificate Authority - Example Domain                       CT,C,C
    
+ 		Using additional arguments with -L can return and print the information for a single, specific certificate. For example, the -n argument passes the certificate name, while the -a argument prints the certificate in ASCII format:
+ 	
    +-$ certutil -L -d sql:$HOME/nssdb -a -n my-ca-cert
++$ certutil -L -d $HOME/nssdb -a -n my-ca-cert
+ -----BEGIN CERTIFICATE-----
+ MIIB1DCCAT2gAwIBAgICDkIwDQYJKoZIhvcNAQEFBQAwFTETMBEGA1UEAxMKRXhh
+ bXBsZSBDQTAeFw0xMzAzMTMxOTEwMjlaFw0xMzA2MTMxOTEwMjlaMBUxEzARBgNV
+ BAMTCkV4YW1wbGUgQ0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJ4Kzqvz
+ JyBVgFqDXRYSyTBNw1DrxUU/3GvWA/ngjAwHEv0Cul/6sO/gsCvnABHiH6unns6x
+ XRzPORlC2WY3gkk7vmlsLvYpyecNazAi/NAwVnU/66HOsaoVFWE+gBQo99UrN2yk
+ 0BiK/GMFlLm5dXQROgA9ZKKyFdI0LIXtf6SbAgMBAAGjMzAxMBEGCWCGSAGG+EIB
+ AQQEAwIHADAMBgNVHRMEBTADAQH/MA4GA1UdDwEB/wQEAwICBDANBgkqhkiG9w0B
+ AQUFAAOBgQA6chkzkACN281d1jKMrc+RHG2UMaQyxiteaLVZO+Ro1nnRUvseDf09
+ XKYFwPMJjWCihVku6bw/ihZfuMHhxK22Nue6inNQ6eDu7WmrqL8z3iUrQwxs+WiF
+ ob2rb8XRVVJkzXdXxlk4uo3UtNvw8sAz7sWD71qxKaIHU5q49zijfg==
+ -----END CERTIFICATE-----
+-
    For a human-readable display
    $ certutil -L -d sql:$HOME/nssdb -n my-ca-cert
++
    For a human-readable display
    $ certutil -L -d $HOME/nssdb -n my-ca-cert
+ Certificate:
+     Data:
+         Version: 3 (0x2)
+         Serial Number: 3650 (0xe42)
+         Signature Algorithm: PKCS #1 SHA-1 With RSA Encryption
+         Issuer: "CN=Example CA"
+         Validity:
+             Not Before: Wed Mar 13 19:10:29 2013
+@@ -254,78 +268,78 @@ Certificate:
+             Valid CA
+             Trusted CA
+             User
+ 
+ 
    Listing Keys
    
+ 		Keys are the original material used to encrypt certificate data. The keys generated for certificates are stored separately, in the key database. 
+ 	
    
+ 		To list all keys in the database, use the -K command option and the (required) -d argument to give the path to the directory.
+-	
    $ certutil -K -d sql:$HOME/nssdb
++	
    $ certutil -K -d $HOME/nssdb
+ certutil: Checking token "NSS Certificate DB" in slot "NSS User Private Key and Certificate Services                  "
+ < 0> rsa      455a6673bde9375c2887ec8bf8016b3f9f35861d   Thawte Freemail Member's Thawte Consulting (Pty) Ltd. ID
+ < 1> rsa      40defeeb522ade11090eacebaaf1196a172127df   Example Domain Administrator Cert
+ < 2> rsa      1d0b06f44f6c03842f7d4f4a1dc78b3bcd1b85a5   John Smith user cert
    
+ 		There are ways to narrow the keys listed in the search results:
+ 	
    • 
+ 		To return a specific key, use the -n name argument with the name of the key.
+ 	
    • 
+ 		If there are multiple security devices loaded, then the -h tokenname argument can search a specific token or all tokens.
+ 	
    • 
+ 		If there are multiple key types available, then the -k key-type argument can search a specific type of key, like RSA, DSA, or ECC. 
+ 	
    Listing Security Modules
    
+ 		The devices that can be used to store certificates -- both internal databases and external devices like smart cards -- are recognized and used by loading security modules. The -U command option lists all of the security modules listed in the secmod.db database. The path to the directory (-d) is required.
+-	
    $ certutil -U -d sql:/home/my/sharednssdb
++	
    $ certutil -U -d /home/my/sharednssdb
+ 
+     slot: NSS User Private Key and Certificate Services                  
+    token: NSS Certificate DB
+      uri: pkcs11:token=NSS%20Certificate%20DB;manufacturer=Mozilla%20Foundation;serial=0000000000000000;model=NSS%203
+ 
+     slot: NSS Internal Cryptographic Services                            
+    token: NSS Generic Crypto Services
+      uri: pkcs11:token=NSS%20Generic%20Crypto%20Services;manufacturer=Mozilla%20Foundation;serial=0000000000000000;model=NSS%203
    Adding Certificates to the Database
    
+ 		Existing certificates or certificate requests can be added manually to the certificate database, even if they were generated elsewhere. This uses the -A command option.
+-	
    certutil -A -n certname -t trustargs -d [sql:]directory [-a] [-i input-file]
    
++	
    certutil -A -n certname -t trustargs -d directory [-a] [-i input-file]
    
+ 		For example:
+-	
    $ certutil -A -n "CN=My SSL Certificate" -t ",," -d sql:/home/my/sharednssdb -i /home/example-certs/cert.cer
    
++	
    $ certutil -A -n "CN=My SSL Certificate" -t ",," -d /home/my/sharednssdb -i /home/example-certs/cert.cer
    
+ 		A related command option, -E, is used specifically to add email certificates to the certificate database. The -E command has the same arguments as the -A command. The trust arguments for certificates have the format SSL,S/MIME,Code-signing, so the middle trust settings relate most to email certificates (though the others can be set). For example:
+-	
    $ certutil -E -n "CN=John Smith Email Cert" -t ",P," -d sql:/home/my/sharednssdb -i /home/example-certs/email.cer
    Deleting Certificates to the Database
    
++	
    $ certutil -E -n "CN=John Smith Email Cert" -t ",P," -d /home/my/sharednssdb -i /home/example-certs/email.cer
    Deleting Certificates to the Database
    
+ 		Certificates can be deleted from a database using the -D option. The only required options are to give the security database directory and to identify the certificate nickname.
+-	
    certutil -D -d [sql:]directory -n "nickname"
    
++	
    certutil -D -d directory -n "nickname"
    
+ 		For example:
+-	
    $ certutil -D -d sql:/home/my/sharednssdb -n "my-ssl-cert"
    Validating Certificates
    
++	
    $ certutil -D -d /home/my/sharednssdb -n "my-ssl-cert"
    Validating Certificates
    
+ 		A certificate contains an expiration date in itself, and expired certificates are easily rejected. However, certificates can also be revoked before they hit their expiration date. Checking whether a certificate has been revoked requires validating the certificate. Validation can also be used to ensure that the certificate is only used for the purposes it was initially issued for. Validation is carried out by the -V command option.
+-	
    certutil -V -n certificate-name [-b time] [-e] [-u cert-usage] -d [sql:]directory
    
++	
    certutil -V -n certificate-name [-b time] [-e] [-u cert-usage] -d directory
    
+ 		For example, to validate an email certificate:
+-	
    $ certutil -V -n "John Smith's Email Cert" -e -u S,R -d sql:/home/my/sharednssdb
    Modifying Certificate Trust Settings
    
++	
    $ certutil -V -n "John Smith's Email Cert" -e -u S,R -d /home/my/sharednssdb
    Modifying Certificate Trust Settings
    
+ 		The trust settings (which relate to the operations that a certificate is allowed to be used for) can be changed after a certificate is created or added to the database. This is especially useful for CA certificates, but it can be performed for any type of certificate.
+-	
    certutil -M -n certificate-name -t trust-args -d [sql:]directory
    
++	
    certutil -M -n certificate-name -t trust-args -d directory
    
+ 		For example:
+-	
    $ certutil -M -n "My CA Certificate" -d sql:/home/my/sharednssdb -t "CT,CT,CT"
    Printing the Certificate Chain
    
++	
    $ certutil -M -n "My CA Certificate" -d /home/my/sharednssdb -t "CT,CT,CT"
    Printing the Certificate Chain
    
+ 		Certificates can be issued in chains because every certificate authority itself has a certificate; when a CA issues a certificate, it essentially stamps that certificate with its own fingerprint. The -O prints the full chain of a certificate, going from the initial CA (the root CA) through ever intermediary CA to the actual certificate. For example, for an email certificate with two CAs in the chain:
+-	
    $ certutil -d sql:/home/my/sharednssdb -O -n "jsmith@example.com"
++	
    $ certutil -d /home/my/sharednssdb -O -n "jsmith@example.com"
+ "Builtin Object Token:Thawte Personal Freemail CA" [E=personal-freemail@thawte.com,CN=Thawte Personal Freemail CA,OU=Certification Services Division,O=Thawte Consulting,L=Cape Town,ST=Western Cape,C=ZA]
+ 
+   "Thawte Personal Freemail Issuing CA - Thawte Consulting" [CN=Thawte Personal Freemail Issuing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA]
+ 
+     "(null)" [E=jsmith@example.com,CN=Thawte Freemail Member]
    Resetting a Token
    
+ 		The device which stores certificates -- both external hardware devices and internal software databases -- can be blanked and reused. This operation is performed on the device which stores the data, not directly on the security databases, so the location must be referenced through the token name (-h) as well as any directory path. If there is no external token used, the default value is internal.
+-	
    certutil -T -d [sql:]directory -h token-name -0 security-officer-password
    
++	
    certutil -T -d directory -h token-name -0 security-officer-password
    
+ 		Many networks have dedicated personnel who handle changes to security tokens (the security officer). This person must supply the password to access the specified token. For example:
+-	
    $ certutil -T -d sql:/home/my/sharednssdb -h nethsm -0 secret
    Upgrading or Merging the Security Databases
    
++	
    $ certutil -T -d /home/my/sharednssdb -h nethsm -0 secret
    Upgrading or Merging the Security Databases
    
+ 		Many networks or applications may be using older BerkeleyDB versions of the certificate database (cert8.db). Databases can be upgraded to the new SQLite version of the database (cert9.db) using the --upgrade-merge command option or existing databases can be merged with the new cert9.db databases using the ---merge command.
+ 	
    
+ 		The --upgrade-merge command must give information about the original database and then use the standard arguments (like -d) to give the information about the new databases. The command also requires information that the tool uses for the process to upgrade and write over the original database.
+-	
    certutil --upgrade-merge -d [sql:]directory [-P dbprefix] --source-dir directory --source-prefix dbprefix --upgrade-id id --upgrade-token-name name [-@ password-file]
    
++	
    certutil --upgrade-merge -d directory [-P dbprefix] --source-dir directory --source-prefix dbprefix --upgrade-id id --upgrade-token-name name [-@ password-file]
    
+ 		For example:
+-	
    $ certutil --upgrade-merge -d sql:/home/my/sharednssdb --source-dir /opt/my-app/alias/ --source-prefix serverapp- --upgrade-id 1 --upgrade-token-name internal
    
++	
    $ certutil --upgrade-merge -d /home/my/sharednssdb --source-dir /opt/my-app/alias/ --source-prefix serverapp- --upgrade-id 1 --upgrade-token-name internal
    
+ 		The --merge command only requires information about the location of the original database; since it doesn't change the format of the database, it can write over information without performing interim step.
+-	
    certutil --merge -d [sql:]directory [-P dbprefix] --source-dir directory --source-prefix dbprefix [-@ password-file]
    
++	
    certutil --merge -d directory [-P dbprefix] --source-dir directory --source-prefix dbprefix [-@ password-file]
    
+ 		For example:
+-	
    $ certutil --merge -d sql:/home/my/sharednssdb --source-dir /opt/my-app/alias/ --source-prefix serverapp-
    Running certutil Commands from a Batch File
    
++	
    $ certutil --merge -d /home/my/sharednssdb --source-dir /opt/my-app/alias/ --source-prefix serverapp-
    Running certutil Commands from a Batch File
    
+ 		A series of commands can be run sequentially from a text file with the -B command option. The only argument for this specifies the input file.
+ 	
    $ certutil -B -i /path/to/batch-file

    NSS Database Types

    NSS originally used BerkeleyDB databases to store security information. + The last versions of these legacy databases are:

    • + cert8.db for certificates +

    • + key3.db for keys +

    • + secmod.db for PKCS #11 module information +@@ -333,18 +347,18 @@ The last versions of these

      • + cert9.db for certificates +

      • + key4.db for keys +

      • + pkcs11.txt, a listing of all of the PKCS #11 modules, contained in a new subdirectory in the security databases directory +-

    Because the SQLite databases are designed to be shared, these are the shared database type. The shared database type is preferred; the legacy format is included for backward compatibility.

    By default, the tools (certutil, pk12util, modutil) assume that the given security databases follow the more common legacy type. +-Using the SQLite databases must be manually specified by using the sql: prefix with the given security directory. For example:

    $ certutil -L -d sql:/home/my/sharednssdb

    To set the shared database type as the default type for the tools, set the NSS_DEFAULT_DB_TYPE environment variable to sql:

    export NSS_DEFAULT_DB_TYPE="sql"

    This line can be set added to the ~/.bashrc file to make the change permanent.

    Most applications do not use the shared database by default, but they can be configured to use them. For example, this how-to article covers how to configure Firefox and Thunderbird to use the new shared NSS databases:

    • ++

    Because the SQLite databases are designed to be shared, these are the shared database type. The shared database type is preferred; the legacy format is included for backward compatibility.

    By default, the tools (certutil, pk12util, modutil) assume that the given security databases use the SQLite type. ++Using the legacy databases must be manually specified by using the dbm: prefix with the given security directory. For example:

    $ certutil -L -d dbm:/home/my/sharednssdb

    To set the legacy database type as the default type for the tools, set the NSS_DEFAULT_DB_TYPE environment variable to dbm:

    export NSS_DEFAULT_DB_TYPE="dbm"

    This line can be set added to the ~/.bashrc file to make the change permanent.

    • + https://wiki.mozilla.org/NSS_Shared_DB_Howto

    For an engineering draft on the changes in the shared NSS databases, see the NSS project wiki:

    • + https://wiki.mozilla.org/NSS_Shared_DB +

    See Also

    pk12util (1)

    modutil (1)

    certutil has arguments or operations that use features defined in several IETF RFCs.

    • + http://tools.ietf.org/html/rfc5280 +

    • + http://tools.ietf.org/html/rfc1113 +

    • + http://tools.ietf.org/html/rfc1485 +diff --git a/doc/html/derdump.html b/doc/html/derdump.html +--- a/doc/html/derdump.html ++++ b/doc/html/derdump.html +@@ -1,7 +1,5 @@ +-DERDUMP

      DERDUMP

      Name

      derdump — Dumps C-sequence strings from a DER encoded certificate file

      Synopsis

      derdump [-r] [-i input-file] [-o output-file]

      STATUS

      This documentation is still work in progress. Please contribute to the initial review in Mozilla NSS bug 836477 +-

      Description

      derdump dumps C-sequence strings from a DER encode certificate file

      Options

      -r
      For formatted items, dump raw bytes as well
      -i DER encoded file
      Define an input file to use (default is stdin)
      -o output file
      Define an output file to use (default is stdout).

      Additional Resources

      NSS is maintained in conjunction with PKI and security-related projects through Mozilla dn Fedora. The most closely-related project is Dogtag PKI, with a project wiki at PKI Wiki.

      For information specifically about NSS, the NSS project wiki is located at Mozilla NSS site. The NSS site relates directly to NSS code changes and releases.

      Mailing lists: pki-devel@redhat.com and pki-users@redhat.com

      IRC: Freenode at #dogtag-pki

      Authors

      The NSS tools were written and maintained by developers with Netscape and now with Red Hat.

      ++DERDUMP

      DERDUMP

      Name

      derdump — Dumps C-sequence strings from a DER encoded certificate file

      Synopsis

      derdump [-r] [-i input-file] [-o output-file]

      STATUS

      This documentation is still work in progress. Please contribute to the initial review in Mozilla NSS bug 836477 ++

      Description

      derdump dumps C-sequence strings from a DER encode certificate file

      Options

      -r
      For formatted items, dump raw bytes as well
      -i DER encoded file
      Define an input file to use (default is stdin)
      -o output file
      Define an output file to use (default is stdout).

      Additional Resources

      NSS is maintained in conjunction with PKI and security-related projects through Mozilla dn Fedora. The most closely-related project is Dogtag PKI, with a project wiki at PKI Wiki.

      For information specifically about NSS, the NSS project wiki is located at Mozilla NSS site. The NSS site relates directly to NSS code changes and releases.

      Mailing lists: pki-devel@redhat.com and pki-users@redhat.com

      IRC: Freenode at #dogtag-pki

      Authors

      The NSS tools were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google.

      + Authors: Gerhardus Geldenhuis <gerhardus.geldenhuis@gmail.com>. Elio Maldonado <emaldona@redhat.com>, Deon Lackey <dlackey@redhat.com> +-

      LICENSE

      Licensed under the Mozilla Public License, version 1.1, +- and/or the GNU General Public License, version 2 or later, +- and/or the GNU Lesser General Public License, version 2.1 or later. ++

      LICENSE

      Licensed under the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/. +

      +diff --git a/doc/html/modutil.html b/doc/html/modutil.html +--- a/doc/html/modutil.html ++++ b/doc/html/modutil.html +@@ -1,13 +1,13 @@ +-MODUTIL
      MODUTIL

      Name

      modutil — Manage PKCS #11 module information within the security module database.

      Synopsis

      modutil [options] [[arguments]]

      STATUS

      This documentation is still work in progress. Please contribute to the initial review in Mozilla NSS bug 836477 ++MODUTIL

      MODUTIL

      Name

      modutil — Manage PKCS #11 module information within the security module database.

      Synopsis

      modutil [options] [[arguments]]

      STATUS

      This documentation is still work in progress. Please contribute to the initial review in Mozilla NSS bug 836477 +

      Description

      The Security Module Database Tool, modutil, is a command-line utility for managing PKCS #11 module information both within secmod.db files and within hardware tokens. modutil can add and delete PKCS #11 modules, change passwords on security databases, set defaults, list module contents, enable or disable slots, enable or disable FIPS 140-2 compliance, and assign default providers for cryptographic operations. This tool can also create certificate, key, and module security database files.

      The tasks associated with security module database management are part of a process that typically also involves managing key databases and certificate databases.

      Options

      + Running modutil always requires one (and only one) option to specify the type of module operation. Each option may take arguments, anywhere from none to multiple arguments. +-

      Options

      -add modulename

      Add the named PKCS #11 module to the database. Use this option with the -libfile, -ciphers, and -mechanisms arguments.

      -changepw tokenname

      Change the password on the named token. If the token has not been initialized, this option initializes the password. Use this option with the -pwfile and -newpwfile arguments. A password is equivalent to a personal identification number (PIN).

      -chkfips

      Verify whether the module is in the given FIPS mode. true means to verify that the module is in FIPS mode, while false means to verify that the module is not in FIPS mode.

      -create

      Create new certificate, key, and module databases. Use the -dbdir directory argument to specify a directory. If any of these databases already exist in a specified directory, modutil returns an error message.

      -default modulename

      Specify the security mechanisms for which the named module will be a default provider. The security mechanisms are specified with the -mechanisms argument.

      -delete modulename

      Delete the named module. The default NSS PKCS #11 module cannot be deleted.

      -disable modulename

      Disable all slots on the named module. Use the -slot argument to disable a specific slot.

      The internal NSS PKCS #11 module cannot be disabled.

      -enable modulename

      Enable all slots on the named module. Use the -slot argument to enable a specific slot.

      -fips [true | false]

      Enable (true) or disable (false) FIPS 140-2 compliance for the default NSS module.

      -force

      Disable modutil's interactive prompts so it can be run from a script. Use this option only after manually testing each planned operation to check for warnings and to ensure that bypassing the prompts will cause no security lapses or loss of database integrity.

      -jar JAR-file

      Add a new PKCS #11 module to the database using the named JAR file. Use this command with the -installdir and -tempdir arguments. The JAR file uses the NSS PKCS #11 JAR format to identify all the files to be installed, the module's name, the mechanism flags, and the cipher flags, as well as any files to be installed on the target machine, including the PKCS #11 module library file and other files such as documentation. This is covered in the JAR installation file section in the man page, which details the special script needed to perform an installation through a server or with modutil.

      -list [modulename]

      Display basic information about the contents of the secmod.db file. Specifying a modulename displays detailed information about a particular module and its slots and tokens.

      -rawadd

      Add the module spec string to the secmod.db database.

      -rawlist

      Display the module specs for a specified module or for all loadable modules.

      -undefault modulename

      Specify the security mechanisms for which the named module will not be a default provider. The security mechanisms are specified with the -mechanisms argument.

      Arguments

      MODULE

      Give the security module to access.

      MODULESPEC

      Give the security module spec to load into the security database.

      -ciphers cipher-enable-list

      Enable specific ciphers in a module that is being added to the database. The cipher-enable-list is a colon-delimited list of cipher names. Enclose this list in quotation marks if it contains spaces.

      -dbdir [sql:]directory

      Specify the database directory in which to access or create security module database files.

      modutil supports two types of databases: the legacy security databases (cert8.db, key3.db, and secmod.db) and new SQLite databases (cert9.db, key4.db, and pkcs11.txt). If the prefix sql: is not used, then the tool assumes that the given databases are in the old format.

      --dbprefix prefix

      Specify the prefix used on the database files, such as my_ for my_cert8.db. This option is provided as a special case. Changing the names of the certificate and key databases is not recommended.

      -installdir root-installation-directory

      Specify the root installation directory relative to which files will be installed by the -jar option. This directory should be one below which it is appropriate to store dynamic library files, such as a server's root directory.

      -libfile library-file

      Specify a path to a library file containing the implementation of the PKCS #11 interface module that is being added to the database.

      -mechanisms mechanism-list

      Specify the security mechanisms for which a particular module will be flagged as a default provider. The mechanism-list is a colon-delimited list of mechanism names. Enclose this list in quotation marks if it contains spaces.

      The module becomes a default provider for the listed mechanisms when those mechanisms are enabled. If more than one module claims to be a particular mechanism's default provider, that mechanism's default provider is undefined.

      modutil supports several mechanisms: RSA, DSA, RC2, RC4, RC5, AES, DES, DH, SHA1, SHA256, SHA512, SSL, TLS, MD5, MD2, RANDOM (for random number generation), and FRIENDLY (meaning certificates are publicly readable).

      -newpwfile new-password-file

      Specify a text file containing a token's new or replacement password so that a password can be entered automatically with the -changepw option.

      -nocertdb

      Do not open the certificate or key databases. This has several effects:

      • With the -create command, only a module security file is created; certificate and key databases are not created.

      • With the -jar command, signatures on the JAR file are not checked.

      • With the -changepw command, the password on the NSS internal module cannot be set or changed, since this password is stored in the key database.

      -pwfile old-password-file

      Specify a text file containing a token's existing password so that a password can be entered automatically when the -changepw option is used to change passwords.

      -secmod secmodname

      Give the name of the security module database (like secmod.db) to load.

      -slot slotname

      Specify a particular slot to be enabled or disabled with the -enable or -disable options.

      -string CONFIG_STRING

      Pass a configuration string for the module being added to the database.

      -tempdir temporary-directory

      Give a directory location where temporary files are created during the installation by the -jar option. If no temporary directory is specified, the current directory is used.

      Usage and Examples

      Creating Database Files

      Before any operations can be performed, there must be a set of security databases available. modutil can be used to create these files. The only required argument is the database that where the databases will be located.

      modutil -create -dbdir [sql:]directory

      Adding a Cryptographic Module

      Adding a PKCS #11 module means submitting a supporting library file, enabling its ciphers, and setting default provider status for various security mechanisms. This can be done by supplying all of the information through modutil directly or by running a JAR file and install script. For the most basic case, simply upload the library:

      modutil -add modulename -libfile library-file [-ciphers cipher-enable-list] [-mechanisms mechanism-list]

      For example: +-

      modutil -dbdir sql:/home/my/sharednssdb -add "Example PKCS #11 Module" -libfile "/tmp/crypto.so" -mechanisms RSA:DSA:RC2:RANDOM 
++	
      Options
      -add modulename
      Add the named PKCS #11 module to the database. Use this option with the -libfile, -ciphers, and -mechanisms arguments.
      -changepw tokenname
      Change the password on the named token. If the token has not been initialized, this option initializes the password. Use this option with the -pwfile and -newpwfile arguments. A password is equivalent to a personal identification number (PIN).
      -chkfips
      Verify whether the module is in the given FIPS mode. true means to verify that the module is in FIPS mode, while false means to verify that the module is not in FIPS mode.
      -create
      Create new certificate, key, and module databases. Use the -dbdir directory argument to specify a directory. If any of these databases already exist in a specified directory, modutil returns an error message.
      -default modulename
      Specify the security mechanisms for which the named module will be a default provider. The security mechanisms are specified with the -mechanisms argument.
      -delete modulename
      Delete the named module. The default NSS PKCS #11 module cannot be deleted.
      -disable modulename
      Disable all slots on the named module. Use the -slot argument to disable a specific slot.
      The internal NSS PKCS #11 module cannot be disabled.
      -enable modulename
      Enable all slots on the named module. Use the -slot argument to enable a specific slot.
      -fips [true | false]
      Enable (true) or disable (false) FIPS 140-2 compliance for the default NSS module.
      -force
      Disable modutil's interactive prompts so it can be run from a script. Use this option only after manually testing each planned operation to check for warnings and to ensure that bypassing the prompts will cause no security lapses or loss of database integrity.
      -jar JAR-file
      Add a new PKCS #11 module to the database using the named JAR file. Use this command with the -installdir and -tempdir arguments. The JAR file uses the NSS PKCS #11 JAR format to identify all the files to be installed, the module's name, the mechanism flags, and the cipher flags, as well as any files to be installed on the target machine, including the PKCS #11 module library file and other files such as documentation. This is covered in the JAR installation file section in the man page, which details the special script needed to perform an installation through a server or with modutil. 
      -list [modulename]
      Display basic information about the contents of the secmod.db file. Specifying a modulename displays detailed information about a particular module and its slots and tokens.
      -rawadd
      Add the module spec string to the secmod.db database.
      -rawlist
      Display the module specs for a specified module or for all loadable modules.
      -undefault modulename
      Specify the security mechanisms for which the named module will not be a default provider. The security mechanisms are specified with the -mechanisms argument.
      Arguments
      MODULE
      Give the security module to access.
      MODULESPEC
      Give the security module spec to load into the security database.
      -ciphers cipher-enable-list
      Enable specific ciphers in a module that is being added to the database. The cipher-enable-list is a colon-delimited list of cipher names. Enclose this list in quotation marks if it contains spaces.
      -dbdir directory
      Specify the database directory in which to access or create security module database files.
      modutil supports two types of databases: the legacy security databases (cert8.db, key3.db, and secmod.db) and SQLite databases (cert9.db, key4.db, and pkcs11.txt). If the prefix dbm: is not used, then the tool assumes that the given databases are in SQLite format.
      --dbprefix prefix
      Specify the prefix used on the database files, such as my_ for my_cert9.db. This option is provided as a special case. Changing the names of the certificate and key databases is not recommended.
      -installdir root-installation-directory
      Specify the root installation directory relative to which files will be installed by the -jar option. This directory should be one below which it is appropriate to store dynamic library files, such as a server's root directory.
      -libfile library-file
      Specify a path to a library file containing the implementation of the PKCS #11 interface module that is being added to the database.
      -mechanisms mechanism-list
      Specify the security mechanisms for which a particular module will be flagged as a default provider. The mechanism-list is a colon-delimited list of mechanism names. Enclose this list in quotation marks if it contains spaces.
      The module becomes a default provider for the listed mechanisms when those mechanisms are enabled. If more than one module claims to be a particular mechanism's default provider, that mechanism's default provider is undefined.
      modutil supports several mechanisms: RSA, DSA, RC2, RC4, RC5, AES, DES, DH, SHA1, SHA256, SHA512, SSL, TLS, MD5, MD2, RANDOM (for random number generation), and FRIENDLY (meaning certificates are publicly readable).
      -newpwfile new-password-file
      Specify a text file containing a token's new or replacement password so that a password can be entered automatically with the -changepw option.
      -nocertdb
      Do not open the certificate or key databases. This has several effects:
      • With the -create command, only a module security file is created; certificate and key databases are not created.
      • With the -jar command, signatures on the JAR file are not checked.
      • With the -changepw command, the password on the NSS internal module cannot be set or changed, since this password is stored in the key database.
      -pwfile old-password-file
      Specify a text file containing a token's existing password so that a password can be entered automatically when the -changepw option is used to change passwords.
      -secmod secmodname
      Give the name of the security module database (like secmod.db) to load.
      -slot slotname
      Specify a particular slot to be enabled or disabled with the -enable or -disable options.
      -string CONFIG_STRING
      Pass a configuration string for the module being added to the database.
      -tempdir temporary-directory
      Give a directory location where temporary files are created during the installation by the -jar option. If no temporary directory is specified, the current directory is used.

      Usage and Examples

      Creating Database Files

      Before any operations can be performed, there must be a set of security databases available. modutil can be used to create these files. The only required argument is the database that where the databases will be located.

      modutil -create -dbdir directory

      Adding a Cryptographic Module

      Adding a PKCS #11 module means submitting a supporting library file, enabling its ciphers, and setting default provider status for various security mechanisms. This can be done by supplying all of the information through modutil directly or by running a JAR file and install script. For the most basic case, simply upload the library:

      modutil -add modulename -libfile library-file [-ciphers cipher-enable-list] [-mechanisms mechanism-list]

      For example: ++

      modutil -dbdir /home/my/sharednssdb -add "Example PKCS #11 Module" -libfile "/tmp/crypto.so" -mechanisms RSA:DSA:RC2:RANDOM 
+ 
+ Using database directory ... 
+ Module "Example PKCS #11 Module" added to database.

      +

      Installing a Cryptographic Module from a JAR File

      PKCS #11 modules can also be loaded using a JAR file, which contains all of the required libraries and an installation script that describes how to install the module. The JAR install script is described in more detail in the section called “JAR Installation File Format”.

      The JAR installation script defines the setup information for each platform that the module can be installed on. For example:

      Platforms { 
+    Linux:5.4.08:x86 { 
+       ModuleName { "Example PKCS #11 Module" } 
+       ModuleFile { crypto.so } 
+       DefaultMechanismFlags{0x0000} 
+@@ -20,17 +20,17 @@ Module "Example PKCS #11 Module" added t
+             Executable 
+             Path{ /tmp/setup.sh } 
+          } 
+       } 
+    } 
+    Linux:6.0.0:x86 { 
+       EquivalentPlatform { Linux:5.4.08:x86 } 
+    } 
+-}

      Both the install script and the required libraries must be bundled in a JAR file, which is specified with the -jar argument.

      modutil -dbdir sql:/home/mt"jar-install-filey/sharednssdb -jar install.jar -installdir sql:/home/my/sharednssdb
++}

      Both the install script and the required libraries must be bundled in a JAR file, which is specified with the -jar argument.

      modutil -dbdir /home/mt"jar-install-filey/sharednssdb -jar install.jar -installdir /home/my/sharednssdb
+ 
+ This installation JAR file was signed by: 
+ ---------------------------------------------- 
+ 
+ **SUBJECT NAME** 
+ 
+ C=US, ST=California, L=Mountain View, CN=Cryptorific Inc., OU=Digital ID
+ Class 3 - Netscape Object Signing, OU="www.verisign.com/repository/CPS
+@@ -48,32 +48,32 @@ Successfully parsed installation script
+ Current platform is Linux:5.4.08:x86 
+ Using installation parameters for platform Linux:5.4.08:x86 
+ Installed file crypto.so to /tmp/crypto.so
+ Installed file setup.sh to ./pk11inst.dir/setup.sh 
+ Executing "./pk11inst.dir/setup.sh"... 
+ "./pk11inst.dir/setup.sh" executed successfully 
+ Installed module "Example PKCS #11 Module" into module database 
+ 
+-Installation completed successfully

      Adding Module Spec

      Each module has information stored in the security database about its configuration and parameters. These can be added or edited using the -rawadd command. For the current settings or to see the format of the module spec in the database, use the -rawlist option.

      modutil -rawadd modulespec

      Deleting a Module

      A specific PKCS #11 module can be deleted from the secmod.db database:

      modutil -delete modulename -dbdir [sql:]directory

      Displaying Module Information

      The secmod.db database contains information about the PKCS #11 modules that are available to an application or server to use. The list of all modules, information about specific modules, and database configuration specs for modules can all be viewed.

      To simply get a list of modules in the database, use the -list command.

      modutil -list [modulename] -dbdir [sql:]directory

      Listing the modules shows the module name, their status, and other associated security databases for certificates and keys. For example:

      modutil -list -dbdir sql:/home/my/sharednssdb 
++Installation completed successfully

      Adding Module Spec

      Each module has information stored in the security database about its configuration and parameters. These can be added or edited using the -rawadd command. For the current settings or to see the format of the module spec in the database, use the -rawlist option.

      modutil -rawadd modulespec

      Deleting a Module

      A specific PKCS #11 module can be deleted from the secmod.db database:

      modutil -delete modulename -dbdir directory

      Displaying Module Information

      The secmod.db database contains information about the PKCS #11 modules that are available to an application or server to use. The list of all modules, information about specific modules, and database configuration specs for modules can all be viewed.

      To simply get a list of modules in the database, use the -list command.

      modutil -list [modulename] -dbdir directory

      Listing the modules shows the module name, their status, and other associated security databases for certificates and keys. For example:

      modutil -list -dbdir /home/my/sharednssdb 
+ 
+ Listing of PKCS #11 Modules
+ -----------------------------------------------------------
+   1. NSS Internal PKCS #11 Module
+          slots: 2 slots attached
+         status: loaded
+ 
+          slot: NSS Internal Cryptographic Services                            
+         token: NSS Generic Crypto Services
+ 	  uri: pkcs11:token=NSS%20Generic%20Crypto%20Services;manufacturer=Mozilla%20Foundation;serial=0000000000000000;model=NSS%203
+ 
+          slot: NSS User Private Key and Certificate Services                  
+         token: NSS Certificate DB
+ 	  uri: pkcs11:token=NSS%20Certificate%20DB;manufacturer=Mozilla%20Foundation;serial=0000000000000000;model=NSS%203
+------------------------------------------------------------

      Passing a specific module name with the -list returns details information about the module itself, like supported cipher mechanisms, version numbers, serial numbers, and other information about the module and the token it is loaded on. For example:

       modutil -list "NSS Internal PKCS #11 Module" -dbdir sql:/home/my/sharednssdb
++-----------------------------------------------------------

      Passing a specific module name with the -list returns details information about the module itself, like supported cipher mechanisms, version numbers, serial numbers, and other information about the module and the token it is loaded on. For example:

       modutil -list "NSS Internal PKCS #11 Module" -dbdir /home/my/sharednssdb
+ 
+ -----------------------------------------------------------
+ Name: NSS Internal PKCS #11 Module
+ Library file: **Internal ONLY module**
+ Manufacturer: Mozilla Foundation              
+ Description: NSS Internal Crypto Services    
+ PKCS #11 Version 2.20
+ Library Version: 3.11
+@@ -107,28 +107,28 @@ Default Mechanism Flags: RSA:RC2:RC4:DES
+   Token Name: NSS Certificate DB              
+   Token Manufacturer: Mozilla Foundation              
+   Token Model: NSS 3           
+   Token Serial Number: 0000000000000000
+   Token Version: 8.3
+   Token Firmware Version: 0.0
+   Access: NOT Write Protected
+   Login Type: Login required
+-  User Pin: Initialized

      A related command, -rawlist returns information about the database configuration for the modules. (This information can be edited by loading new specs using the -rawadd command.)

       modutil -rawlist -dbdir sql:/home/my/sharednssdb
++  User Pin: Initialized

      A related command, -rawlist returns information about the database configuration for the modules. (This information can be edited by loading new specs using the -rawadd command.)

       modutil -rawlist -dbdir /home/my/sharednssdb
+  name="NSS Internal PKCS #11 Module" parameters="configdir=. certPrefix= keyPrefix= secmod=secmod.db flags=readOnly " NSS="trustOrder=75 cipherOrder=100 slotParams={0x00000001=[slotFlags=RSA,RC4,RC2,DES,DH,SHA1,MD5,MD2,SSL,TLS,AES,RANDOM askpw=any timeout=30 ] }  Flags=internal,critical"

      Setting a Default Provider for Security Mechanisms

      Multiple security modules may provide support for the same security mechanisms. It is possible to set a specific security module as the default provider for a specific security mechanism (or, conversely, to prohibit a provider from supplying those mechanisms).

      modutil -default modulename -mechanisms mechanism-list

      To set a module as the default provider for mechanisms, use the -default command with a colon-separated list of mechanisms. The available mechanisms depend on the module; NSS supplies almost all common mechanisms. For example:

      modutil -default "NSS Internal PKCS #11 Module" -dbdir -mechanisms RSA:DSA:RC2 
+ 
+ Using database directory c:\databases...
+ 
+ Successfully changed defaults.

      Clearing the default provider has the same format:

      modutil -undefault "NSS Internal PKCS #11 Module" -dbdir -mechanisms MD2:MD5

      Enabling and Disabling Modules and Slots

      Modules, and specific slots on modules, can be selectively enabled or disabled using modutil. Both commands have the same format:

      modutil -enable|-disable modulename [-slot slotname]

      For example:

      modutil -enable "NSS Internal PKCS #11 Module" -slot "NSS Internal Cryptographic Services                            " -dbdir .
+ 
+-Slot "NSS Internal Cryptographic Services                            " enabled.

      Be sure that the appropriate amount of trailing whitespace is after the slot name. Some slot names have a significant amount of whitespace that must be included, or the operation will fail.

      Enabling and Verifying FIPS Compliance

      The NSS modules can have FIPS 140-2 compliance enabled or disabled using modutil with the -fips option. For example:

      modutil -fips true -dbdir sql:/home/my/sharednssdb/
++Slot "NSS Internal Cryptographic Services                            " enabled.

      Be sure that the appropriate amount of trailing whitespace is after the slot name. Some slot names have a significant amount of whitespace that must be included, or the operation will fail.

      Enabling and Verifying FIPS Compliance

      The NSS modules can have FIPS 140-2 compliance enabled or disabled using modutil with the -fips option. For example:

      modutil -fips true -dbdir /home/my/sharednssdb/
+ 
+-FIPS mode enabled.

      To verify that status of FIPS mode, run the -chkfips command with either a true or false flag (it doesn't matter which). The tool returns the current FIPS setting.

      modutil -chkfips false -dbdir sql:/home/my/sharednssdb/
++FIPS mode enabled.

      To verify that status of FIPS mode, run the -chkfips command with either a true or false flag (it doesn't matter which). The tool returns the current FIPS setting.

      modutil -chkfips false -dbdir /home/my/sharednssdb/
+ 
+-FIPS mode enabled.

      Changing the Password on a Token

      Initializing or changing a token's password:

      modutil -changepw tokenname [-pwfile old-password-file] [-newpwfile new-password-file] 
      modutil -dbdir sql:/home/my/sharednssdb -changepw "NSS Certificate DB" 
++FIPS mode enabled.

      Changing the Password on a Token

      Initializing or changing a token's password:

      modutil -changepw tokenname [-pwfile old-password-file] [-newpwfile new-password-file] 
      modutil -dbdir /home/my/sharednssdb -changepw "NSS Certificate DB" 
+ 
+ Enter old password: 
+ Incorrect password, try again... 
+ Enter old password: 
+ Enter new password: 
+ Re-enter new password: 
+ Token "Communicator Certificate DB" password changed successfully.

      JAR Installation File Format

      When a JAR file is run by a server, by modutil, or by any program that does not interpret JavaScript, a special information file must be included to install the libraries. There are several things to keep in mind with this file:

      • + It must be declared in the JAR archive's manifest file. +@@ -234,18 +234,18 @@ The last versions of these

        • + cert9.db for certificates +

        • + key4.db for keys +

        • + pkcs11.txt, which is listing of all of the PKCS #11 modules contained in a new subdirectory in the security databases directory +-

      Because the SQLite databases are designed to be shared, these are the shared database type. The shared database type is preferred; the legacy format is included for backward compatibility.

      By default, the tools (certutil, pk12util, modutil) assume that the given security databases follow the more common legacy type. +-Using the SQLite databases must be manually specified by using the sql: prefix with the given security directory. For example:

      modutil -create -dbdir sql:/home/my/sharednssdb

      To set the shared database type as the default type for the tools, set the NSS_DEFAULT_DB_TYPE environment variable to sql:

      export NSS_DEFAULT_DB_TYPE="sql"

      This line can be added to the ~/.bashrc file to make the change permanent for the user.

      Most applications do not use the shared database by default, but they can be configured to use them. For example, this how-to article covers how to configure Firefox and Thunderbird to use the new shared NSS databases:

      • ++

      Because the SQLite databases are designed to be shared, these are the shared database type. The shared database type is preferred; the legacy format is included for backward compatibility.

      By default, the tools (certutil, pk12util, modutil) assume that the given security databases use the SQLite type. ++Using the legacy databases must be manually specified by using the dbm: prefix with the given security directory. For example:

      modutil -create -dbdir dbm:/home/my/sharednssdb

      To set the legacy database type as the default type for the tools, set the NSS_DEFAULT_DB_TYPE environment variable to dbm:

      export NSS_DEFAULT_DB_TYPE="dbm"

      This line can be added to the ~/.bashrc file to make the change permanent for the user.

      • + https://wiki.mozilla.org/NSS_Shared_DB_Howto

      For an engineering draft on the changes in the shared NSS databases, see the NSS project wiki:

      • + https://wiki.mozilla.org/NSS_Shared_DB +

      See Also

      certutil (1)

      pk12util (1)

      signtool (1)

      The NSS wiki has information on the new database design and how to configure applications to use it.

      • + https://wiki.mozilla.org/NSS_Shared_DB_Howto

      • + https://wiki.mozilla.org/NSS_Shared_DB +

      Additional Resources

      For information about NSS and other tools related to NSS (like JSS), check out the NSS project wiki at http://www.mozilla.org/projects/security/pki/nss/. The NSS site relates directly to NSS code changes and releases.

      Mailing lists: https://lists.mozilla.org/listinfo/dev-tech-crypto

      IRC: Freenode at #dogtag-pki

      Authors

      The NSS tools were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google.

      + Authors: Elio Maldonado <emaldona@redhat.com>, Deon Lackey <dlackey@redhat.com>. +

      LICENSE

      Licensed under the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/. +diff --git a/doc/html/pk12util.html b/doc/html/pk12util.html +--- a/doc/html/pk12util.html ++++ b/doc/html/pk12util.html +@@ -1,27 +1,27 @@ +-PK12UTIL

      PK12UTIL

      Name

      pk12util — Export and import keys and certificate to or from a PKCS #12 file and the NSS database

      Synopsis

      pk12util [-i p12File|-l p12File|-o p12File] [-d [sql:]directory] [-h tokenname] [-P dbprefix] [-r] [-v] [-k slotPasswordFile|-K slotPassword] [-w p12filePasswordFile|-W p12filePassword]

      STATUS

      This documentation is still work in progress. Please contribute to the initial review in Mozilla NSS bug 836477 +-

      Description

      The PKCS #12 utility, pk12util, enables sharing certificates among any server that supports PKCS #12. The tool can import certificates and keys from PKCS #12 files into security databases, export certificates, and list certificates and keys.

      Options and Arguments

      Options

      -i p12file

      Import keys and certificates from a PKCS #12 file into a security database.

      -l p12file

      List the keys and certificates in PKCS #12 file.

      -o p12file

      Export keys and certificates from the security database to a PKCS #12 file.

      Arguments

      -c keyCipher

      Specify the key encryption algorithm.

      -C certCipher

      Specify the certiticate encryption algorithm.

      -d [sql:]directory

      Specify the database directory into which to import to or export from certificates and keys.

      pk12util supports two types of databases: the legacy security databases (cert8.db, key3.db, and secmod.db) and new SQLite databases (cert9.db, key4.db, and pkcs11.txt). If the prefix sql: is not used, then the tool assumes that the given databases are in the old format.

      -h tokenname

      Specify the name of the token to import into or export from.

      -k slotPasswordFile

      Specify the text file containing the slot's password.

      -K slotPassword

      Specify the slot's password.

      -m | --key-len keyLength

      Specify the desired length of the symmetric key to be used to encrypt the private key.

      -n | --cert-key-len certKeyLength

      Specify the desired length of the symmetric key to be used to encrypt the certificates and other meta-data.

      -n certname

      Specify the nickname of the cert and private key to export.

      The nickname can also be a PKCS #11 URI. For example, if you have a certificate named "my-server-cert" on the internal certificate store, it can be unambiguously specified as "pkcs11:token=NSS%20Certificate%20DB;object=my-server-cert". For details about the format, see RFC 7512.

      -P prefix

      Specify the prefix used on the certificate and key databases. This option is provided as a special case. ++PK12UTIL

      PK12UTIL

      Name

      pk12util — Export and import keys and certificate to or from a PKCS #12 file and the NSS database

      Synopsis

      pk12util [-i p12File|-l p12File|-o p12File] [-c keyCipher] [-C certCipher] [-d directory] [-h tokenname] [-m | --key-len keyLength] [-M hashAlg] [-n certname] [-P dbprefix] [-r] [-v] [--cert-key-len certKeyLength] [-k slotPasswordFile|-K slotPassword] [-w p12filePasswordFile|-W p12filePassword]

      STATUS

      This documentation is still work in progress. Please contribute to the initial review in Mozilla NSS bug 836477 ++

      Description

      The PKCS #12 utility, pk12util, enables sharing certificates among any server that supports PKCS #12. The tool can import certificates and keys from PKCS #12 files into security databases, export certificates, and list certificates and keys.

      Options and Arguments

      Options

      -i p12file

      Import keys and certificates from a PKCS #12 file into a security database.

      -l p12file

      List the keys and certificates in PKCS #12 file.

      -o p12file

      Export keys and certificates from the security database to a PKCS #12 file.

      Arguments

      -c keyCipher

      Specify the key encryption algorithm.

      -C certCipher

      Specify the certiticate encryption algorithm.

      -d directory

      Specify the database directory into which to import to or export from certificates and keys.

      pk12util supports two types of databases: the legacy security databases (cert8.db, key3.db, and secmod.db) and new SQLite databases (cert9.db, key4.db, and pkcs11.txt). If the prefix dbm: is not used, then the tool assumes that the given databases are in the SQLite format.

      -h tokenname

      Specify the name of the token to import into or export from.

      -k slotPasswordFile

      Specify the text file containing the slot's password.

      -K slotPassword

      Specify the slot's password.

      -m | --key-len keyLength

      Specify the desired length of the symmetric key to be used to encrypt the private key.

      -M hashAlg

      Specify the hash algorithm used in the pkcs #12 mac. This algorithm also specifies the HMAC used in the prf when using pkcs #5 v2.

      --cert-key-len certKeyLength

      Specify the desired length of the symmetric key to be used to encrypt the certificates and other meta-data.

      -n certname

      Specify the nickname of the cert and private key to export.

      The nickname can also be a PKCS #11 URI. For example, if you have a certificate named "my-server-cert" on the internal certificate store, it can be unambiguously specified as "pkcs11:token=NSS%20Certificate%20DB;object=my-server-cert". For details about the format, see RFC 7512.

      -P prefix

      Specify the prefix used on the certificate and key databases. This option is provided as a special case. + Changing the names of the certificate and key databases is not recommended.

      -r

      Dumps all of the data in raw (binary) form. This must be saved as a DER file. The default is to return information in a pretty-print ASCII format, which displays the information about the certificates and public keys in the p12 file.

      -v

      Enable debug logging when importing.

      -w p12filePasswordFile

      Specify the text file containing the pkcs #12 file password.

      -W p12filePassword

      Specify the pkcs #12 file password.

      Return Codes

      • 0 - No error

      • 1 - User Cancelled

      • 2 - Usage error

      • 6 - NLS init error

      • 8 - Certificate DB open error

      • 9 - Key DB open error

      • 10 - File initialization error

      • 11 - Unicode conversion error

      • 12 - Temporary file creation error

      • 13 - PKCS11 get slot error

      • 14 - PKCS12 decoder start error

      • 15 - error read from import file

      • 16 - pkcs12 decode error

      • 17 - pkcs12 decoder verify error

      • 18 - pkcs12 decoder validate bags error

      • 19 - pkcs12 decoder import bags error

      • 20 - key db conversion version 3 to version 2 error

      • 21 - cert db conversion version 7 to version 5 error

      • 22 - cert and key dbs patch error

      • 23 - get default cert db error

      • 24 - find cert by nickname error

      • 25 - create export context error

      • 26 - PKCS12 add password itegrity error

      • 27 - cert and key Safes creation error

      • 28 - PKCS12 add cert and key error

      • 29 - PKCS12 encode error

      Examples

      Importing Keys and Certificates

      The most basic usage of pk12util for importing a certificate or key is the PKCS #12 input file (-i) and some way to specify the security database being accessed (either -d for a directory or -h for a token). +

      +- pk12util -i p12File [-h tokenname] [-v] [-d [sql:]directory] [-P dbprefix] [-k slotPasswordFile|-K slotPassword] [-w p12filePasswordFile|-W p12filePassword] +-

      For example:

      # pk12util -i /tmp/cert-files/users.p12 -d sql:/home/my/sharednssdb
++    pk12util -i p12File [-h tokenname] [-v] [-d directory] [-P dbprefix] [-k slotPasswordFile|-K slotPassword] [-w p12filePasswordFile|-W p12filePassword]
++    
      For example:
       
      # pk12util -i /tmp/cert-files/users.p12 -d /home/my/sharednssdb
+ 
+ Enter a password which will be used to encrypt your keys.
+ The password should be at least 8 characters long,
+ and should contain at least one non-alphabetic character.
+ 
+ Enter new password: 
+ Re-enter password: 
+ Enter password for PKCS12 file: 
+ pk12util: PKCS12 IMPORT SUCCESSFUL
      Exporting Keys and Certificates
      Using the pk12util command to export certificates and keys requires both the name of the certificate to extract from the database (-n) and the PKCS #12-formatted output file to write to. There are optional parameters that can be used to encrypt the file to protect the certificate material.
+-    
      pk12util -o p12File -n certname [-c keyCipher] [-C certCipher] [-m|--key_len keyLen] [-n|--cert_key_len certKeyLen] [-d [sql:]directory] [-P dbprefix] [-k slotPasswordFile|-K slotPassword] [-w p12filePasswordFile|-W p12filePassword]
      For example:
      # pk12util -o certs.p12 -n Server-Cert -d sql:/home/my/sharednssdb
++    
      pk12util -o p12File -n certname [-c keyCipher] [-C certCipher] [-m|--key_len keyLen] [-n|--cert_key_len certKeyLen] [-d directory] [-P dbprefix] [-k slotPasswordFile|-K slotPassword] [-w p12filePasswordFile|-W p12filePassword]
      For example:
      # pk12util -o certs.p12 -n Server-Cert -d /home/my/sharednssdb
+ Enter password for PKCS12 file: 
+ Re-enter password: 
      Listing Keys and Certificates
      The information in a .p12 file are not human-readable. The certificates and keys in the file can be printed (listed) in a human-readable pretty-print format that shows information for every certificate and any public keys in the .p12 file.
+-    
      pk12util -l p12File [-h tokenname] [-r] [-d [sql:]directory] [-P dbprefix] [-k slotPasswordFile|-K slotPassword] [-w p12filePasswordFile|-W p12filePassword]
      For example, this prints the default ASCII output:
      # pk12util -l certs.p12
++    
      pk12util -l p12File [-h tokenname] [-r] [-d directory] [-P dbprefix] [-k slotPasswordFile|-K slotPassword] [-w p12filePasswordFile|-W p12filePassword]
      For example, this prints the default ASCII output:
      # pk12util -l certs.p12
+ 
+ Enter password for PKCS12 file: 
+ Key(shrouded):
+     Friendly Name: Thawte Freemail Member's Thawte Consulting (Pty) Ltd. ID
+ 
+     Encryption algorithm: PKCS #12 V2 PBE With SHA-1 And 3KEY Triple DES-CBC
+         Parameters:
+             Salt:
+@@ -59,18 +59,18 @@ The last versions of these 
      • 
+ 			cert9.db for certificates
+ 		
      • 
+ 			key4.db for keys
+ 		
      • 
+ 			pkcs11.txt, which is listing of all of the PKCS #11 modules contained in a new subdirectory in the security databases directory
+-

      Because the SQLite databases are designed to be shared, these are the shared database type. The shared database type is preferred; the legacy format is included for backward compatibility.

      By default, the tools (certutil, pk12util, modutil) assume that the given security databases follow the more common legacy type. +-Using the SQLite databases must be manually specified by using the sql: prefix with the given security directory. For example:

      # pk12util -i /tmp/cert-files/users.p12 -d sql:/home/my/sharednssdb

      To set the shared database type as the default type for the tools, set the NSS_DEFAULT_DB_TYPE environment variable to sql:

      export NSS_DEFAULT_DB_TYPE="sql"

      This line can be set added to the ~/.bashrc file to make the change permanent.

      Most applications do not use the shared database by default, but they can be configured to use them. For example, this how-to article covers how to configure Firefox and Thunderbird to use the new shared NSS databases:

      • ++

      Because the SQLite databases are designed to be shared, these are the shared database type. The shared database type is preferred; the legacy format is included for backward compatibility.

      By default, the tools (certutil, pk12util, modutil) assume that the given security databases use the SQLite type ++Using the legacy databases must be manually specified by using the dbm: prefix with the given security directory. For example:

      # pk12util -i /tmp/cert-files/users.p12 -d dbm:/home/my/sharednssdb

      To set the legacy database type as the default type for the tools, set the NSS_DEFAULT_DB_TYPE environment variable to dbm:

      export NSS_DEFAULT_DB_TYPE="dbm"

      This line can be set added to the ~/.bashrc file to make the change permanent.

      • + https://wiki.mozilla.org/NSS_Shared_DB_Howto

      For an engineering draft on the changes in the shared NSS databases, see the NSS project wiki:

      • + https://wiki.mozilla.org/NSS_Shared_DB +

      Compatibility Notes

      The exporting behavior of pk12util has changed over time, while importing files exported with older versions of NSS is still supported.

      Until the 3.30 release, pk12util used the UTF-16 encoding for the PKCS #5 password-based encryption schemes, while the recommendation is to encode passwords in UTF-8 if the used encryption scheme is defined outside of the PKCS #12 standard.

      Until the 3.31 release, even when "AES-128-CBC" or "AES-192-CBC" is given from the command line, pk12util always used 256-bit AES as the underlying encryption scheme.

      For historical reasons, pk12util accepts password-based encryption schemes not listed in this document. However, those schemes are not officially supported and may have issues in interoperability with other tools.

      See Also

      certutil (1)

      modutil (1)

      The NSS wiki has information on the new database design and how to configure applications to use it.

      • + https://wiki.mozilla.org/NSS_Shared_DB_Howto

      • + https://wiki.mozilla.org/NSS_Shared_DB +

      Additional Resources

      For information about NSS and other tools related to NSS (like JSS), check out the NSS project wiki at http://www.mozilla.org/projects/security/pki/nss/. The NSS site relates directly to NSS code changes and releases.

      Mailing lists: https://lists.mozilla.org/listinfo/dev-tech-crypto

      IRC: Freenode at #dogtag-pki

      Authors

      The NSS tools were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google.

      + Authors: Elio Maldonado <emaldona@redhat.com>, Deon Lackey <dlackey@redhat.com>. +

      LICENSE

      Licensed under the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/. +diff --git a/doc/html/pp.html b/doc/html/pp.html +--- a/doc/html/pp.html ++++ b/doc/html/pp.html +@@ -1,7 +1,7 @@ +-PP

      PP

      Name

      pp — Prints certificates, keys, crls, and pkcs7 files

      Synopsis

      pp -t type [-a] [-i input] [-o output] [-u] [-w]

      STATUS

      This documentation is still work in progress. Please contribute to the initial review in Mozilla NSS bug 836477 +-

      Description

      pp pretty-prints private and public key, certificate, certificate-request, +- pkcs7 or crl files +-

      Options

      -t type

      specify the input, one of {private-key | public-key | certificate | certificate-request | pkcs7 | crl}

      -a
      Input is in ascii encoded form (RFC1113)
      -i inputfile
      Define an input file to use (default is stdin)
      -o outputfile
      Define an output file to use (default is stdout)
      -u
      Use UTF-8 (default is to show non-ascii as .)
      -w
      Don't wrap long output lines

      Additional Resources

      NSS is maintained in conjunction with PKI and security-related projects through Mozilla and Fedora. The most closely-related project is Dogtag PKI, with a project wiki at PKI Wiki.

      For information specifically about NSS, the NSS project wiki is located at Mozilla NSS site. The NSS site relates directly to NSS code changes and releases.

      Mailing lists: pki-devel@redhat.com and pki-users@redhat.com

      IRC: Freenode at #dogtag-pki

      Authors

      The NSS tools were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google.

      ++PP

      PP

      Name

      pp — Prints certificates, keys, crls, and pkcs7 files

      Synopsis

      pp -t type [-a] [-i input] [-o output] [-u] [-w]

      STATUS

      This documentation is still work in progress. Please contribute to the initial review in Mozilla NSS bug 836477 ++

      Description

      pp pretty-prints private and public key, certificate, certificate-request, ++ pkcs7, pkcs12 or crl files ++

      Options

      -t type

      specify the input, one of {private-key | public-key | certificate | certificate-request | pkcs7 | pkcs12 | crl | name}

      -a
      Input is in ascii encoded form (RFC1113)
      -i inputfile
      Define an input file to use (default is stdin)
      -o outputfile
      Define an output file to use (default is stdout)
      -u
      Use UTF-8 (default is to show non-ascii as .)
      -w
      Don't wrap long output lines

      Additional Resources

      NSS is maintained in conjunction with PKI and security-related projects through Mozilla and Fedora. The most closely-related project is Dogtag PKI, with a project wiki at PKI Wiki.

      For information specifically about NSS, the NSS project wiki is located at Mozilla NSS site. The NSS site relates directly to NSS code changes and releases.

      Mailing lists: pki-devel@redhat.com and pki-users@redhat.com

      IRC: Freenode at #dogtag-pki

      Authors

      The NSS tools were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google.

      + Authors: Elio Maldonado <emaldona@redhat.com>, Deon Lackey <dlackey@redhat.com>. +

      LICENSE

      Licensed under the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/. +

      +diff --git a/doc/html/signver.html b/doc/html/signver.html +--- a/doc/html/signver.html ++++ b/doc/html/signver.html +@@ -1,12 +1,12 @@ +-SIGNVER
      SIGNVER

      Name

      signver — Verify a detached PKCS#7 signature for a file.

      Synopsis

      signtool -A | -V -d directory [-a] [-i input_file] [-o output_file] [-s signature_file] [-v]

      STATUS

      This documentation is still work in progress. Please contribute to the initial review in Mozilla NSS bug 836477 +-

      Description

      The Signature Verification Tool, signver, is a simple command-line utility that unpacks a base-64-encoded PKCS#7 signed object and verifies the digital signature using standard cryptographic techniques. The Signature Verification Tool can also display the contents of the signed object.

      Options

      -A

      Displays all of the information in the PKCS#7 signature.

      -V

      Verifies the digital signature.

      -d [sql:]directory

      Specify the database directory which contains the certificates and keys.

      signver supports two types of databases: the legacy security databases (cert8.db, key3.db, and secmod.db) and new SQLite databases (cert9.db, key4.db, and pkcs11.txt). If the prefix sql: is not used, then the tool assumes that the given databases are in the old format.

      -a

      Sets that the given signature file is in ASCII format.

      -i input_file

      Gives the input file for the object with signed data.

      -o output_file

      Gives the output file to which to write the results.

      -s signature_file

      Gives the input file for the digital signature.

      -v

      Enables verbose output.

      Extended Examples

      Verifying a Signature

      The -V option verifies that the signature in a given signature file is valid when used to sign the given object (from the input file).

      signver -V -s signature_file -i signed_file -d sql:/home/my/sharednssdb
++SIGNVER
      SIGNVER
      Name
      signver — Verify a detached PKCS#7 signature for a file.
      Synopsis
      signtool    -A  |   -V    -d directory  [-a] [-i input_file] [-o output_file] [-s signature_file] [-v]
      STATUS
      This documentation is still work in progress. Please contribute to the initial review in Mozilla NSS bug 836477
++    
      Description
      The Signature Verification Tool, signver, is a simple command-line utility that unpacks a base-64-encoded PKCS#7 signed object and verifies the digital signature using standard cryptographic techniques. The Signature Verification Tool can also display the contents of the signed object.
      Options
      -A
      Displays all of the information in the PKCS#7 signature.
      -V
      Verifies the digital signature.
      -d directory
      Specify the database directory which contains the certificates and keys.
      signver supports two types of databases: the legacy security databases (cert8.db, key3.db, and secmod.db) and new SQLite databases (cert9.db, key4.db, and pkcs11.txt). If the prefix dbm: is not used, then the tool assumes that the given databases are in the SQLite format.
      -a
      Sets that the given signature file is in ASCII format.
      -i input_file
      Gives the input file for the object with signed data.
      -o output_file
      Gives the output file to which to write the results.
      -s signature_file
      Gives the input file for the digital signature.
      -v
      Enables verbose output.
      Extended Examples
      Verifying a Signature
      The -V option verifies that the signature in a given signature file is valid when used to sign the given object (from the input file).
      signver -V -s signature_file -i signed_file -d /home/my/sharednssdb
+ 
+-signatureValid=yes
      Printing Signature Data
      
++signatureValid=yes

      Printing Signature Data

      + The -A option prints all of the information contained in a signature file. Using the -o option prints the signature file information to the given output file rather than stdout. + 

      signver -A -s signature_file -o output_file

      NSS Database Types

      NSS originally used BerkeleyDB databases to store security information. + The last versions of these legacy databases are:

      • + cert8.db for certificates +

      • + key3.db for keys +

      • + secmod.db for PKCS #11 module information +@@ -14,18 +14,18 @@ The last versions of these

        • + cert9.db for certificates +

        • + key4.db for keys +

        • + pkcs11.txt, which is listing of all of the PKCS #11 modules contained in a new subdirectory in the security databases directory +-

      Because the SQLite databases are designed to be shared, these are the shared database type. The shared database type is preferred; the legacy format is included for backward compatibility.

      By default, the tools (certutil, pk12util, modutil) assume that the given security databases follow the more common legacy type. +-Using the SQLite databases must be manually specified by using the sql: prefix with the given security directory. For example:

      # signver -A -s signature -d sql:/home/my/sharednssdb

      To set the shared database type as the default type for the tools, set the NSS_DEFAULT_DB_TYPE environment variable to sql:

      export NSS_DEFAULT_DB_TYPE="sql"

      This line can be added to the ~/.bashrc file to make the change permanent for the user.

      Most applications do not use the shared database by default, but they can be configured to use them. For example, this how-to article covers how to configure Firefox and Thunderbird to use the new shared NSS databases:

      • ++

      Because the SQLite databases are designed to be shared, these are the shared database type. The shared database type is preferred; the legacy format is included for backward compatibility.

      By default, the tools (certutil, pk12util, modutil) assume that the given security databases use the SQLite type ++Using the legacy databases must be manually specified by using the dbm: prefix with the given security directory. For example:

      # signver -A -s signature -d dbm:/home/my/sharednssdb

      To set the legacy database type as the default type for the tools, set the NSS_DEFAULT_DB_TYPE environment variable to dbm:

      export NSS_DEFAULT_DB_TYPE="dbm"

      This line can be added to the ~/.bashrc file to make the change permanent for the user.

      • + https://wiki.mozilla.org/NSS_Shared_DB_Howto

      For an engineering draft on the changes in the shared NSS databases, see the NSS project wiki:

      • + https://wiki.mozilla.org/NSS_Shared_DB +

      See Also

      signtool (1)

      The NSS wiki has information on the new database design and how to configure applications to use it.

      • Setting up the shared NSS database

        https://wiki.mozilla.org/NSS_Shared_DB_Howto

      • + Engineering and technical information about the shared NSS database +

        + https://wiki.mozilla.org/NSS_Shared_DB +

      Additional Resources

      For information about NSS and other tools related to NSS (like JSS), check out the NSS project wiki at http://www.mozilla.org/projects/security/pki/nss/. The NSS site relates directly to NSS code changes and releases.

      Mailing lists: https://lists.mozilla.org/listinfo/dev-tech-crypto

      IRC: Freenode at #dogtag-pki

      Authors

      The NSS tools were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google.

      + Authors: Elio Maldonado <emaldona@redhat.com>, Deon Lackey <dlackey@redhat.com>. +diff --git a/doc/html/ssltap.html b/doc/html/ssltap.html +--- a/doc/html/ssltap.html ++++ b/doc/html/ssltap.html +@@ -1,9 +1,9 @@ +-SSLTAP

      SSLTAP

      Name

      ssltap — Tap into SSL connections and display the data going by

      Synopsis

      ssltap [-fhlsvx] [-p port] [hostname:port]

      STATUS

      This documentation is still work in progress. Please contribute to the initial review in Mozilla NSS bug 836477 ++SSLTAP

      SSLTAP

      Name

      ssltap — Tap into SSL connections and display the data going by

      Synopsis

      ssltap [-fhlsvx] [-p port] [hostname:port]

      STATUS

      This documentation is still work in progress. Please contribute to the initial review in Mozilla NSS bug 836477 +

      Description

      The SSL Debugging Tool ssltap is an SSL-aware command-line proxy. It watches TCP connections and displays the data going by. If a connection is SSL, the data display includes interpreted SSL records and handshaking

      Options

      -f

      + Turn on fancy printing. Output is printed in colored HTML. Data sent from the client to the server is in blue; the server's reply is in red. When used with looping mode, the different connections are separated with horizontal lines. You can use this option to upload the output into a browser. +

      -h

      + Turn on hex/ASCII printing. Instead of outputting raw data, the command interprets each record as a numbered line of hex values, followed by the same data as ASCII characters. The two parts are separated by a vertical bar. Nonprinting characters are replaced by dots. +

      -l prefix

      + Turn on looping; that is, continue to accept connections rather than stopping after the first connection is complete. +

      -p port

      Change the default rendezvous port (1924) to another port.

      The following are well-known port numbers:

      + * HTTP 80 +diff --git a/doc/modutil.xml b/doc/modutil.xml +--- a/doc/modutil.xml ++++ b/doc/modutil.xml +@@ -144,24 +144,24 @@ + + + + -ciphers cipher-enable-list + Enable specific ciphers in a module that is being added to the database. The cipher-enable-list is a colon-delimited list of cipher names. Enclose this list in quotation marks if it contains spaces. + + + +- -dbdir [sql:]directory ++ -dbdir directory + Specify the database directory in which to access or create security module database files. +- modutil supports two types of databases: the legacy security databases (cert8.db, key3.db, and secmod.db) and new SQLite databases (cert9.db, key4.db, and pkcs11.txt). If the prefix sql: is not used, then the tool assumes that the given databases are in the old format. ++ modutil supports two types of databases: the legacy security databases (cert8.db, key3.db, and secmod.db) and SQLite databases (cert9.db, key4.db, and pkcs11.txt). If the prefix dbm: is not used, then the tool assumes that the given databases are in SQLite format. + + + + --dbprefix prefix +- Specify the prefix used on the database files, such as my_ for my_cert8.db. This option is provided as a special case. Changing the names of the certificate and key databases is not recommended. ++ Specify the prefix used on the database files, such as my_ for my_cert9.db. This option is provided as a special case. Changing the names of the certificate and key databases is not recommended. + + + + -installdir root-installation-directory + Specify the root installation directory relative to which files will be installed by the option. This directory should be one below which it is appropriate to store dynamic library files, such as a server's root directory. + + + +@@ -224,23 +224,23 @@ + + + + + Usage and Examples + + Creating Database Files + Before any operations can be performed, there must be a set of security databases available. modutil can be used to create these files. The only required argument is the database that where the databases will be located. +-modutil -create -dbdir [sql:]directory ++modutil -create -dbdir directory + + Adding a Cryptographic Module + Adding a PKCS #11 module means submitting a supporting library file, enabling its ciphers, and setting default provider status for various security mechanisms. This can be done by supplying all of the information through modutil directly or by running a JAR file and install script. For the most basic case, simply upload the library: + modutil -add modulename -libfile library-file [-ciphers cipher-enable-list] [-mechanisms mechanism-list] + For example: +-modutil -dbdir sql:/home/my/sharednssdb -add "Example PKCS #11 Module" -libfile "/tmp/crypto.so" -mechanisms RSA:DSA:RC2:RANDOM ++modutil -dbdir /home/my/sharednssdb -add "Example PKCS #11 Module" -libfile "/tmp/crypto.so" -mechanisms RSA:DSA:RC2:RANDOM + + Using database directory ... + Module "Example PKCS #11 Module" added to database. + + + + Installing a Cryptographic Module from a JAR File + PKCS #11 modules can also be loaded using a JAR file, which contains all of the required libraries and an installation script that describes how to install the module. The JAR install script is described in more detail in . +@@ -262,17 +262,17 @@ Module "Example PKCS #11 Module" added t + } + } + Linux:6.0.0:x86 { + EquivalentPlatform { Linux:5.4.08:x86 } + } + } + Both the install script and the required libraries must be bundled in a JAR file, which is specified with the argument. + +-modutil -dbdir sql:/home/mt"jar-install-filey/sharednssdb -jar install.jar -installdir sql:/home/my/sharednssdb ++modutil -dbdir /home/mt"jar-install-filey/sharednssdb -jar install.jar -installdir /home/my/sharednssdb + + This installation JAR file was signed by: + ---------------------------------------------- + + **SUBJECT NAME** + + C=US, ST=California, L=Mountain View, CN=Cryptorific Inc., OU=Digital ID + Class 3 - Netscape Object Signing, OU="www.verisign.com/repository/CPS +@@ -299,42 +299,42 @@ Installation completed successfully Adding Module Spec + Each module has information stored in the security database about its configuration and parameters. These can be added or edited using the command. For the current settings or to see the format of the module spec in the database, use the option. + modutil -rawadd modulespec + + + Deleting a Module + A specific PKCS #11 module can be deleted from the secmod.db database: +-modutil -delete modulename -dbdir [sql:]directory ++modutil -delete modulename -dbdir directory + + Displaying Module Information + The secmod.db database contains information about the PKCS #11 modules that are available to an application or server to use. The list of all modules, information about specific modules, and database configuration specs for modules can all be viewed. + To simply get a list of modules in the database, use the command. +-modutil -list [modulename] -dbdir [sql:]directory ++modutil -list [modulename] -dbdir directory + Listing the modules shows the module name, their status, and other associated security databases for certificates and keys. For example: + +-modutil -list -dbdir sql:/home/my/sharednssdb ++modutil -list -dbdir /home/my/sharednssdb + + Listing of PKCS #11 Modules + ----------------------------------------------------------- + 1. NSS Internal PKCS #11 Module + slots: 2 slots attached + status: loaded + + slot: NSS Internal Cryptographic Services + token: NSS Generic Crypto Services + uri: pkcs11:token=NSS%20Generic%20Crypto%20Services;manufacturer=Mozilla%20Foundation;serial=0000000000000000;model=NSS%203 + + slot: NSS User Private Key and Certificate Services + token: NSS Certificate DB + uri: pkcs11:token=NSS%20Certificate%20DB;manufacturer=Mozilla%20Foundation;serial=0000000000000000;model=NSS%203 + ----------------------------------------------------------- + Passing a specific module name with the returns details information about the module itself, like supported cipher mechanisms, version numbers, serial numbers, and other information about the module and the token it is loaded on. For example: +- modutil -list "NSS Internal PKCS #11 Module" -dbdir sql:/home/my/sharednssdb ++ modutil -list "NSS Internal PKCS #11 Module" -dbdir /home/my/sharednssdb + + ----------------------------------------------------------- + Name: NSS Internal PKCS #11 Module + Library file: **Internal ONLY module** + Manufacturer: Mozilla Foundation + Description: NSS Internal Crypto Services + PKCS #11 Version 2.20 + Library Version: 3.11 +@@ -370,17 +370,17 @@ Default Mechanism Flags: RSA:RC2:RC4:DES + Token Model: NSS 3 + Token Serial Number: 0000000000000000 + Token Version: 8.3 + Token Firmware Version: 0.0 + Access: NOT Write Protected + Login Type: Login required + User Pin: Initialized + A related command, returns information about the database configuration for the modules. (This information can be edited by loading new specs using the command.) +- modutil -rawlist -dbdir sql:/home/my/sharednssdb ++ modutil -rawlist -dbdir /home/my/sharednssdb + name="NSS Internal PKCS #11 Module" parameters="configdir=. certPrefix= keyPrefix= secmod=secmod.db flags=readOnly " NSS="trustOrder=75 cipherOrder=100 slotParams={0x00000001=[slotFlags=RSA,RC4,RC2,DES,DH,SHA1,MD5,MD2,SSL,TLS,AES,RANDOM askpw=any timeout=30 ] } Flags=internal,critical" + + Setting a Default Provider for Security Mechanisms + Multiple security modules may provide support for the same security mechanisms. It is possible to set a specific security module as the default provider for a specific security mechanism (or, conversely, to prohibit a provider from supplying those mechanisms). + modutil -default modulename -mechanisms mechanism-list + To set a module as the default provider for mechanisms, use the command with a colon-separated list of mechanisms. The available mechanisms depend on the module; NSS supplies almost all common mechanisms. For example: + modutil -default "NSS Internal PKCS #11 Module" -dbdir -mechanisms RSA:DSA:RC2 + +@@ -398,29 +398,29 @@ Successfully changed defaults.For example: + modutil -enable "NSS Internal PKCS #11 Module" -slot "NSS Internal Cryptographic Services " -dbdir . + + Slot "NSS Internal Cryptographic Services " enabled. + Be sure that the appropriate amount of trailing whitespace is after the slot name. Some slot names have a significant amount of whitespace that must be included, or the operation will fail. + + Enabling and Verifying FIPS Compliance + The NSS modules can have FIPS 140-2 compliance enabled or disabled using modutil with the option. For example: +-modutil -fips true -dbdir sql:/home/my/sharednssdb/ ++modutil -fips true -dbdir /home/my/sharednssdb/ + + FIPS mode enabled. + To verify that status of FIPS mode, run the command with either a true or false flag (it doesn't matter which). The tool returns the current FIPS setting. +-modutil -chkfips false -dbdir sql:/home/my/sharednssdb/ ++modutil -chkfips false -dbdir /home/my/sharednssdb/ + + FIPS mode enabled. + + Changing the Password on a Token + + Initializing or changing a token's password: + modutil -changepw tokenname [-pwfile old-password-file] [-newpwfile new-password-file] +-modutil -dbdir sql:/home/my/sharednssdb -changepw "NSS Certificate DB" ++modutil -dbdir /home/my/sharednssdb -changepw "NSS Certificate DB" + + Enter old password: + Incorrect password, try again... + Enter old password: + Enter new password: + Re-enter new password: + Token "Communicator Certificate DB" password changed successfully. + +@@ -684,27 +684,26 @@ BerkleyDB. These new databases provide m + + pkcs11.txt, which is listing of all of the PKCS #11 modules contained in a new subdirectory in the security databases directory + + + + + Because the SQLite databases are designed to be shared, these are the shared database type. The shared database type is preferred; the legacy format is included for backward compatibility. + +-By default, the tools (certutil, pk12util, modutil) assume that the given security databases follow the more common legacy type. +-Using the SQLite databases must be manually specified by using the sql: prefix with the given security directory. For example: ++By default, the tools (certutil, pk12util, modutil) assume that the given security databases use the SQLite type. ++Using the legacy databases must be manually specified by using the dbm: prefix with the given security directory. For example: + +-modutil -create -dbdir sql:/home/my/sharednssdb ++modutil -create -dbdir dbm:/home/my/sharednssdb + +-To set the shared database type as the default type for the tools, set the NSS_DEFAULT_DB_TYPE environment variable to sql: +-export NSS_DEFAULT_DB_TYPE="sql" ++To set the legacy database type as the default type for the tools, set the NSS_DEFAULT_DB_TYPE environment variable to dbm: ++export NSS_DEFAULT_DB_TYPE="dbm" + + This line can be added to the ~/.bashrc file to make the change permanent for the user. + +-Most applications do not use the shared database by default, but they can be configured to use them. For example, this how-to article covers how to configure Firefox and Thunderbird to use the new shared NSS databases: + + + + https://wiki.mozilla.org/NSS_Shared_DB_Howto + + + For an engineering draft on the changes in the shared NSS databases, see the NSS project wiki: + +diff --git a/doc/nroff/certutil.1 b/doc/nroff/certutil.1 +--- a/doc/nroff/certutil.1 ++++ b/doc/nroff/certutil.1 +@@ -1,18 +1,18 @@ + '\" t + .\" Title: CERTUTIL + .\" Author: [see the "Authors" section] + .\" Generator: DocBook XSL Stylesheets vsnapshot +-.\" Date: 5 October 2017 ++.\" Date: 19 May 2021 + .\" Manual: NSS Security Tools + .\" Source: nss-tools + .\" Language: English + .\" +-.TH "CERTUTIL" "1" "5 October 2017" "nss-tools" "NSS Security Tools" ++.TH "CERTUTIL" "1" "19 May 2021" "nss-tools" "NSS Security Tools" + .\" ----------------------------------------------------------------- + .\" * Define some portability stuff + .\" ----------------------------------------------------------------- + .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + .\" http://bugs.debian.org/507673 + .\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html + .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + .ie \n(.g .ds Aq \(aq +@@ -182,16 +182,21 @@ key4\&.db)\&. + .PP + Arguments modify a command option and are usually lower case, numbers, or symbols\&. + .PP + \-a + .RS 4 + Use ASCII format or allow the use of ASCII format for input or output\&. This formatting follows RFC 1113\&. For certificate requests, ASCII output defaults to standard output unless redirected\&. + .RE + .PP ++\-\-simple\-self\-signed ++.RS 4 ++When printing the certificate chain, don\*(Aqt search for a chain if issuer name equals to subject name\&. ++.RE ++.PP + \-b validity\-time + .RS 4 + Specify a time at which a certificate is required to be valid\&. Use when checking certificate validity with the + \fB\-V\fR + option\&. The format of the + \fIvalidity\-time\fR + argument is + \fIYYMMDDHHMMSS[+HHMM|\-HHMM|Z]\fR, which allows offsets to be set relative to the validity end time\&. Specifying seconds (\fISS\fR) is optional\&. When specifying an explicit time, use a Z at the end of the term, +@@ -242,17 +247,17 @@ requests the newer database + .sp -1 + .IP \(bu 2.3 + .\} + \fBdbm:\fR + requests the legacy database + .RE + .sp + If no prefix is specified the default type is retrieved from NSS_DEFAULT_DB_TYPE\&. If NSS_DEFAULT_DB_TYPE is not set then +-\fBdbm:\fR ++\fBsql:\fR + is the default\&. + .RE + .PP + \-\-dump\-ext\-val OID + .RS 4 + For single cert, print binary DER encoding of extension OID\&. + .RE + .PP +@@ -569,16 +574,28 @@ The contexts are the following: + .\} + .el \{\ + .sp -1 + .IP \(bu 2.3 + .\} + \fBJ\fR + (as an object signer) + .RE ++.sp ++.RS 4 ++.ie n \{\ ++\h'-04'\(bu\h'+03'\c ++.\} ++.el \{\ ++.sp -1 ++.IP \(bu 2.3 ++.\} ++\fBI\fR ++(as an IPSEC user) ++.RE + .RE + .PP + \-v valid\-months + .RS 4 + Set the number of months a new certificate will be valid\&. The validity period begins at the current system time unless an offset is added or subtracted with the + \fB\-w\fR + option\&. If this argument is not used, the default validity period is three months\&. + .RE +@@ -1041,16 +1058,93 @@ msTrustListSign + .\} + .el \{\ + .sp -1 + .IP \(bu 2.3 + .\} + critical + .RE + .sp ++.RS 4 ++.ie n \{\ ++\h'-04'\(bu\h'+03'\c ++.\} ++.el \{\ ++.sp -1 ++.IP \(bu 2.3 ++.\} ++x509Any ++.RE ++.sp ++.RS 4 ++.ie n \{\ ++\h'-04'\(bu\h'+03'\c ++.\} ++.el \{\ ++.sp -1 ++.IP \(bu 2.3 ++.\} ++ipsecIKE ++.RE ++.sp ++.RS 4 ++.ie n \{\ ++\h'-04'\(bu\h'+03'\c ++.\} ++.el \{\ ++.sp -1 ++.IP \(bu 2.3 ++.\} ++ipsecIKEEnd ++.RE ++.sp ++.RS 4 ++.ie n \{\ ++\h'-04'\(bu\h'+03'\c ++.\} ++.el \{\ ++.sp -1 ++.IP \(bu 2.3 ++.\} ++ipsecIKEIntermediate ++.RE ++.sp ++.RS 4 ++.ie n \{\ ++\h'-04'\(bu\h'+03'\c ++.\} ++.el \{\ ++.sp -1 ++.IP \(bu 2.3 ++.\} ++ipsecEnd ++.RE ++.sp ++.RS 4 ++.ie n \{\ ++\h'-04'\(bu\h'+03'\c ++.\} ++.el \{\ ++.sp -1 ++.IP \(bu 2.3 ++.\} ++ipsecTunnel ++.RE ++.sp ++.RS 4 ++.ie n \{\ ++\h'-04'\(bu\h'+03'\c ++.\} ++.el \{\ ++.sp -1 ++.IP \(bu 2.3 ++.\} ++ipsecUser ++.RE ++.sp + X\&.509 certificate extensions are described in RFC 5280\&. + .RE + .PP + \-7 emailAddrs + .RS 4 + Add a comma\-separated list of email addresses to the subject alternative name extension of a certificate or certificate request that is being created or added to the database\&. Subject alternative name extensions are described in Section 4\&.2\&.1\&.7 of RFC 3280\&. + .RE + .PP +@@ -1194,31 +1288,31 @@ secmod\&.db or pkcs11\&.txt + .RE + .PP + These databases must be created before certificates or keys can be generated\&. + .sp + .if n \{\ + .RS 4 + .\} + .nf +-certutil \-N \-d [sql:]directory ++certutil \-N \-d directory + .fi + .if n \{\ + .RE + .\} + .PP + \fBCreating a Certificate Request\fR + .PP + A certificate request contains most or all of the information that is used to generate the final certificate\&. This request is submitted separately to a certificate authority and is then approved by some mechanism (automatically or by human review)\&. Once the request is approved, then the certificate is generated\&. + .sp + .if n \{\ + .RS 4 + .\} + .nf +-$ certutil \-R \-k key\-type\-or\-id [\-q pqgfile|curve\-name] \-g key\-size \-s subject [\-h tokenname] \-d [sql:]directory [\-p phone] [\-o output\-file] [\-a] ++$ certutil \-R \-k key\-type\-or\-id [\-q pqgfile|curve\-name] \-g key\-size \-s subject [\-h tokenname] \-d directory [\-p phone] [\-o output\-file] [\-a] + .fi + .if n \{\ + .RE + .\} + .PP + The + \fB\-R\fR + command options requires four arguments: +@@ -1274,17 +1368,17 @@ to give the security database directory + The new certificate request can be output in ASCII format (\fB\-a\fR) or can be written to a specified file (\fB\-o\fR)\&. + .PP + For example: + .sp + .if n \{\ + .RS 4 + .\} + .nf +-$ certutil \-R \-k rsa \-g 1024 \-s "CN=John Smith,O=Example Corp,L=Mountain View,ST=California,C=US" \-d sql:$HOME/nssdb \-p 650\-555\-0123 \-a \-o cert\&.cer ++$ certutil \-R \-k rsa \-g 1024 \-s "CN=John Smith,O=Example Corp,L=Mountain View,ST=California,C=US" \-d $HOME/nssdb \-p 650\-555\-0123 \-a \-o cert\&.cer + + Generating key\&. This may take a few moments\&.\&.\&. + + .fi + .if n \{\ + .RE + .\} + .PP +@@ -1295,17 +1389,17 @@ A valid certificate must be issued by a + argument with the + \fB\-S\fR + command option\&. + .sp + .if n \{\ + .RS 4 + .\} + .nf +-$ certutil \-S \-k rsa|dsa|ec \-n certname \-s subject [\-c issuer |\-x] \-t trustargs \-d [sql:]directory [\-m serial\-number] [\-v valid\-months] [\-w offset\-months] [\-p phone] [\-1] [\-2] [\-3] [\-4] [\-5 keyword] [\-6 keyword] [\-7 emailAddress] [\-8 dns\-names] [\-\-extAIA] [\-\-extSIA] [\-\-extCP] [\-\-extPM] [\-\-extPC] [\-\-extIA] [\-\-extSKID] ++$ certutil \-S \-k rsa|dsa|ec \-n certname \-s subject [\-c issuer |\-x] \-t trustargs \-d directory [\-m serial\-number] [\-v valid\-months] [\-w offset\-months] [\-p phone] [\-1] [\-2] [\-3] [\-4] [\-5 keyword] [\-6 keyword] [\-7 emailAddress] [\-8 dns\-names] [\-\-extAIA] [\-\-extSIA] [\-\-extCP] [\-\-extPM] [\-\-extPC] [\-\-extIA] [\-\-extSKID] + .fi + .if n \{\ + .RE + .\} + .PP + The series of numbers and + \fB\-\-ext*\fR + options set certificate extensions that can be added to the certificate when it is generated by the CA\&. Interactive prompts will result\&. +@@ -1343,45 +1437,45 @@ When a certificate request is created, a + specified in the + \fB\-c\fR + argument)\&. The issuing certificate must be in the certificate database in the specified directory\&. + .sp + .if n \{\ + .RS 4 + .\} + .nf +-certutil \-C \-c issuer \-i cert\-request\-file \-o output\-file [\-m serial\-number] [\-v valid\-months] [\-w offset\-months] \-d [sql:]directory [\-1] [\-2] [\-3] [\-4] [\-5 keyword] [\-6 keyword] [\-7 emailAddress] [\-8 dns\-names] ++certutil \-C \-c issuer \-i cert\-request\-file \-o output\-file [\-m serial\-number] [\-v valid\-months] [\-w offset\-months] \-d directory [\-1] [\-2] [\-3] [\-4] [\-5 keyword] [\-6 keyword] [\-7 emailAddress] [\-8 dns\-names] + .fi + .if n \{\ + .RE + .\} + .PP + For example: + .sp + .if n \{\ + .RS 4 + .\} + .nf +-$ certutil \-C \-c "my\-ca\-cert" \-i /home/certs/cert\&.req \-o cert\&.cer \-m 010 \-v 12 \-w 1 \-d sql:$HOME/nssdb \-1 nonRepudiation,dataEncipherment \-5 sslClient \-6 clientAuth \-7 jsmith@example\&.com ++$ certutil \-C \-c "my\-ca\-cert" \-i /home/certs/cert\&.req \-o cert\&.cer \-m 010 \-v 12 \-w 1 \-d $HOME/nssdb \-1 nonRepudiation,dataEncipherment \-5 sslClient \-6 clientAuth \-7 jsmith@example\&.com + .fi + .if n \{\ + .RE + .\} + .PP + \fBListing Certificates\fR + .PP + The + \fB\-L\fR + command option lists all of the certificates listed in the certificate database\&. The path to the directory (\fB\-d\fR) is required\&. + .sp + .if n \{\ + .RS 4 + .\} + .nf +-$ certutil \-L \-d sql:/home/my/sharednssdb ++$ certutil \-L \-d /home/my/sharednssdb + + Certificate Nickname Trust Attributes + SSL,S/MIME,JAR/XPI + + CA Administrator of Instance pki\-ca1\*(Aqs Example Domain ID u,u,u + TPS Administrator\*(Aqs Example Domain ID u,u,u + Google Internet Authority ,, + Certificate Authority \- Example Domain CT,C,C +@@ -1397,17 +1491,17 @@ can return and print the information for + argument passes the certificate name, while the + \fB\-a\fR + argument prints the certificate in ASCII format: + .sp + .if n \{\ + .RS 4 + .\} + .nf +-$ certutil \-L \-d sql:$HOME/nssdb \-a \-n my\-ca\-cert ++$ certutil \-L \-d $HOME/nssdb \-a \-n my\-ca\-cert + \-\-\-\-\-BEGIN CERTIFICATE\-\-\-\-\- + MIIB1DCCAT2gAwIBAgICDkIwDQYJKoZIhvcNAQEFBQAwFTETMBEGA1UEAxMKRXhh + bXBsZSBDQTAeFw0xMzAzMTMxOTEwMjlaFw0xMzA2MTMxOTEwMjlaMBUxEzARBgNV + BAMTCkV4YW1wbGUgQ0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJ4Kzqvz + JyBVgFqDXRYSyTBNw1DrxUU/3GvWA/ngjAwHEv0Cul/6sO/gsCvnABHiH6unns6x + XRzPORlC2WY3gkk7vmlsLvYpyecNazAi/NAwVnU/66HOsaoVFWE+gBQo99UrN2yk + 0BiK/GMFlLm5dXQROgA9ZKKyFdI0LIXtf6SbAgMBAAGjMzAxMBEGCWCGSAGG+EIB + AQQEAwIHADAMBgNVHRMEBTADAQH/MA4GA1UdDwEB/wQEAwICBDANBgkqhkiG9w0B +@@ -1421,17 +1515,17 @@ ob2rb8XRVVJkzXdXxlk4uo3UtNvw8sAz7sWD71qx + .\} + .PP + For a human\-readable display + .sp + .if n \{\ + .RS 4 + .\} + .nf +-$ certutil \-L \-d sql:$HOME/nssdb \-n my\-ca\-cert ++$ certutil \-L \-d $HOME/nssdb \-n my\-ca\-cert + Certificate: + Data: + Version: 3 (0x2) + Serial Number: 3650 (0xe42) + Signature Algorithm: PKCS #1 SHA\-1 With RSA Encryption + Issuer: "CN=Example CA" + Validity: + Not Before: Wed Mar 13 19:10:29 2013 +@@ -1504,17 +1598,17 @@ To list all keys in the database, use th + command option and the (required) + \fB\-d\fR + argument to give the path to the directory\&. + .sp + .if n \{\ + .RS 4 + .\} + .nf +-$ certutil \-K \-d sql:$HOME/nssdb ++$ certutil \-K \-d $HOME/nssdb + certutil: Checking token "NSS Certificate DB" in slot "NSS User Private Key and Certificate Services " + < 0> rsa 455a6673bde9375c2887ec8bf8016b3f9f35861d Thawte Freemail Member\*(Aqs Thawte Consulting (Pty) Ltd\&. ID + < 1> rsa 40defeeb522ade11090eacebaaf1196a172127df Example Domain Administrator Cert + < 2> rsa 1d0b06f44f6c03842f7d4f4a1dc78b3bcd1b85a5 John Smith user cert + .fi + .if n \{\ + .RE + .\} +@@ -1570,17 +1664,17 @@ The devices that can be used to store ce + command option lists all of the security modules listed in the + secmod\&.db + database\&. The path to the directory (\fB\-d\fR) is required\&. + .sp + .if n \{\ + .RS 4 + .\} + .nf +-$ certutil \-U \-d sql:/home/my/sharednssdb ++$ certutil \-U \-d /home/my/sharednssdb + + slot: NSS User Private Key and Certificate Services + token: NSS Certificate DB + uri: pkcs11:token=NSS%20Certificate%20DB;manufacturer=Mozilla%20Foundation;serial=0000000000000000;model=NSS%203 + + slot: NSS Internal Cryptographic Services + token: NSS Generic Crypto Services + uri: pkcs11:token=NSS%20Generic%20Crypto%20Services;manufacturer=Mozilla%20Foundation;serial=0000000000000000;model=NSS%203 +@@ -1594,29 +1688,29 @@ database\&. The path to the directory (\ + Existing certificates or certificate requests can be added manually to the certificate database, even if they were generated elsewhere\&. This uses the + \fB\-A\fR + command option\&. + .sp + .if n \{\ + .RS 4 + .\} + .nf +-certutil \-A \-n certname \-t trustargs \-d [sql:]directory [\-a] [\-i input\-file] ++certutil \-A \-n certname \-t trustargs \-d directory [\-a] [\-i input\-file] + .fi + .if n \{\ + .RE + .\} + .PP + For example: + .sp + .if n \{\ + .RS 4 + .\} + .nf +-$ certutil \-A \-n "CN=My SSL Certificate" \-t ",," \-d sql:/home/my/sharednssdb \-i /home/example\-certs/cert\&.cer ++$ certutil \-A \-n "CN=My SSL Certificate" \-t ",," \-d /home/my/sharednssdb \-i /home/example\-certs/cert\&.cer + .fi + .if n \{\ + .RE + .\} + .PP + A related command option, + \fB\-E\fR, is used specifically to add email certificates to the certificate database\&. The + \fB\-E\fR +@@ -1624,99 +1718,99 @@ command has the same arguments as the + \fB\-A\fR + command\&. The trust arguments for certificates have the format + \fISSL,S/MIME,Code\-signing\fR, so the middle trust settings relate most to email certificates (though the others can be set)\&. For example: + .sp + .if n \{\ + .RS 4 + .\} + .nf +-$ certutil \-E \-n "CN=John Smith Email Cert" \-t ",P," \-d sql:/home/my/sharednssdb \-i /home/example\-certs/email\&.cer ++$ certutil \-E \-n "CN=John Smith Email Cert" \-t ",P," \-d /home/my/sharednssdb \-i /home/example\-certs/email\&.cer + .fi + .if n \{\ + .RE + .\} + .PP + \fBDeleting Certificates to the Database\fR + .PP + Certificates can be deleted from a database using the + \fB\-D\fR + option\&. The only required options are to give the security database directory and to identify the certificate nickname\&. + .sp + .if n \{\ + .RS 4 + .\} + .nf +-certutil \-D \-d [sql:]directory \-n "nickname" ++certutil \-D \-d directory \-n "nickname" + .fi + .if n \{\ + .RE + .\} + .PP + For example: + .sp + .if n \{\ + .RS 4 + .\} + .nf +-$ certutil \-D \-d sql:/home/my/sharednssdb \-n "my\-ssl\-cert" ++$ certutil \-D \-d /home/my/sharednssdb \-n "my\-ssl\-cert" + .fi + .if n \{\ + .RE + .\} + .PP + \fBValidating Certificates\fR + .PP + A certificate contains an expiration date in itself, and expired certificates are easily rejected\&. However, certificates can also be revoked before they hit their expiration date\&. Checking whether a certificate has been revoked requires validating the certificate\&. Validation can also be used to ensure that the certificate is only used for the purposes it was initially issued for\&. Validation is carried out by the + \fB\-V\fR + command option\&. + .sp + .if n \{\ + .RS 4 + .\} + .nf +-certutil \-V \-n certificate\-name [\-b time] [\-e] [\-u cert\-usage] \-d [sql:]directory ++certutil \-V \-n certificate\-name [\-b time] [\-e] [\-u cert\-usage] \-d directory + .fi + .if n \{\ + .RE + .\} + .PP + For example, to validate an email certificate: + .sp + .if n \{\ + .RS 4 + .\} + .nf +-$ certutil \-V \-n "John Smith\*(Aqs Email Cert" \-e \-u S,R \-d sql:/home/my/sharednssdb ++$ certutil \-V \-n "John Smith\*(Aqs Email Cert" \-e \-u S,R \-d /home/my/sharednssdb + .fi + .if n \{\ + .RE + .\} + .PP + \fBModifying Certificate Trust Settings\fR + .PP + The trust settings (which relate to the operations that a certificate is allowed to be used for) can be changed after a certificate is created or added to the database\&. This is especially useful for CA certificates, but it can be performed for any type of certificate\&. + .sp + .if n \{\ + .RS 4 + .\} + .nf +-certutil \-M \-n certificate\-name \-t trust\-args \-d [sql:]directory ++certutil \-M \-n certificate\-name \-t trust\-args \-d directory + .fi + .if n \{\ + .RE + .\} + .PP + For example: + .sp + .if n \{\ + .RS 4 + .\} + .nf +-$ certutil \-M \-n "My CA Certificate" \-d sql:/home/my/sharednssdb \-t "CT,CT,CT" ++$ certutil \-M \-n "My CA Certificate" \-d /home/my/sharednssdb \-t "CT,CT,CT" + .fi + .if n \{\ + .RE + .\} + .PP + \fBPrinting the Certificate Chain\fR + .PP + Certificates can be issued in +@@ -1724,17 +1818,17 @@ Certificates can be issued in + because every certificate authority itself has a certificate; when a CA issues a certificate, it essentially stamps that certificate with its own fingerprint\&. The + \fB\-O\fR + prints the full chain of a certificate, going from the initial CA (the root CA) through ever intermediary CA to the actual certificate\&. For example, for an email certificate with two CAs in the chain: + .sp + .if n \{\ + .RS 4 + .\} + .nf +-$ certutil \-d sql:/home/my/sharednssdb \-O \-n "jsmith@example\&.com" ++$ certutil \-d /home/my/sharednssdb \-O \-n "jsmith@example\&.com" + "Builtin Object Token:Thawte Personal Freemail CA" [E=personal\-freemail@thawte\&.com,CN=Thawte Personal Freemail CA,OU=Certification Services Division,O=Thawte Consulting,L=Cape Town,ST=Western Cape,C=ZA] + + "Thawte Personal Freemail Issuing CA \- Thawte Consulting" [CN=Thawte Personal Freemail Issuing CA,O=Thawte Consulting (Pty) Ltd\&.,C=ZA] + + "(null)" [E=jsmith@example\&.com,CN=Thawte Freemail Member] + .fi + .if n \{\ + .RE +@@ -1743,29 +1837,29 @@ prints the full chain of a certificate, + \fBResetting a Token\fR + .PP + The device which stores certificates \-\- both external hardware devices and internal software databases \-\- can be blanked and reused\&. This operation is performed on the device which stores the data, not directly on the security databases, so the location must be referenced through the token name (\fB\-h\fR) as well as any directory path\&. If there is no external token used, the default value is internal\&. + .sp + .if n \{\ + .RS 4 + .\} + .nf +-certutil \-T \-d [sql:]directory \-h token\-name \-0 security\-officer\-password ++certutil \-T \-d directory \-h token\-name \-0 security\-officer\-password + .fi + .if n \{\ + .RE + .\} + .PP + Many networks have dedicated personnel who handle changes to security tokens (the security officer)\&. This person must supply the password to access the specified token\&. For example: + .sp + .if n \{\ + .RS 4 + .\} + .nf +-$ certutil \-T \-d sql:/home/my/sharednssdb \-h nethsm \-0 secret ++$ certutil \-T \-d /home/my/sharednssdb \-h nethsm \-0 secret + .fi + .if n \{\ + .RE + .\} + .PP + \fBUpgrading or Merging the Security Databases\fR + .PP + Many networks or applications may be using older BerkeleyDB versions of the certificate database (cert8\&.db)\&. Databases can be upgraded to the new SQLite version of the database (cert9\&.db) using the +@@ -1780,55 +1874,55 @@ The + \fB\-\-upgrade\-merge\fR + command must give information about the original database and then use the standard arguments (like + \fB\-d\fR) to give the information about the new databases\&. The command also requires information that the tool uses for the process to upgrade and write over the original database\&. + .sp + .if n \{\ + .RS 4 + .\} + .nf +-certutil \-\-upgrade\-merge \-d [sql:]directory [\-P dbprefix] \-\-source\-dir directory \-\-source\-prefix dbprefix \-\-upgrade\-id id \-\-upgrade\-token\-name name [\-@ password\-file] ++certutil \-\-upgrade\-merge \-d directory [\-P dbprefix] \-\-source\-dir directory \-\-source\-prefix dbprefix \-\-upgrade\-id id \-\-upgrade\-token\-name name [\-@ password\-file] + .fi + .if n \{\ + .RE + .\} + .PP + For example: + .sp + .if n \{\ + .RS 4 + .\} + .nf +-$ certutil \-\-upgrade\-merge \-d sql:/home/my/sharednssdb \-\-source\-dir /opt/my\-app/alias/ \-\-source\-prefix serverapp\- \-\-upgrade\-id 1 \-\-upgrade\-token\-name internal ++$ certutil \-\-upgrade\-merge \-d /home/my/sharednssdb \-\-source\-dir /opt/my\-app/alias/ \-\-source\-prefix serverapp\- \-\-upgrade\-id 1 \-\-upgrade\-token\-name internal + .fi + .if n \{\ + .RE + .\} + .PP + The + \fB\-\-merge\fR + command only requires information about the location of the original database; since it doesn\*(Aqt change the format of the database, it can write over information without performing interim step\&. + .sp + .if n \{\ + .RS 4 + .\} + .nf +-certutil \-\-merge \-d [sql:]directory [\-P dbprefix] \-\-source\-dir directory \-\-source\-prefix dbprefix [\-@ password\-file] ++certutil \-\-merge \-d directory [\-P dbprefix] \-\-source\-dir directory \-\-source\-prefix dbprefix [\-@ password\-file] + .fi + .if n \{\ + .RE + .\} + .PP + For example: + .sp + .if n \{\ + .RS 4 + .\} + .nf +-$ certutil \-\-merge \-d sql:/home/my/sharednssdb \-\-source\-dir /opt/my\-app/alias/ \-\-source\-prefix serverapp\- ++$ certutil \-\-merge \-d /home/my/sharednssdb \-\-source\-dir /opt/my\-app/alias/ \-\-source\-prefix serverapp\- + .fi + .if n \{\ + .RE + .\} + .PP + \fBRunning certutil Commands from a Batch File\fR + .PP + A series of commands can be run sequentially from a text file with the +@@ -1921,50 +2015,48 @@ pkcs11\&.txt, a listing of all of the PK + .RE + .PP + Because the SQLite databases are designed to be shared, these are the + \fIshared\fR + database type\&. The shared database type is preferred; the legacy format is included for backward compatibility\&. + .PP + By default, the tools (\fBcertutil\fR, + \fBpk12util\fR, +-\fBmodutil\fR) assume that the given security databases follow the more common legacy type\&. Using the SQLite databases must be manually specified by using the +-\fBsql:\fR ++\fBmodutil\fR) assume that the given security databases use the SQLite type\&. Using the legacy databases must be manually specified by using the ++\fBdbm:\fR + prefix with the given security directory\&. For example: + .sp + .if n \{\ + .RS 4 + .\} + .nf +-$ certutil \-L \-d sql:/home/my/sharednssdb ++$ certutil \-L \-d dbm:/home/my/sharednssdb + .fi + .if n \{\ + .RE + .\} + .PP +-To set the shared database type as the default type for the tools, set the ++To set the legacy database type as the default type for the tools, set the + \fBNSS_DEFAULT_DB_TYPE\fR + environment variable to +-\fBsql\fR: ++\fBdbm\fR: + .sp + .if n \{\ + .RS 4 + .\} + .nf +-export NSS_DEFAULT_DB_TYPE="sql" ++export NSS_DEFAULT_DB_TYPE="dbm" + .fi + .if n \{\ + .RE + .\} + .PP + This line can be set added to the + ~/\&.bashrc + file to make the change permanent\&. +-.PP +-Most applications do not use the shared database by default, but they can be configured to use them\&. For example, this how\-to article covers how to configure Firefox and Thunderbird to use the new shared NSS databases: + .sp + .RS 4 + .ie n \{\ + \h'-04'\(bu\h'+03'\c + .\} + .el \{\ + .sp -1 + .IP \(bu 2.3 +diff --git a/doc/nroff/crlutil.1 b/doc/nroff/crlutil.1 +--- a/doc/nroff/crlutil.1 ++++ b/doc/nroff/crlutil.1 +@@ -1,18 +1,18 @@ + '\" t + .\" Title: CRLUTIL + .\" Author: [see the "Authors" section] +-.\" Generator: DocBook XSL Stylesheets v1.78.1 +-.\" Date: 5 June 2014 ++.\" Generator: DocBook XSL Stylesheets vsnapshot ++.\" Date: 19 May 2021 + .\" Manual: NSS Security Tools + .\" Source: nss-tools + .\" Language: English + .\" +-.TH "CRLUTIL" "1" "5 June 2014" "nss-tools" "NSS Security Tools" ++.TH "CRLUTIL" "1" "19 May 2021" "nss-tools" "NSS Security Tools" + .\" ----------------------------------------------------------------- + .\" * Define some portability stuff + .\" ----------------------------------------------------------------- + .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + .\" http://bugs.debian.org/507673 + .\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html + .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + .ie \n(.g .ds Aq \(aq +diff --git a/doc/nroff/derdump.1 b/doc/nroff/derdump.1 +--- a/doc/nroff/derdump.1 ++++ b/doc/nroff/derdump.1 +@@ -1,18 +1,18 @@ + '\" t + .\" Title: DERDUMP + .\" Author: [see the "Authors" section] +-.\" Generator: DocBook XSL Stylesheets v1.77.1 +-.\" Date: 15 February 2013 ++.\" Generator: DocBook XSL Stylesheets vsnapshot ++.\" Date: 19 May 2021 + .\" Manual: NSS Security Tools + .\" Source: nss-tools + .\" Language: English + .\" +-.TH "DERDUMP" "1" "15 February 2013" "nss-tools" "NSS Security Tools" ++.TH "DERDUMP" "1" "19 May 2021" "nss-tools" "NSS Security Tools" + .\" ----------------------------------------------------------------- + .\" * Define some portability stuff + .\" ----------------------------------------------------------------- + .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + .\" http://bugs.debian.org/507673 + .\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html + .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + .ie \n(.g .ds Aq \(aq +@@ -63,22 +63,22 @@ NSS is maintained in conjunction with PK + For information specifically about NSS, the NSS project wiki is located at + \m[blue]\fBMozilla NSS site\fR\m[]\&\s-2\u[3]\d\s+2\&. The NSS site relates directly to NSS code changes and releases\&. + .PP + Mailing lists: pki\-devel@redhat\&.com and pki\-users@redhat\&.com + .PP + IRC: Freenode at #dogtag\-pki + .SH "AUTHORS" + .PP +-The NSS tools were written and maintained by developers with Netscape and now with Red Hat\&. ++The NSS tools were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google\&. + .PP + Authors: Gerhardus Geldenhuis \&. Elio Maldonado , Deon Lackey + .SH "LICENSE" + .PP +-Licensed under the Mozilla Public License, version 1\&.1, and/or the GNU General Public License, version 2 or later, and/or the GNU Lesser General Public License, version 2\&.1 or later\&. ++Licensed under the Mozilla Public License, v\&. 2\&.0\&. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla\&.org/MPL/2\&.0/\&. + .SH "NOTES" + .IP " 1." 4 + Mozilla NSS bug 836477 + .RS 4 + \%https://bugzilla.mozilla.org/show_bug.cgi?id=836477 + .RE + .IP " 2." 4 + PKI Wiki +diff --git a/doc/nroff/modutil.1 b/doc/nroff/modutil.1 +--- a/doc/nroff/modutil.1 ++++ b/doc/nroff/modutil.1 +@@ -1,18 +1,18 @@ + '\" t + .\" Title: MODUTIL + .\" Author: [see the "Authors" section] + .\" Generator: DocBook XSL Stylesheets vsnapshot +-.\" Date: 5 October 2017 ++.\" Date: 19 May 2021 + .\" Manual: NSS Security Tools + .\" Source: nss-tools + .\" Language: English + .\" +-.TH "MODUTIL" "1" "5 October 2017" "nss-tools" "NSS Security Tools" ++.TH "MODUTIL" "1" "19 May 2021" "nss-tools" "NSS Security Tools" + .\" ----------------------------------------------------------------- + .\" * Define some portability stuff + .\" ----------------------------------------------------------------- + .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + .\" http://bugs.debian.org/507673 + .\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html + .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + .ie \n(.g .ds Aq \(aq +@@ -183,36 +183,36 @@ Give the security module spec to load in + .PP + \-ciphers cipher\-enable\-list + .RS 4 + Enable specific ciphers in a module that is being added to the database\&. The + \fIcipher\-enable\-list\fR + is a colon\-delimited list of cipher names\&. Enclose this list in quotation marks if it contains spaces\&. + .RE + .PP +-\-dbdir [sql:]directory ++\-dbdir directory + .RS 4 + Specify the database directory in which to access or create security module database files\&. + .sp + \fBmodutil\fR + supports two types of databases: the legacy security databases (cert8\&.db, + key3\&.db, and +-secmod\&.db) and new SQLite databases (cert9\&.db, ++secmod\&.db) and SQLite databases (cert9\&.db, + key4\&.db, and + pkcs11\&.txt)\&. If the prefix +-\fBsql:\fR +-is not used, then the tool assumes that the given databases are in the old format\&. ++\fBdbm:\fR ++is not used, then the tool assumes that the given databases are in SQLite format\&. + .RE + .PP + \-\-dbprefix prefix + .RS 4 + Specify the prefix used on the database files, such as + my_ + for +-my_cert8\&.db\&. This option is provided as a special case\&. Changing the names of the certificate and key databases is not recommended\&. ++my_cert9\&.db\&. This option is provided as a special case\&. Changing the names of the certificate and key databases is not recommended\&. + .RE + .PP + \-installdir root\-installation\-directory + .RS 4 + Specify the root installation directory relative to which files will be installed by the + \fB\-jar\fR + option\&. This directory should be one below which it is appropriate to store dynamic library files, such as a server\*(Aqs root directory\&. + .RE +@@ -325,17 +325,17 @@ option\&. If no temporary directory is s + Before any operations can be performed, there must be a set of security databases available\&. + \fBmodutil\fR + can be used to create these files\&. The only required argument is the database that where the databases will be located\&. + .sp + .if n \{\ + .RS 4 + .\} + .nf +-modutil \-create \-dbdir [sql:]directory ++modutil \-create \-dbdir directory + .fi + .if n \{\ + .RE + .\} + .PP + \fBAdding a Cryptographic Module\fR + .PP + Adding a PKCS #11 module means submitting a supporting library file, enabling its ciphers, and setting default provider status for various security mechanisms\&. This can be done by supplying all of the information through +@@ -353,17 +353,17 @@ modutil \-add modulename \-libfile libra + .\} + .PP + For example: + .sp + .if n \{\ + .RS 4 + .\} + .nf +-modutil \-dbdir sql:/home/my/sharednssdb \-add "Example PKCS #11 Module" \-libfile "/tmp/crypto\&.so" \-mechanisms RSA:DSA:RC2:RANDOM ++modutil \-dbdir /home/my/sharednssdb \-add "Example PKCS #11 Module" \-libfile "/tmp/crypto\&.so" \-mechanisms RSA:DSA:RC2:RANDOM + + Using database directory \&.\&.\&. + Module "Example PKCS #11 Module" added to database\&. + .fi + .if n \{\ + .RE + .\} + .PP +@@ -406,17 +406,17 @@ Platforms { + Both the install script and the required libraries must be bundled in a JAR file, which is specified with the + \fB\-jar\fR + argument\&. + .sp + .if n \{\ + .RS 4 + .\} + .nf +-modutil \-dbdir sql:/home/mt"jar\-install\-filey/sharednssdb \-jar install\&.jar \-installdir sql:/home/my/sharednssdb ++modutil \-dbdir /home/mt"jar\-install\-filey/sharednssdb \-jar install\&.jar \-installdir /home/my/sharednssdb + + This installation JAR file was signed by: + \-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\- + + **SUBJECT NAME** + + C=US, ST=California, L=Mountain View, CN=Cryptorific Inc\&., OU=Digital ID + Class 3 \- Netscape Object Signing, OU="www\&.verisign\&.com/repository/CPS +@@ -468,17 +468,17 @@ modutil \-rawadd modulespec + A specific PKCS #11 module can be deleted from the + secmod\&.db + database: + .sp + .if n \{\ + .RS 4 + .\} + .nf +-modutil \-delete modulename \-dbdir [sql:]directory ++modutil \-delete modulename \-dbdir directory + .fi + .if n \{\ + .RE + .\} + .PP + \fBDisplaying Module Information\fR + .PP + The +@@ -488,29 +488,29 @@ database contains information about the + To simply get a list of modules in the database, use the + \fB\-list\fR + command\&. + .sp + .if n \{\ + .RS 4 + .\} + .nf +-modutil \-list [modulename] \-dbdir [sql:]directory ++modutil \-list [modulename] \-dbdir directory + .fi + .if n \{\ + .RE + .\} + .PP + Listing the modules shows the module name, their status, and other associated security databases for certificates and keys\&. For example: + .sp + .if n \{\ + .RS 4 + .\} + .nf +-modutil \-list \-dbdir sql:/home/my/sharednssdb ++modutil \-list \-dbdir /home/my/sharednssdb + + Listing of PKCS #11 Modules + \-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\- + 1\&. NSS Internal PKCS #11 Module + slots: 2 slots attached + status: loaded + + slot: NSS Internal Cryptographic Services +@@ -529,17 +529,17 @@ Listing of PKCS #11 Modules + Passing a specific module name with the + \fB\-list\fR + returns details information about the module itself, like supported cipher mechanisms, version numbers, serial numbers, and other information about the module and the token it is loaded on\&. For example: + .sp + .if n \{\ + .RS 4 + .\} + .nf +- modutil \-list "NSS Internal PKCS #11 Module" \-dbdir sql:/home/my/sharednssdb ++ modutil \-list "NSS Internal PKCS #11 Module" \-dbdir /home/my/sharednssdb + + \-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\- + Name: NSS Internal PKCS #11 Module + Library file: **Internal ONLY module** + Manufacturer: Mozilla Foundation + Description: NSS Internal Crypto Services + PKCS #11 Version 2\&.20 + Library Version: 3\&.11 +@@ -589,17 +589,17 @@ A related command, + returns information about the database configuration for the modules\&. (This information can be edited by loading new specs using the + \fB\-rawadd\fR + command\&.) + .sp + .if n \{\ + .RS 4 + .\} + .nf +- modutil \-rawlist \-dbdir sql:/home/my/sharednssdb ++ modutil \-rawlist \-dbdir /home/my/sharednssdb + name="NSS Internal PKCS #11 Module" parameters="configdir=\&. certPrefix= keyPrefix= secmod=secmod\&.db flags=readOnly " NSS="trustOrder=75 cipherOrder=100 slotParams={0x00000001=[slotFlags=RSA,RC4,RC2,DES,DH,SHA1,MD5,MD2,SSL,TLS,AES,RANDOM askpw=any timeout=30 ] } Flags=internal,critical" + .fi + .if n \{\ + .RE + .\} + .PP + \fBSetting a Default Provider for Security Mechanisms\fR + .PP +@@ -683,33 +683,33 @@ The NSS modules can have FIPS 140\-2 com + with the + \fB\-fips\fR + option\&. For example: + .sp + .if n \{\ + .RS 4 + .\} + .nf +-modutil \-fips true \-dbdir sql:/home/my/sharednssdb/ ++modutil \-fips true \-dbdir /home/my/sharednssdb/ + + FIPS mode enabled\&. + .fi + .if n \{\ + .RE + .\} + .PP + To verify that status of FIPS mode, run the + \fB\-chkfips\fR + command with either a true or false flag (it doesn\*(Aqt matter which)\&. The tool returns the current FIPS setting\&. + .sp + .if n \{\ + .RS 4 + .\} + .nf +-modutil \-chkfips false \-dbdir sql:/home/my/sharednssdb/ ++modutil \-chkfips false \-dbdir /home/my/sharednssdb/ + + FIPS mode enabled\&. + .fi + .if n \{\ + .RE + .\} + .PP + \fBChanging the Password on a Token\fR +@@ -725,17 +725,17 @@ modutil \-changepw tokenname [\-pwfile o + .if n \{\ + .RE + .\} + .sp + .if n \{\ + .RS 4 + .\} + .nf +-modutil \-dbdir sql:/home/my/sharednssdb \-changepw "NSS Certificate DB" ++modutil \-dbdir /home/my/sharednssdb \-changepw "NSS Certificate DB" + + Enter old password: + Incorrect password, try again\&.\&.\&. + Enter old password: + Enter new password: + Re\-enter new password: + Token "Communicator Certificate DB" password changed successfully\&. + .fi +@@ -1336,50 +1336,48 @@ pkcs11\&.txt, which is listing of all of + .RE + .PP + Because the SQLite databases are designed to be shared, these are the + \fIshared\fR + database type\&. The shared database type is preferred; the legacy format is included for backward compatibility\&. + .PP + By default, the tools (\fBcertutil\fR, + \fBpk12util\fR, +-\fBmodutil\fR) assume that the given security databases follow the more common legacy type\&. Using the SQLite databases must be manually specified by using the +-\fBsql:\fR ++\fBmodutil\fR) assume that the given security databases use the SQLite type\&. Using the legacy databases must be manually specified by using the ++\fBdbm:\fR + prefix with the given security directory\&. For example: + .sp + .if n \{\ + .RS 4 + .\} + .nf +-modutil \-create \-dbdir sql:/home/my/sharednssdb ++modutil \-create \-dbdir dbm:/home/my/sharednssdb + .fi + .if n \{\ + .RE + .\} + .PP +-To set the shared database type as the default type for the tools, set the ++To set the legacy database type as the default type for the tools, set the + \fBNSS_DEFAULT_DB_TYPE\fR + environment variable to +-\fBsql\fR: ++\fBdbm\fR: + .sp + .if n \{\ + .RS 4 + .\} + .nf +-export NSS_DEFAULT_DB_TYPE="sql" ++export NSS_DEFAULT_DB_TYPE="dbm" + .fi + .if n \{\ + .RE + .\} + .PP + This line can be added to the + ~/\&.bashrc + file to make the change permanent for the user\&. +-.PP +-Most applications do not use the shared database by default, but they can be configured to use them\&. For example, this how\-to article covers how to configure Firefox and Thunderbird to use the new shared NSS databases: + .sp + .RS 4 + .ie n \{\ + \h'-04'\(bu\h'+03'\c + .\} + .el \{\ + .sp -1 + .IP \(bu 2.3 +diff --git a/doc/nroff/pk12util.1 b/doc/nroff/pk12util.1 +--- a/doc/nroff/pk12util.1 ++++ b/doc/nroff/pk12util.1 +@@ -1,18 +1,18 @@ + '\" t + .\" Title: PK12UTIL + .\" Author: [see the "Authors" section] + .\" Generator: DocBook XSL Stylesheets vsnapshot +-.\" Date: 5 October 2017 ++.\" Date: 19 May 2021 + .\" Manual: NSS Security Tools + .\" Source: nss-tools + .\" Language: English + .\" +-.TH "PK12UTIL" "1" "5 October 2017" "nss-tools" "NSS Security Tools" ++.TH "PK12UTIL" "1" "19 May 2021" "nss-tools" "NSS Security Tools" + .\" ----------------------------------------------------------------- + .\" * Define some portability stuff + .\" ----------------------------------------------------------------- + .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + .\" http://bugs.debian.org/507673 + .\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html + .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + .ie \n(.g .ds Aq \(aq +@@ -26,17 +26,17 @@ + .ad l + .\" ----------------------------------------------------------------- + .\" * MAIN CONTENT STARTS HERE * + .\" ----------------------------------------------------------------- + .SH "NAME" + pk12util \- Export and import keys and certificate to or from a PKCS #12 file and the NSS database + .SH "SYNOPSIS" + .HP \w'\fBpk12util\fR\ 'u +-\fBpk12util\fR [\-i\ p12File|\-l\ p12File|\-o\ p12File] [\-d\ [sql:]directory] [\-h\ tokenname] [\-P\ dbprefix] [\-r] [\-v] [\-k\ slotPasswordFile|\-K\ slotPassword] [\-w\ p12filePasswordFile|\-W\ p12filePassword] ++\fBpk12util\fR [\-i\ p12File|\-l\ p12File|\-o\ p12File] [\-c\ keyCipher] [\-C\ certCipher] [\-d\ directory] [\-h\ tokenname] [\-m\ |\ \-\-key\-len\ keyLength] [\-M\ hashAlg] [\-n\ certname] [\-P\ dbprefix] [\-r] [\-v] [\-\-cert\-key\-len\ certKeyLength] [\-k\ slotPasswordFile|\-K\ slotPassword] [\-w\ p12filePasswordFile|\-W\ p12filePassword] + .SH "STATUS" + .PP + This documentation is still work in progress\&. Please contribute to the initial review in + \m[blue]\fBMozilla NSS bug 836477\fR\m[]\&\s-2\u[1]\d\s+2 + .SH "DESCRIPTION" + .PP + The PKCS #12 utility, + \fBpk12util\fR, enables sharing certificates among any server that supports PKCS #12\&. The tool can import certificates and keys from PKCS #12 files into security databases, export certificates, and list certificates and keys\&. +@@ -66,28 +66,28 @@ Export keys and certificates from the se + Specify the key encryption algorithm\&. + .RE + .PP + \-C certCipher + .RS 4 + Specify the certiticate encryption algorithm\&. + .RE + .PP +-\-d [sql:]directory ++\-d directory + .RS 4 + Specify the database directory into which to import to or export from certificates and keys\&. + .sp + \fBpk12util\fR + supports two types of databases: the legacy security databases (cert8\&.db, + key3\&.db, and + secmod\&.db) and new SQLite databases (cert9\&.db, + key4\&.db, and + pkcs11\&.txt)\&. If the prefix +-\fBsql:\fR +-is not used, then the tool assumes that the given databases are in the old format\&. ++\fBdbm:\fR ++is not used, then the tool assumes that the given databases are in the SQLite format\&. + .RE + .PP + \-h tokenname + .RS 4 + Specify the name of the token to import into or export from\&. + .RE + .PP + \-k slotPasswordFile +@@ -100,17 +100,22 @@ Specify the text file containing the slo + Specify the slot\*(Aqs password\&. + .RE + .PP + \-m | \-\-key\-len keyLength + .RS 4 + Specify the desired length of the symmetric key to be used to encrypt the private key\&. + .RE + .PP +-\-n | \-\-cert\-key\-len certKeyLength ++\-M hashAlg ++.RS 4 ++Specify the hash algorithm used in the pkcs #12 mac\&. This algorithm also specifies the HMAC used in the prf when using pkcs #5 v2\&. ++.RE ++.PP ++\-\-cert\-key\-len certKeyLength + .RS 4 + Specify the desired length of the symmetric key to be used to encrypt the certificates and other meta\-data\&. + .RE + .PP + \-n certname + .RS 4 + Specify the nickname of the cert and private key to export\&. + .sp +@@ -435,27 +440,27 @@ 29 \- PKCS12 encode error + The most basic usage of + \fBpk12util\fR + for importing a certificate or key is the PKCS #12 input file (\fB\-i\fR) and some way to specify the security database being accessed (either + \fB\-d\fR + for a directory or + \fB\-h\fR + for a token)\&. + .PP +-pk12util \-i p12File [\-h tokenname] [\-v] [\-d [sql:]directory] [\-P dbprefix] [\-k slotPasswordFile|\-K slotPassword] [\-w p12filePasswordFile|\-W p12filePassword] ++pk12util \-i p12File [\-h tokenname] [\-v] [\-d directory] [\-P dbprefix] [\-k slotPasswordFile|\-K slotPassword] [\-w p12filePasswordFile|\-W p12filePassword] + .PP + For example: + .PP + + .sp + .if n \{\ + .RS 4 + .\} + .nf +-# pk12util \-i /tmp/cert\-files/users\&.p12 \-d sql:/home/my/sharednssdb ++# pk12util \-i /tmp/cert\-files/users\&.p12 \-d /home/my/sharednssdb + + Enter a password which will be used to encrypt your keys\&. + The password should be at least 8 characters long, + and should contain at least one non\-alphabetic character\&. + + Enter new password: + Re\-enter password: + Enter password for PKCS12 file: +@@ -466,41 +471,41 @@ pk12util: PKCS12 IMPORT SUCCESSFUL + .\} + .PP + \fBExporting Keys and Certificates\fR + .PP + Using the + \fBpk12util\fR + command to export certificates and keys requires both the name of the certificate to extract from the database (\fB\-n\fR) and the PKCS #12\-formatted output file to write to\&. There are optional parameters that can be used to encrypt the file to protect the certificate material\&. + .PP +-pk12util \-o p12File \-n certname [\-c keyCipher] [\-C certCipher] [\-m|\-\-key_len keyLen] [\-n|\-\-cert_key_len certKeyLen] [\-d [sql:]directory] [\-P dbprefix] [\-k slotPasswordFile|\-K slotPassword] [\-w p12filePasswordFile|\-W p12filePassword] ++pk12util \-o p12File \-n certname [\-c keyCipher] [\-C certCipher] [\-m|\-\-key_len keyLen] [\-n|\-\-cert_key_len certKeyLen] [\-d directory] [\-P dbprefix] [\-k slotPasswordFile|\-K slotPassword] [\-w p12filePasswordFile|\-W p12filePassword] + .PP + For example: + .sp + .if n \{\ + .RS 4 + .\} + .nf +-# pk12util \-o certs\&.p12 \-n Server\-Cert \-d sql:/home/my/sharednssdb ++# pk12util \-o certs\&.p12 \-n Server\-Cert \-d /home/my/sharednssdb + Enter password for PKCS12 file: + Re\-enter password: + .fi + .if n \{\ + .RE + .\} + .PP + \fBListing Keys and Certificates\fR + .PP + The information in a + \&.p12 + file are not human\-readable\&. The certificates and keys in the file can be printed (listed) in a human\-readable pretty\-print format that shows information for every certificate and any public keys in the + \&.p12 + file\&. + .PP +-pk12util \-l p12File [\-h tokenname] [\-r] [\-d [sql:]directory] [\-P dbprefix] [\-k slotPasswordFile|\-K slotPassword] [\-w p12filePasswordFile|\-W p12filePassword] ++pk12util \-l p12File [\-h tokenname] [\-r] [\-d directory] [\-P dbprefix] [\-k slotPasswordFile|\-K slotPassword] [\-w p12filePasswordFile|\-W p12filePassword] + .PP + For example, this prints the default ASCII output: + .sp + .if n \{\ + .RS 4 + .\} + .nf + # pk12util \-l certs\&.p12 +@@ -732,50 +737,48 @@ pkcs11\&.txt, which is listing of all of + .RE + .PP + Because the SQLite databases are designed to be shared, these are the + \fIshared\fR + database type\&. The shared database type is preferred; the legacy format is included for backward compatibility\&. + .PP + By default, the tools (\fBcertutil\fR, + \fBpk12util\fR, +-\fBmodutil\fR) assume that the given security databases follow the more common legacy type\&. Using the SQLite databases must be manually specified by using the +-\fBsql:\fR ++\fBmodutil\fR) assume that the given security databases use the SQLite type Using the legacy databases must be manually specified by using the ++\fBdbm:\fR + prefix with the given security directory\&. For example: + .sp + .if n \{\ + .RS 4 + .\} + .nf +-# pk12util \-i /tmp/cert\-files/users\&.p12 \-d sql:/home/my/sharednssdb ++# pk12util \-i /tmp/cert\-files/users\&.p12 \-d dbm:/home/my/sharednssdb + .fi + .if n \{\ + .RE + .\} + .PP +-To set the shared database type as the default type for the tools, set the ++To set the legacy database type as the default type for the tools, set the + \fBNSS_DEFAULT_DB_TYPE\fR + environment variable to +-\fBsql\fR: ++\fBdbm\fR: + .sp + .if n \{\ + .RS 4 + .\} + .nf +-export NSS_DEFAULT_DB_TYPE="sql" ++export NSS_DEFAULT_DB_TYPE="dbm" + .fi + .if n \{\ + .RE + .\} + .PP + This line can be set added to the + ~/\&.bashrc + file to make the change permanent\&. +-.PP +-Most applications do not use the shared database by default, but they can be configured to use them\&. For example, this how\-to article covers how to configure Firefox and Thunderbird to use the new shared NSS databases: + .sp + .RS 4 + .ie n \{\ + \h'-04'\(bu\h'+03'\c + .\} + .el \{\ + .sp -1 + .IP \(bu 2.3 +diff --git a/doc/nroff/pp.1 b/doc/nroff/pp.1 +--- a/doc/nroff/pp.1 ++++ b/doc/nroff/pp.1 +@@ -1,18 +1,18 @@ + '\" t + .\" Title: PP + .\" Author: [see the "Authors" section] +-.\" Generator: DocBook XSL Stylesheets v1.78.1 +-.\" Date: 29 July 2014 ++.\" Generator: DocBook XSL Stylesheets vsnapshot ++.\" Date: 19 May 2021 + .\" Manual: NSS Security Tools + .\" Source: nss-tools + .\" Language: English + .\" +-.TH "PP" "1" "29 July 2014" "nss-tools" "NSS Security Tools" ++.TH "PP" "1" "19 May 2021" "nss-tools" "NSS Security Tools" + .\" ----------------------------------------------------------------- + .\" * Define some portability stuff + .\" ----------------------------------------------------------------- + .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + .\" http://bugs.debian.org/507673 + .\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html + .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + .ie \n(.g .ds Aq \(aq +@@ -33,22 +33,22 @@ pp \- Prints certificates, keys, crls, a + .HP \w'\fBpp\ \-t\ type\ [\-a]\ [\-i\ input]\ [\-o\ output]\ [\-u]\ [\-w]\fR\ 'u + \fBpp \-t type [\-a] [\-i input] [\-o output] [\-u] [\-w]\fR + .SH "STATUS" + .PP + This documentation is still work in progress\&. Please contribute to the initial review in + \m[blue]\fBMozilla NSS bug 836477\fR\m[]\&\s-2\u[1]\d\s+2 + .SH "DESCRIPTION" + .PP +-\fBpp \fRpretty\-prints private and public key, certificate, certificate\-request, pkcs7 or crl files ++\fBpp \fRpretty\-prints private and public key, certificate, certificate\-request, pkcs7, pkcs12 or crl files + .SH "OPTIONS" + .PP + \fB\-t \fR \fItype\fR + .RS 4 +-specify the input, one of {private\-key | public\-key | certificate | certificate\-request | pkcs7 | crl} ++specify the input, one of {private\-key | public\-key | certificate | certificate\-request | pkcs7 | pkcs12 | crl | name} + .sp + .RE + .PP + \fB\-a \fR + .RS 4 + Input is in ascii encoded form (RFC1113) + .RE + .PP +diff --git a/doc/nroff/signtool.1 b/doc/nroff/signtool.1 +--- a/doc/nroff/signtool.1 ++++ b/doc/nroff/signtool.1 +@@ -1,18 +1,18 @@ + '\" t + .\" Title: signtool + .\" Author: [see the "Authors" section] +-.\" Generator: DocBook XSL Stylesheets v1.78.1 +-.\" Date: 5 June 2014 ++.\" Generator: DocBook XSL Stylesheets vsnapshot ++.\" Date: 19 May 2021 + .\" Manual: NSS Security Tools + .\" Source: nss-tools + .\" Language: English + .\" +-.TH "SIGNTOOL" "1" "5 June 2014" "nss-tools" "NSS Security Tools" ++.TH "SIGNTOOL" "1" "19 May 2021" "nss-tools" "NSS Security Tools" + .\" ----------------------------------------------------------------- + .\" * Define some portability stuff + .\" ----------------------------------------------------------------- + .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + .\" http://bugs.debian.org/507673 + .\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html + .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + .ie \n(.g .ds Aq \(aq +diff --git a/doc/nroff/signver.1 b/doc/nroff/signver.1 +--- a/doc/nroff/signver.1 ++++ b/doc/nroff/signver.1 +@@ -1,18 +1,18 @@ + '\" t + .\" Title: SIGNVER + .\" Author: [see the "Authors" section] +-.\" Generator: DocBook XSL Stylesheets v1.78.1 +-.\" Date: 5 June 2014 ++.\" Generator: DocBook XSL Stylesheets vsnapshot ++.\" Date: 19 May 2021 + .\" Manual: NSS Security Tools + .\" Source: nss-tools + .\" Language: English + .\" +-.TH "SIGNVER" "1" "5 June 2014" "nss-tools" "NSS Security Tools" ++.TH "SIGNVER" "1" "19 May 2021" "nss-tools" "NSS Security Tools" + .\" ----------------------------------------------------------------- + .\" * Define some portability stuff + .\" ----------------------------------------------------------------- + .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + .\" http://bugs.debian.org/507673 + .\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html + .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + .ie \n(.g .ds Aq \(aq +@@ -47,28 +47,28 @@ The Signature Verification Tool, + Displays all of the information in the PKCS#7 signature\&. + .RE + .PP + \-V + .RS 4 + Verifies the digital signature\&. + .RE + .PP +-\-d [sql:]\fIdirectory\fR ++\-d \fIdirectory\fR + .RS 4 + Specify the database directory which contains the certificates and keys\&. + .sp + \fBsignver\fR + supports two types of databases: the legacy security databases (cert8\&.db, + key3\&.db, and + secmod\&.db) and new SQLite databases (cert9\&.db, + key4\&.db, and + pkcs11\&.txt)\&. If the prefix +-\fBsql:\fR +-is not used, then the tool assumes that the given databases are in the old format\&. ++\fBdbm:\fR ++is not used, then the tool assumes that the given databases are in the SQLite format\&. + .RE + .PP + \-a + .RS 4 + Sets that the given signature file is in ASCII format\&. + .RE + .PP + \-i \fIinput_file\fR +@@ -96,17 +96,17 @@ Enables verbose output\&. + The + \fB\-V\fR + option verifies that the signature in a given signature file is valid when used to sign the given object (from the input file)\&. + .sp + .if n \{\ + .RS 4 + .\} + .nf +-signver \-V \-s \fIsignature_file\fR \-i \fIsigned_file\fR \-d sql:/home/my/sharednssdb ++signver \-V \-s \fIsignature_file\fR \-i \fIsigned_file\fR \-d /home/my/sharednssdb + + signatureValid=yes + .fi + .if n \{\ + .RE + .\} + .SS "Printing Signature Data" + .PP +@@ -202,50 +202,48 @@ pkcs11\&.txt, which is listing of all of + .RE + .PP + Because the SQLite databases are designed to be shared, these are the + \fIshared\fR + database type\&. The shared database type is preferred; the legacy format is included for backward compatibility\&. + .PP + By default, the tools (\fBcertutil\fR, + \fBpk12util\fR, +-\fBmodutil\fR) assume that the given security databases follow the more common legacy type\&. Using the SQLite databases must be manually specified by using the +-\fBsql:\fR ++\fBmodutil\fR) assume that the given security databases use the SQLite type Using the legacy databases must be manually specified by using the ++\fBdbm:\fR + prefix with the given security directory\&. For example: + .sp + .if n \{\ + .RS 4 + .\} + .nf +-# signver \-A \-s \fIsignature\fR \-d sql:/home/my/sharednssdb ++# signver \-A \-s \fIsignature\fR \-d dbm:/home/my/sharednssdb + .fi + .if n \{\ + .RE + .\} + .PP +-To set the shared database type as the default type for the tools, set the ++To set the legacy database type as the default type for the tools, set the + \fBNSS_DEFAULT_DB_TYPE\fR + environment variable to +-\fBsql\fR: ++\fBdbm\fR: + .sp + .if n \{\ + .RS 4 + .\} + .nf +-export NSS_DEFAULT_DB_TYPE="sql" ++export NSS_DEFAULT_DB_TYPE="dbm" + .fi + .if n \{\ + .RE + .\} + .PP + This line can be added to the + ~/\&.bashrc + file to make the change permanent for the user\&. +-.PP +-Most applications do not use the shared database by default, but they can be configured to use them\&. For example, this how\-to article covers how to configure Firefox and Thunderbird to use the new shared NSS databases: + .sp + .RS 4 + .ie n \{\ + \h'-04'\(bu\h'+03'\c + .\} + .el \{\ + .sp -1 + .IP \(bu 2.3 +diff --git a/doc/nroff/ssltap.1 b/doc/nroff/ssltap.1 +--- a/doc/nroff/ssltap.1 ++++ b/doc/nroff/ssltap.1 +@@ -1,18 +1,18 @@ + '\" t + .\" Title: SSLTAP + .\" Author: [see the "Authors" section] +-.\" Generator: DocBook XSL Stylesheets v1.78.1 +-.\" Date: 5 June 2014 ++.\" Generator: DocBook XSL Stylesheets vsnapshot ++.\" Date: 19 May 2021 + .\" Manual: NSS Security Tools + .\" Source: nss-tools + .\" Language: English + .\" +-.TH "SSLTAP" "1" "5 June 2014" "nss-tools" "NSS Security Tools" ++.TH "SSLTAP" "1" "19 May 2021" "nss-tools" "NSS Security Tools" + .\" ----------------------------------------------------------------- + .\" * Define some portability stuff + .\" ----------------------------------------------------------------- + .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + .\" http://bugs.debian.org/507673 + .\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html + .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + .ie \n(.g .ds Aq \(aq +diff --git a/doc/nroff/vfychain.1 b/doc/nroff/vfychain.1 +--- a/doc/nroff/vfychain.1 ++++ b/doc/nroff/vfychain.1 +@@ -1,18 +1,18 @@ + '\" t + .\" Title: VFYCHAIN + .\" Author: [see the "Authors" section] +-.\" Generator: DocBook XSL Stylesheets v1.78.1 +-.\" Date: 5 June 2014 ++.\" Generator: DocBook XSL Stylesheets vsnapshot ++.\" Date: 19 May 2021 + .\" Manual: NSS Security Tools + .\" Source: nss-tools + .\" Language: English + .\" +-.TH "VFYCHAIN" "1" "5 June 2014" "nss-tools" "NSS Security Tools" ++.TH "VFYCHAIN" "1" "19 May 2021" "nss-tools" "NSS Security Tools" + .\" ----------------------------------------------------------------- + .\" * Define some portability stuff + .\" ----------------------------------------------------------------- + .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + .\" http://bugs.debian.org/507673 + .\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html + .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + .ie \n(.g .ds Aq \(aq +diff --git a/doc/nroff/vfyserv.1 b/doc/nroff/vfyserv.1 +--- a/doc/nroff/vfyserv.1 ++++ b/doc/nroff/vfyserv.1 +@@ -1,18 +1,18 @@ + '\" t + .\" Title: VFYSERV + .\" Author: [see the "Authors" section] +-.\" Generator: DocBook XSL Stylesheets v1.78.1 +-.\" Date: 5 June 2014 ++.\" Generator: DocBook XSL Stylesheets vsnapshot ++.\" Date: 19 May 2021 + .\" Manual: NSS Security Tools + .\" Source: nss-tools + .\" Language: English + .\" +-.TH "VFYSERV" "1" "5 June 2014" "nss-tools" "NSS Security Tools" ++.TH "VFYSERV" "1" "19 May 2021" "nss-tools" "NSS Security Tools" + .\" ----------------------------------------------------------------- + .\" * Define some portability stuff + .\" ----------------------------------------------------------------- + .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + .\" http://bugs.debian.org/507673 + .\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html + .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + .ie \n(.g .ds Aq \(aq +diff --git a/doc/pk12util.xml b/doc/pk12util.xml +--- a/doc/pk12util.xml ++++ b/doc/pk12util.xml +@@ -25,17 +25,17 @@ + + + + + pk12util + -i p12File|-l p12File|-o p12File + -c keyCipher + -C certCipher +- -d [sql:]directory ++ -d directory + -h tokenname + -m | --key-len keyLength + -M hashAlg + -n certname + -P dbprefix + -r + -v + --cert-key-len certKeyLength +@@ -83,19 +83,19 @@ + + + + -C certCipher + Specify the certiticate encryption algorithm. + + + +- -d [sql:]directory ++ -d directory + Specify the database directory into which to import to or export from certificates and keys. +- pk12util supports two types of databases: the legacy security databases (cert8.db, key3.db, and secmod.db) and new SQLite databases (cert9.db, key4.db, and pkcs11.txt). If the prefix sql: is not used, then the tool assumes that the given databases are in the old format. ++ pk12util supports two types of databases: the legacy security databases (cert8.db, key3.db, and secmod.db) and new SQLite databases (cert9.db, key4.db, and pkcs11.txt). If the prefix dbm: is not used, then the tool assumes that the given databases are in the SQLite format. + + + + -h tokenname + Specify the name of the token to import into or export from. + + + +@@ -244,44 +244,44 @@ + + + + Examples + Importing Keys and Certificates + The most basic usage of pk12util for importing a certificate or key is the PKCS #12 input file () and some way to specify the security database being accessed (either for a directory or for a token). + + +- pk12util -i p12File [-h tokenname] [-v] [-d [sql:]directory] [-P dbprefix] [-k slotPasswordFile|-K slotPassword] [-w p12filePasswordFile|-W p12filePassword] ++ pk12util -i p12File [-h tokenname] [-v] [-d directory] [-P dbprefix] [-k slotPasswordFile|-K slotPassword] [-w p12filePasswordFile|-W p12filePassword] + + For example: + +- # pk12util -i /tmp/cert-files/users.p12 -d sql:/home/my/sharednssdb ++ # pk12util -i /tmp/cert-files/users.p12 -d /home/my/sharednssdb + + Enter a password which will be used to encrypt your keys. + The password should be at least 8 characters long, + and should contain at least one non-alphabetic character. + + Enter new password: + Re-enter password: + Enter password for PKCS12 file: + pk12util: PKCS12 IMPORT SUCCESSFUL + + Exporting Keys and Certificates + Using the pk12util command to export certificates and keys requires both the name of the certificate to extract from the database () and the PKCS #12-formatted output file to write to. There are optional parameters that can be used to encrypt the file to protect the certificate material. + +- pk12util -o p12File -n certname [-c keyCipher] [-C certCipher] [-m|--key_len keyLen] [-n|--cert_key_len certKeyLen] [-d [sql:]directory] [-P dbprefix] [-k slotPasswordFile|-K slotPassword] [-w p12filePasswordFile|-W p12filePassword] ++ pk12util -o p12File -n certname [-c keyCipher] [-C certCipher] [-m|--key_len keyLen] [-n|--cert_key_len certKeyLen] [-d directory] [-P dbprefix] [-k slotPasswordFile|-K slotPassword] [-w p12filePasswordFile|-W p12filePassword] + For example: +- # pk12util -o certs.p12 -n Server-Cert -d sql:/home/my/sharednssdb ++ # pk12util -o certs.p12 -n Server-Cert -d /home/my/sharednssdb + Enter password for PKCS12 file: + Re-enter password: + + Listing Keys and Certificates + The information in a .p12 file are not human-readable. The certificates and keys in the file can be printed (listed) in a human-readable pretty-print format that shows information for every certificate and any public keys in the .p12 file. + +- pk12util -l p12File [-h tokenname] [-r] [-d [sql:]directory] [-P dbprefix] [-k slotPasswordFile|-K slotPassword] [-w p12filePasswordFile|-W p12filePassword] ++ pk12util -l p12File [-h tokenname] [-r] [-d directory] [-P dbprefix] [-k slotPasswordFile|-K slotPassword] [-w p12filePasswordFile|-W p12filePassword] + For example, this prints the default ASCII output: + # pk12util -l certs.p12 + + Enter password for PKCS12 file: + Key(shrouded): + Friendly Name: Thawte Freemail Member's Thawte Consulting (Pty) Ltd. ID + + Encryption algorithm: PKCS #12 V2 PBE With SHA-1 And 3KEY Triple DES-CBC +@@ -389,27 +389,26 @@ BerkleyDB. These new databases provide m + + pkcs11.txt, which is listing of all of the PKCS #11 modules contained in a new subdirectory in the security databases directory + + + + + Because the SQLite databases are designed to be shared, these are the shared database type. The shared database type is preferred; the legacy format is included for backward compatibility. + +-By default, the tools (certutil, pk12util, modutil) assume that the given security databases follow the more common legacy type. +-Using the SQLite databases must be manually specified by using the sql: prefix with the given security directory. For example: ++By default, the tools (certutil, pk12util, modutil) assume that the given security databases use the SQLite type ++Using the legacy databases must be manually specified by using the dbm: prefix with the given security directory. For example: + +-# pk12util -i /tmp/cert-files/users.p12 -d sql:/home/my/sharednssdb ++# pk12util -i /tmp/cert-files/users.p12 -d dbm:/home/my/sharednssdb + +-To set the shared database type as the default type for the tools, set the NSS_DEFAULT_DB_TYPE environment variable to sql: +-export NSS_DEFAULT_DB_TYPE="sql" ++To set the legacy database type as the default type for the tools, set the NSS_DEFAULT_DB_TYPE environment variable to dbm: ++export NSS_DEFAULT_DB_TYPE="dbm" + + This line can be set added to the ~/.bashrc file to make the change permanent. + +-Most applications do not use the shared database by default, but they can be configured to use them. For example, this how-to article covers how to configure Firefox and Thunderbird to use the new shared NSS databases: + + + + https://wiki.mozilla.org/NSS_Shared_DB_Howto + + + For an engineering draft on the changes in the shared NSS databases, see the NSS project wiki: + +diff --git a/doc/signver.xml b/doc/signver.xml +--- a/doc/signver.xml ++++ b/doc/signver.xml +@@ -59,19 +59,19 @@ + -A + Displays all of the information in the PKCS#7 signature. + + + -V + Verifies the digital signature. + + +- -d [sql:]directory ++ -d directory + Specify the database directory which contains the certificates and keys. +- signver supports two types of databases: the legacy security databases (cert8.db, key3.db, and secmod.db) and new SQLite databases (cert9.db, key4.db, and pkcs11.txt). If the prefix sql: is not used, then the tool assumes that the given databases are in the old format. ++ signver supports two types of databases: the legacy security databases (cert8.db, key3.db, and secmod.db) and new SQLite databases (cert9.db, key4.db, and pkcs11.txt). If the prefix dbm: is not used, then the tool assumes that the given databases are in the SQLite format. + + + -a + Sets that the given signature file is in ASCII format. + + + -i input_file + Gives the input file for the object with signed data. +@@ -90,17 +90,17 @@ + + + + + + Extended Examples + Verifying a Signature + The option verifies that the signature in a given signature file is valid when used to sign the given object (from the input file). +-signver -V -s signature_file -i signed_file -d sql:/home/my/sharednssdb ++signver -V -s signature_file -i signed_file -d /home/my/sharednssdb + + signatureValid=yes + + + Printing Signature Data + + The option prints all of the information contained in a signature file. Using the option prints the signature file information to the given output file rather than stdout. + +@@ -150,27 +150,26 @@ BerkleyDB. These new databases provide m + + pkcs11.txt, which is listing of all of the PKCS #11 modules contained in a new subdirectory in the security databases directory + + + + + Because the SQLite databases are designed to be shared, these are the shared database type. The shared database type is preferred; the legacy format is included for backward compatibility. + +-By default, the tools (certutil, pk12util, modutil) assume that the given security databases follow the more common legacy type. +-Using the SQLite databases must be manually specified by using the sql: prefix with the given security directory. For example: ++By default, the tools (certutil, pk12util, modutil) assume that the given security databases use the SQLite type ++Using the legacy databases must be manually specified by using the dbm: prefix with the given security directory. For example: + +-# signver -A -s signature -d sql:/home/my/sharednssdb ++# signver -A -s signature -d dbm:/home/my/sharednssdb + +-To set the shared database type as the default type for the tools, set the NSS_DEFAULT_DB_TYPE environment variable to sql: +-export NSS_DEFAULT_DB_TYPE="sql" ++To set the legacy database type as the default type for the tools, set the NSS_DEFAULT_DB_TYPE environment variable to dbm: ++export NSS_DEFAULT_DB_TYPE="dbm" + + This line can be added to the ~/.bashrc file to make the change permanent for the user. + +-Most applications do not use the shared database by default, but they can be configured to use them. For example, this how-to article covers how to configure Firefox and Thunderbird to use the new shared NSS databases: + + + + https://wiki.mozilla.org/NSS_Shared_DB_Howto + + + For an engineering draft on the changes in the shared NSS databases, see the NSS project wiki: + diff --git a/nss-3.67.tar.gz b/nss-3.67.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..70a7367fee12732022144b8bb3c190bbba055b67 Binary files /dev/null and b/nss-3.67.tar.gz differ diff --git a/nss-add-ipsec-usage-to-manpage.patch b/nss-add-ipsec-usage-to-manpage.patch deleted file mode 100644 index cedd6a3be6423f75c18864db9af02c9e844f2938..0000000000000000000000000000000000000000 --- a/nss-add-ipsec-usage-to-manpage.patch +++ /dev/null @@ -1,13 +0,0 @@ -diff -up ./nss/doc/certutil.xml.add_ipsec_usage ./nss/doc/certutil.xml ---- ./nss/doc/certutil.xml.add_ipsec_usage 2019-06-05 09:40:37.848895763 -0700 -+++ ./nss/doc/certutil.xml 2019-06-05 09:40:47.079891058 -0700 -@@ -428,6 +428,9 @@ of the attribute codes: - - J (as an object signer) - -+ -+I (as an IPSEC user) -+ - - - diff --git a/nss-disable-dc.patch b/nss-disable-dc.patch new file mode 100644 index 0000000000000000000000000000000000000000..6eae5e4fb4bb3d68943e6498f7b529aa0504aa11 --- /dev/null +++ b/nss-disable-dc.patch @@ -0,0 +1,32 @@ +diff -up ./gtests/ssl_gtest/manifest.mn.orig ./gtests/ssl_gtest/manifest.mn +--- ./gtests/ssl_gtest/manifest.mn.orig 2021-06-02 15:40:48.677355426 -0700 ++++ ./gtests/ssl_gtest/manifest.mn 2021-06-02 15:42:31.248977261 -0700 +@@ -57,7 +57,6 @@ CPPSRCS = \ + tls_filter.cc \ + tls_protect.cc \ + tls_psk_unittest.cc \ +- tls_subcerts_unittest.cc \ + tls_ech_unittest.cc \ + $(SSLKEYLOGFILE_FILES) \ + $(NULL) +diff -up ./lib/ssl/sslsock.c.orig ./lib/ssl/sslsock.c +--- ./lib/ssl/sslsock.c.orig 2021-05-28 02:50:43.000000000 -0700 ++++ ./lib/ssl/sslsock.c 2021-06-02 15:40:48.676355420 -0700 +@@ -819,7 +819,7 @@ SSL_OptionSet(PRFileDesc *fd, PRInt32 wh + break; + + case SSL_ENABLE_DELEGATED_CREDENTIALS: +- ss->opt.enableDelegatedCredentials = val; ++ /* disable it for now */ + break; + + case SSL_ENABLE_NPN: +@@ -1337,7 +1337,7 @@ SSL_OptionSetDefault(PRInt32 which, PRIn + break; + + case SSL_ENABLE_DELEGATED_CREDENTIALS: +- ssl_defaults.enableDelegatedCredentials = val; ++ /* disable it for now */ + break; + + case SSL_ENABLE_NPN: diff --git a/nss-disable-pkcs1-sigalgs-tls13.patch b/nss-disable-pkcs1-sigalgs-tls13.patch deleted file mode 100644 index 1b57e7538b8144ad377a4c57cb0e1025d3aebb12..0000000000000000000000000000000000000000 --- a/nss-disable-pkcs1-sigalgs-tls13.patch +++ /dev/null @@ -1,202 +0,0 @@ -# HG changeset patch -# User Daiki Ueno -# Date 1559031046 -7200 -# Tue May 28 10:10:46 2019 +0200 -# Node ID 0a4e8b72a92e144663c2f35d3836f7828cfc97f2 -# Parent 370a9e85f216f5f4ff277995a997c5c9b23a819f -Bug 1552208, prohibit use of RSASSA-PKCS1-v1_5 algorithms in TLS 1.3, r=mt - -Reviewers: mt - -Reviewed By: mt - -Subscribers: mt, jcj, ueno, rrelyea, HubertKario, KevinJacobs - -Tags: #secure-revision, #bmo-crypto-core-security - -Bug #: 1552208 - -Differential Revision: https://phabricator.services.mozilla.com/D32454 - -diff --git a/gtests/ssl_gtest/ssl_auth_unittest.cc b/gtests/ssl_gtest/ssl_auth_unittest.cc ---- a/gtests/ssl_gtest/ssl_auth_unittest.cc -+++ b/gtests/ssl_gtest/ssl_auth_unittest.cc -@@ -701,6 +701,44 @@ TEST_P(TlsConnectTls12, ClientAuthIncons - ConnectExpectAlert(server_, kTlsAlertIllegalParameter); - } - -+TEST_P(TlsConnectTls13, ClientAuthPkcs1SignatureScheme) { -+ static const SSLSignatureScheme kSignatureScheme[] = { -+ ssl_sig_rsa_pkcs1_sha256, ssl_sig_rsa_pss_rsae_sha256}; -+ -+ Reset(TlsAgent::kServerRsa, "rsa"); -+ client_->SetSignatureSchemes(kSignatureScheme, -+ PR_ARRAY_SIZE(kSignatureScheme)); -+ server_->SetSignatureSchemes(kSignatureScheme, -+ PR_ARRAY_SIZE(kSignatureScheme)); -+ client_->SetupClientAuth(); -+ server_->RequestClientAuth(true); -+ -+ auto capture_cert_verify = MakeTlsFilter( -+ client_, kTlsHandshakeCertificateVerify); -+ capture_cert_verify->EnableDecryption(); -+ -+ Connect(); -+ CheckSigScheme(capture_cert_verify, 0, server_, ssl_sig_rsa_pss_rsae_sha256, -+ 1024); -+} -+ -+TEST_P(TlsConnectTls13, ClientAuthPkcs1SignatureSchemeOnly) { -+ static const SSLSignatureScheme kSignatureScheme[] = { -+ ssl_sig_rsa_pkcs1_sha256}; -+ -+ Reset(TlsAgent::kServerRsa, "rsa"); -+ client_->SetSignatureSchemes(kSignatureScheme, -+ PR_ARRAY_SIZE(kSignatureScheme)); -+ server_->SetSignatureSchemes(kSignatureScheme, -+ PR_ARRAY_SIZE(kSignatureScheme)); -+ client_->SetupClientAuth(); -+ server_->RequestClientAuth(true); -+ -+ ConnectExpectAlert(server_, kTlsAlertHandshakeFailure); -+ server_->CheckErrorCode(SSL_ERROR_UNSUPPORTED_SIGNATURE_ALGORITHM); -+ client_->CheckErrorCode(SSL_ERROR_NO_CYPHER_OVERLAP); -+} -+ - class TlsZeroCertificateRequestSigAlgsFilter : public TlsHandshakeFilter { - public: - TlsZeroCertificateRequestSigAlgsFilter(const std::shared_ptr& a) -@@ -933,7 +971,7 @@ TEST_P(TlsConnectTls13, InconsistentSign - client_->CheckErrorCode(SSL_ERROR_INCORRECT_SIGNATURE_ALGORITHM); - } - --TEST_P(TlsConnectTls12Plus, RequestClientAuthWithSha384) { -+TEST_P(TlsConnectTls12, RequestClientAuthWithSha384) { - server_->SetSignatureSchemes(kSignatureSchemeRsaSha384, - PR_ARRAY_SIZE(kSignatureSchemeRsaSha384)); - server_->RequestClientAuth(false); -@@ -1395,12 +1433,21 @@ TEST_P(TlsSignatureSchemeConfiguration, - INSTANTIATE_TEST_CASE_P( - SignatureSchemeRsa, TlsSignatureSchemeConfiguration, - ::testing::Combine( -- TlsConnectTestBase::kTlsVariantsAll, TlsConnectTestBase::kTlsV12Plus, -+ TlsConnectTestBase::kTlsVariantsAll, TlsConnectTestBase::kTlsV12, - ::testing::Values(TlsAgent::kServerRsaSign), - ::testing::Values(ssl_auth_rsa_sign), - ::testing::Values(ssl_sig_rsa_pkcs1_sha256, ssl_sig_rsa_pkcs1_sha384, - ssl_sig_rsa_pkcs1_sha512, ssl_sig_rsa_pss_rsae_sha256, - ssl_sig_rsa_pss_rsae_sha384))); -+// RSASSA-PKCS1-v1_5 is not allowed to be used in TLS 1.3 -+INSTANTIATE_TEST_CASE_P( -+ SignatureSchemeRsaTls13, TlsSignatureSchemeConfiguration, -+ ::testing::Combine(TlsConnectTestBase::kTlsVariantsAll, -+ TlsConnectTestBase::kTlsV13, -+ ::testing::Values(TlsAgent::kServerRsaSign), -+ ::testing::Values(ssl_auth_rsa_sign), -+ ::testing::Values(ssl_sig_rsa_pss_rsae_sha256, -+ ssl_sig_rsa_pss_rsae_sha384))); - // PSS with SHA-512 needs a bigger key to work. - INSTANTIATE_TEST_CASE_P( - SignatureSchemeBigRsa, TlsSignatureSchemeConfiguration, -diff --git a/gtests/ssl_gtest/ssl_ciphersuite_unittest.cc b/gtests/ssl_gtest/ssl_ciphersuite_unittest.cc ---- a/gtests/ssl_gtest/ssl_ciphersuite_unittest.cc -+++ b/gtests/ssl_gtest/ssl_ciphersuite_unittest.cc -@@ -68,12 +68,6 @@ class TlsCipherSuiteTestBase : public Tl - virtual void SetupCertificate() { - if (version_ >= SSL_LIBRARY_VERSION_TLS_1_3) { - switch (sig_scheme_) { -- case ssl_sig_rsa_pkcs1_sha256: -- case ssl_sig_rsa_pkcs1_sha384: -- case ssl_sig_rsa_pkcs1_sha512: -- Reset(TlsAgent::kServerRsaSign); -- auth_type_ = ssl_auth_rsa_sign; -- break; - case ssl_sig_rsa_pss_rsae_sha256: - case ssl_sig_rsa_pss_rsae_sha384: - Reset(TlsAgent::kServerRsaSign); -@@ -330,6 +324,12 @@ static SSLSignatureScheme kSignatureSche - ssl_sig_rsa_pss_pss_sha256, ssl_sig_rsa_pss_pss_sha384, - ssl_sig_rsa_pss_pss_sha512}; - -+static SSLSignatureScheme kSignatureSchemesParamsArrTls13[] = { -+ ssl_sig_ecdsa_secp256r1_sha256, ssl_sig_ecdsa_secp384r1_sha384, -+ ssl_sig_rsa_pss_rsae_sha256, ssl_sig_rsa_pss_rsae_sha384, -+ ssl_sig_rsa_pss_rsae_sha512, ssl_sig_rsa_pss_pss_sha256, -+ ssl_sig_rsa_pss_pss_sha384, ssl_sig_rsa_pss_pss_sha512}; -+ - INSTANTIATE_CIPHER_TEST_P(RC4, Stream, V10ToV12, kDummyNamedGroupParams, - kDummySignatureSchemesParams, - TLS_RSA_WITH_RC4_128_SHA, -@@ -394,7 +394,7 @@ INSTANTIATE_CIPHER_TEST_P( - #ifndef NSS_DISABLE_TLS_1_3 - INSTANTIATE_CIPHER_TEST_P(TLS13, All, V13, - ::testing::ValuesIn(kFasterDHEGroups), -- ::testing::ValuesIn(kSignatureSchemesParamsArr), -+ ::testing::ValuesIn(kSignatureSchemesParamsArrTls13), - TLS_AES_128_GCM_SHA256, TLS_CHACHA20_POLY1305_SHA256, - TLS_AES_256_GCM_SHA384); - INSTANTIATE_CIPHER_TEST_P(TLS13AllGroups, All, V13, -diff --git a/gtests/ssl_gtest/ssl_extension_unittest.cc b/gtests/ssl_gtest/ssl_extension_unittest.cc ---- a/gtests/ssl_gtest/ssl_extension_unittest.cc -+++ b/gtests/ssl_gtest/ssl_extension_unittest.cc -@@ -436,14 +436,14 @@ TEST_P(TlsExtensionTest12Plus, Signature - } - - TEST_F(TlsExtensionTest13Stream, SignatureAlgorithmsPrecedingGarbage) { -- // 31 unknown signature algorithms followed by sha-256, rsa -+ // 31 unknown signature algorithms followed by sha-256, rsa-pss - const uint8_t val[] = { - 0x00, 0x40, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, -- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x04, 0x01}; -+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x08, 0x04}; - DataBuffer extension(val, sizeof(val)); - MakeTlsFilter(client_, ssl_signature_algorithms_xtn, - extension); -diff --git a/lib/ssl/ssl3con.c b/lib/ssl/ssl3con.c ---- a/lib/ssl/ssl3con.c -+++ b/lib/ssl/ssl3con.c -@@ -64,6 +64,7 @@ static SECStatus ssl3_FlushHandshakeMess - static CK_MECHANISM_TYPE ssl3_GetHashMechanismByHashType(SSLHashType hashType); - static CK_MECHANISM_TYPE ssl3_GetMgfMechanismByHashType(SSLHashType hash); - PRBool ssl_IsRsaPssSignatureScheme(SSLSignatureScheme scheme); -+PRBool ssl_IsRsaPkcs1SignatureScheme(SSLSignatureScheme scheme); - PRBool ssl_IsDsaSignatureScheme(SSLSignatureScheme scheme); - - const PRUint8 ssl_hello_retry_random[] = { -@@ -4101,6 +4102,9 @@ ssl_SignatureSchemeValid(SSLSignatureSch - if (ssl_SignatureSchemeToHashType(scheme) == ssl_hash_sha1) { - return PR_FALSE; - } -+ if (ssl_IsRsaPkcs1SignatureScheme(scheme)) { -+ return PR_FALSE; -+ } - /* With TLS 1.3, EC keys should have been selected based on calling - * ssl_SignatureSchemeFromSpki(), reject them otherwise. */ - return spkiOid != SEC_OID_ANSIX962_EC_PUBLIC_KEY; -@@ -4351,6 +4355,22 @@ ssl_IsRsaPssSignatureScheme(SSLSignature - } - - PRBool -+ssl_IsRsaPkcs1SignatureScheme(SSLSignatureScheme scheme) -+{ -+ switch (scheme) { -+ case ssl_sig_rsa_pkcs1_sha256: -+ case ssl_sig_rsa_pkcs1_sha384: -+ case ssl_sig_rsa_pkcs1_sha512: -+ case ssl_sig_rsa_pkcs1_sha1: -+ return PR_TRUE; -+ -+ default: -+ return PR_FALSE; -+ } -+ return PR_FALSE; -+} -+ -+PRBool - ssl_IsDsaSignatureScheme(SSLSignatureScheme scheme) - { - switch (scheme) { diff --git a/nss-dsa-policy.patch b/nss-dsa-policy.patch deleted file mode 100644 index 5a191ff20814c018ba5db5aa31401441b55d8635..0000000000000000000000000000000000000000 --- a/nss-dsa-policy.patch +++ /dev/null @@ -1,51 +0,0 @@ -diff --git a/lib/certhigh/certvfy.c b/lib/certhigh/certvfy.c ---- a/lib/certhigh/certvfy.c -+++ b/lib/certhigh/certvfy.c -@@ -42,23 +42,16 @@ checkKeyParams(const SECAlgorithmID *sig - { - SECStatus rv; - SECOidTag sigAlg; - SECOidTag curve; - PRUint32 policyFlags = 0; - PRInt32 minLen, len; - - sigAlg = SECOID_GetAlgorithmTag(sigAlgorithm); -- rv = NSS_GetAlgorithmPolicy(sigAlg, &policyFlags); -- if (rv == SECSuccess && -- !(policyFlags & NSS_USE_ALG_IN_CERT_SIGNATURE)) { -- PORT_SetError(SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED); -- return SECFailure; -- } -- - switch (sigAlg) { - case SEC_OID_ANSIX962_ECDSA_SHA1_SIGNATURE: - case SEC_OID_ANSIX962_ECDSA_SHA224_SIGNATURE: - case SEC_OID_ANSIX962_ECDSA_SHA256_SIGNATURE: - case SEC_OID_ANSIX962_ECDSA_SHA384_SIGNATURE: - case SEC_OID_ANSIX962_ECDSA_SHA512_SIGNATURE: - if (key->keyType != ecKey) { - PORT_SetError(SEC_ERROR_INVALID_ALGORITHM); -@@ -126,16 +119,23 @@ checkKeyParams(const SECAlgorithmID *sig - } - - if (len < minLen) { - return SECFailure; - } - - return SECSuccess; - case SEC_OID_ANSIX9_DSA_SIGNATURE: -+ rv = NSS_GetAlgorithmPolicy(sigAlg, &policyFlags); -+ if (rv == SECSuccess && -+ !(policyFlags & NSS_USE_ALG_IN_CERT_SIGNATURE)) { -+ PORT_SetError(SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED); -+ return SECFailure; -+ } -+ /* fall through */ - case SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST: - case SEC_OID_BOGUS_DSA_SIGNATURE_WITH_SHA1_DIGEST: - case SEC_OID_SDN702_DSA_SIGNATURE: - case SEC_OID_NIST_DSA_SIGNATURE_WITH_SHA224_DIGEST: - case SEC_OID_NIST_DSA_SIGNATURE_WITH_SHA256_DIGEST: - if (key->keyType != dsaKey) { - PORT_SetError(SEC_ERROR_INVALID_ALGORITHM); - return SECFailure; diff --git a/nss-fips-disable-tls13.patch b/nss-fips-disable-tls13.patch deleted file mode 100644 index 8b30bbcf61eeafbb4d4b7bb7e5a7e0e5ac88fe12..0000000000000000000000000000000000000000 --- a/nss-fips-disable-tls13.patch +++ /dev/null @@ -1,30 +0,0 @@ -diff --git a/lib/ssl/sslsock.c b/lib/ssl/sslsock.c ---- a/lib/ssl/sslsock.c -+++ b/lib/ssl/sslsock.c -@@ -2382,16 +2382,26 @@ ssl3_CreateOverlapWithPolicy(SSLProtocol - rv = ssl3_GetEffectiveVersionPolicy(protocolVariant, - &effectivePolicyBoundary); - if (rv == SECFailure) { - /* SECFailure means internal failure or invalid configuration. */ - overlap->min = overlap->max = SSL_LIBRARY_VERSION_NONE; - return SECFailure; - } - -+ /* TODO: TLSv1.3 doesn't work yet under FIPS mode */ -+ if (PK11_IsFIPS()) { -+ if (effectivePolicyBoundary.min >= SSL_LIBRARY_VERSION_TLS_1_3) { -+ effectivePolicyBoundary.min = SSL_LIBRARY_VERSION_TLS_1_2; -+ } -+ if (effectivePolicyBoundary.max >= SSL_LIBRARY_VERSION_TLS_1_3) { -+ effectivePolicyBoundary.max = SSL_LIBRARY_VERSION_TLS_1_2; -+ } -+ } -+ - vrange.min = PR_MAX(input->min, effectivePolicyBoundary.min); - vrange.max = PR_MIN(input->max, effectivePolicyBoundary.max); - - if (vrange.max < vrange.min) { - /* there was no overlap, turn off range altogether */ - overlap->min = overlap->max = SSL_LIBRARY_VERSION_NONE; - return SECFailure; - } diff --git a/nss-fix-public-key-from-priv.patch b/nss-fix-public-key-from-priv.patch deleted file mode 100644 index 275bfc7f25b355f1970885e69cc8576fb8fbcfe9..0000000000000000000000000000000000000000 --- a/nss-fix-public-key-from-priv.patch +++ /dev/null @@ -1,299 +0,0 @@ -diff -up ./nss/gtests/pk11_gtest/pk11_import_unittest.cc.pub-priv-mechs ./nss/gtests/pk11_gtest/pk11_import_unittest.cc ---- ./nss/gtests/pk11_gtest/pk11_import_unittest.cc.pub-priv-mechs 2019-05-10 14:14:18.000000000 -0700 -+++ ./nss/gtests/pk11_gtest/pk11_import_unittest.cc 2019-06-05 12:01:13.728544204 -0700 -@@ -78,17 +78,40 @@ class Pk11KeyImportTestBase : public ::t - CK_MECHANISM_TYPE mech_; - - private: -+ SECItem GetPublicComponent(ScopedSECKEYPublicKey& pub_key) { -+ SECItem null = { siBuffer, NULL, 0}; -+ switch(SECKEY_GetPublicKeyType(pub_key.get())) { -+ case rsaKey: -+ case rsaPssKey: -+ case rsaOaepKey: -+ return pub_key->u.rsa.modulus; -+ case keaKey: -+ return pub_key->u.kea.publicValue; -+ case dsaKey: -+ return pub_key->u.dsa.publicValue; -+ case dhKey: -+ return pub_key->u.dh.publicValue; -+ case ecKey: -+ return pub_key->u.ec.publicValue; -+ case fortezzaKey: /* depricated */ -+ case nullKey: -+ /* didn't use default here so we can catch new key types at compile time */ -+ break; -+ } -+ return null; -+ } - void CheckForPublicKey(const ScopedSECKEYPrivateKey& priv_key, - const SECItem* expected_public) { - // Verify the public key exists. - StackSECItem priv_id; -+ KeyType type = SECKEY_GetPrivateKeyType(priv_key.get()); - SECStatus rv = PK11_ReadRawAttribute(PK11_TypePrivKey, priv_key.get(), - CKA_ID, &priv_id); - ASSERT_EQ(SECSuccess, rv) << "Couldn't read CKA_ID from private key: " - << PORT_ErrorToName(PORT_GetError()); - - CK_ATTRIBUTE_TYPE value_type = CKA_VALUE; -- switch (SECKEY_GetPrivateKeyType(priv_key.get())) { -+ switch (type) { - case rsaKey: - value_type = CKA_MODULUS; - break; -@@ -106,6 +129,8 @@ class Pk11KeyImportTestBase : public ::t - FAIL() << "unknown key type"; - } - -+ // Scan public key objects until we find one with the same CKA_ID as -+ // priv_key - std::unique_ptr objs( - PK11_FindGenericObjects(slot_.get(), CKO_PUBLIC_KEY)); - ASSERT_NE(nullptr, objs); -@@ -128,20 +153,46 @@ class Pk11KeyImportTestBase : public ::t - ASSERT_EQ(1U, token.len); - ASSERT_NE(0, token.data[0]); - -- StackSECItem value; -- rv = PK11_ReadRawAttribute(PK11_TypeGeneric, obj, value_type, &value); -+ StackSECItem raw_value; -+ SECItem decoded_value; -+ rv = PK11_ReadRawAttribute(PK11_TypeGeneric, obj, value_type, &raw_value); - ASSERT_EQ(SECSuccess, rv); -+ SECItem value = raw_value; - -+ // Decode the EC_POINT and check the output against expected. - // CKA_EC_POINT isn't stable, see Bug 1520649. -+ ScopedPLArenaPool arena(PORT_NewArena(DER_DEFAULT_CHUNKSIZE)); -+ ASSERT_TRUE(arena); - if (value_type == CKA_EC_POINT) { -- continue; -- } - -+ // If this fails due to the noted inconsistency, we may need to -+ // check the whole raw_value, or remove a leading UNCOMPRESSED_POINT tag -+ rv = SEC_QuickDERDecodeItem(arena.get(), &decoded_value, -+ SEC_ASN1_GET(SEC_OctetStringTemplate), -+ &raw_value); -+ ASSERT_EQ(SECSuccess, rv); -+ value = decoded_value; -+ } - ASSERT_TRUE(SECITEM_ItemsAreEqual(expected_public, &value)) - << "expected: " - << DataBuffer(expected_public->data, expected_public->len) - << std::endl - << "actual: " << DataBuffer(value.data, value.len) << std::endl; -+ -+ // Finally, convert the private to public and ensure it matches. -+ ScopedSECKEYPublicKey pub_key( -+ SECKEY_ConvertToPublicKey(priv_key.get())); -+ ASSERT_TRUE(pub_key); -+ SECItem converted_public = GetPublicComponent(pub_key); -+ ASSERT_TRUE(converted_public.len != 0); -+ -+ ASSERT_TRUE(SECITEM_ItemsAreEqual(expected_public, &converted_public)) -+ << "expected: " -+ << DataBuffer(expected_public->data, expected_public->len) -+ << std::endl -+ << "actual: " -+ << DataBuffer(converted_public.data, converted_public.len) -+ << std::endl; - } - } - -diff -up ./nss/lib/cryptohi/seckey.c.pub-priv-mechs ./nss/lib/cryptohi/seckey.c ---- ./nss/lib/cryptohi/seckey.c.pub-priv-mechs 2019-05-10 14:14:18.000000000 -0700 -+++ ./nss/lib/cryptohi/seckey.c 2019-06-05 12:01:13.729544204 -0700 -@@ -1206,6 +1206,37 @@ SECKEY_CopyPublicKey(const SECKEYPublicK - return NULL; - } - -+/* -+ * Use the private key to find a public key handle. The handle will be on -+ * the same slot as the private key. -+ */ -+static CK_OBJECT_HANDLE -+seckey_FindPublicKeyHandle(SECKEYPrivateKey *privk, SECKEYPublicKey *pubk) -+{ -+ CK_OBJECT_HANDLE keyID; -+ -+ /* this helper function is only used below. If we want to make this more -+ * general, we would need to free up any already cached handles if the -+ * slot doesn't match up with the private key slot */ -+ PORT_Assert(pubk->pkcs11ID == CK_INVALID_HANDLE); -+ -+ /* first look for a matching public key */ -+ keyID = PK11_MatchItem(privk->pkcs11Slot, privk->pkcs11ID, CKO_PUBLIC_KEY); -+ if (keyID != CK_INVALID_HANDLE) { -+ return keyID; -+ } -+ -+ /* none found, create a temp one, make the pubk the owner */ -+ pubk->pkcs11ID = PK11_DerivePubKeyFromPrivKey(privk); -+ if (pubk->pkcs11ID == CK_INVALID_HANDLE) { -+ /* end of the road. Token doesn't have matching public key, nor can -+ * token regenerate a new public key from and existing private key. */ -+ return CK_INVALID_HANDLE; -+ } -+ pubk->pkcs11Slot = PK11_ReferenceSlot(privk->pkcs11Slot); -+ return pubk->pkcs11ID; -+} -+ - SECKEYPublicKey * - SECKEY_ConvertToPublicKey(SECKEYPrivateKey *privk) - { -@@ -1213,6 +1244,8 @@ SECKEY_ConvertToPublicKey(SECKEYPrivateK - PLArenaPool *arena; - CERTCertificate *cert; - SECStatus rv; -+ CK_OBJECT_HANDLE pubKeyHandle; -+ SECItem decodedPoint; - - /* - * First try to look up the cert. -@@ -1243,11 +1276,47 @@ SECKEY_ConvertToPublicKey(SECKEYPrivateK - - switch (privk->keyType) { - case nullKey: -- case dhKey: -- case dsaKey: - /* Nothing to query, if the cert isn't there, we're done -- no way - * to get the public key */ - break; -+ case dsaKey: -+ pubKeyHandle = seckey_FindPublicKeyHandle(privk, pubk); -+ if (pubKeyHandle == CK_INVALID_HANDLE) -+ break; -+ rv = PK11_ReadAttribute(privk->pkcs11Slot, pubKeyHandle, -+ CKA_BASE, arena, &pubk->u.dsa.params.base); -+ if (rv != SECSuccess) -+ break; -+ rv = PK11_ReadAttribute(privk->pkcs11Slot, pubKeyHandle, -+ CKA_PRIME, arena, &pubk->u.dsa.params.prime); -+ if (rv != SECSuccess) -+ break; -+ rv = PK11_ReadAttribute(privk->pkcs11Slot, pubKeyHandle, -+ CKA_SUBPRIME, arena, &pubk->u.dsa.params.subPrime); -+ if (rv != SECSuccess) -+ break; -+ rv = PK11_ReadAttribute(privk->pkcs11Slot, pubKeyHandle, -+ CKA_VALUE, arena, &pubk->u.dsa.publicValue); -+ if (rv != SECSuccess) -+ break; -+ return pubk; -+ case dhKey: -+ pubKeyHandle = seckey_FindPublicKeyHandle(privk, pubk); -+ if (pubKeyHandle == CK_INVALID_HANDLE) -+ break; -+ rv = PK11_ReadAttribute(privk->pkcs11Slot, pubKeyHandle, -+ CKA_BASE, arena, &pubk->u.dh.base); -+ if (rv != SECSuccess) -+ break; -+ rv = PK11_ReadAttribute(privk->pkcs11Slot, pubKeyHandle, -+ CKA_PRIME, arena, &pubk->u.dh.prime); -+ if (rv != SECSuccess) -+ break; -+ rv = PK11_ReadAttribute(privk->pkcs11Slot, pubKeyHandle, -+ CKA_VALUE, arena, &pubk->u.dh.publicValue); -+ if (rv != SECSuccess) -+ break; -+ return pubk; - case rsaKey: - rv = PK11_ReadAttribute(privk->pkcs11Slot, privk->pkcs11ID, - CKA_MODULUS, arena, &pubk->u.rsa.modulus); -@@ -1258,7 +1327,6 @@ SECKEY_ConvertToPublicKey(SECKEYPrivateK - if (rv != SECSuccess) - break; - return pubk; -- break; - case ecKey: - rv = PK11_ReadAttribute(privk->pkcs11Slot, privk->pkcs11ID, - CKA_EC_PARAMS, arena, &pubk->u.ec.DEREncodedParams); -@@ -1268,7 +1336,23 @@ SECKEY_ConvertToPublicKey(SECKEYPrivateK - rv = PK11_ReadAttribute(privk->pkcs11Slot, privk->pkcs11ID, - CKA_EC_POINT, arena, &pubk->u.ec.publicValue); - if (rv != SECSuccess || pubk->u.ec.publicValue.len == 0) { -- break; -+ pubKeyHandle = seckey_FindPublicKeyHandle(privk, pubk); -+ if (pubKeyHandle == CK_INVALID_HANDLE) -+ break; -+ rv = PK11_ReadAttribute(privk->pkcs11Slot, pubKeyHandle, -+ CKA_EC_POINT, arena, &pubk->u.ec.publicValue); -+ if (rv != SECSuccess) -+ break; -+ } -+ /* ec.publicValue should be decoded, PKCS #11 defines CKA_EC_POINT -+ * as encoded, but it's not always. try do decoded it and if it -+ * succeeds store the decoded value */ -+ rv = SEC_QuickDERDecodeItem(arena, &decodedPoint, -+ SEC_ASN1_GET(SEC_OctetStringTemplate), &pubk->u.ec.publicValue); -+ if (rv == SECSuccess) { -+ /* both values are in the public key arena, so it's safe to -+ * overwrite the old value */ -+ pubk->u.ec.publicValue = decodedPoint; - } - pubk->u.ec.encoding = ECPoint_Undefined; - return pubk; -@@ -1276,7 +1360,9 @@ SECKEY_ConvertToPublicKey(SECKEYPrivateK - break; - } - -- PORT_FreeArena(arena, PR_FALSE); -+ /* must use Destroy public key here, because some paths create temporary -+ * PKCS #11 objects which need to be freed */ -+ SECKEY_DestroyPublicKey(pubk); - return NULL; - } - -diff -up ./nss/lib/pk11wrap/pk11priv.h.pub-priv-mechs ./nss/lib/pk11wrap/pk11priv.h ---- ./nss/lib/pk11wrap/pk11priv.h.pub-priv-mechs 2019-05-10 14:14:18.000000000 -0700 -+++ ./nss/lib/pk11wrap/pk11priv.h 2019-06-05 12:01:13.729544204 -0700 -@@ -111,6 +111,7 @@ CK_OBJECT_HANDLE PK11_FindObjectForCert( - PK11SymKey *pk11_CopyToSlot(PK11SlotInfo *slot, CK_MECHANISM_TYPE type, - CK_ATTRIBUTE_TYPE operation, PK11SymKey *symKey); - unsigned int pk11_GetPredefinedKeyLength(CK_KEY_TYPE keyType); -+CK_OBJECT_HANDLE PK11_DerivePubKeyFromPrivKey(SECKEYPrivateKey *privKey); - - /********************************************************************** - * Certs -diff -up ./nss/lib/pk11wrap/pk11skey.c.pub-priv-mechs ./nss/lib/pk11wrap/pk11skey.c ---- ./nss/lib/pk11wrap/pk11skey.c.pub-priv-mechs 2019-05-10 14:14:18.000000000 -0700 -+++ ./nss/lib/pk11wrap/pk11skey.c 2019-06-05 12:01:13.730544203 -0700 -@@ -1840,6 +1840,35 @@ loser: - } - - /* -+ * This regenerate a public key from a private key. This function is currently -+ * NSS private. If we want to make it public, we need to add and optional -+ * template or at least flags (a.la. PK11_DeriveWithFlags). -+ */ -+CK_OBJECT_HANDLE -+PK11_DerivePubKeyFromPrivKey(SECKEYPrivateKey *privKey) -+{ -+ PK11SlotInfo *slot = privKey->pkcs11Slot; -+ CK_MECHANISM mechanism; -+ CK_OBJECT_HANDLE objectID = CK_INVALID_HANDLE; -+ CK_RV crv; -+ -+ mechanism.mechanism = CKM_NSS_PUB_FROM_PRIV; -+ mechanism.pParameter = NULL; -+ mechanism.ulParameterLen = 0; -+ -+ PK11_EnterSlotMonitor(slot); -+ crv = PK11_GETTAB(slot)->C_DeriveKey(slot->session, &mechanism, -+ privKey->pkcs11ID, NULL, 0, -+ &objectID); -+ PK11_ExitSlotMonitor(slot); -+ if (crv != CKR_OK) { -+ PORT_SetError(PK11_MapError(crv)); -+ return CK_INVALID_HANDLE; -+ } -+ return objectID; -+} -+ -+/* - * This Generates a wrapping key based on a privateKey, publicKey, and two - * random numbers. For Mail usage RandomB should be NULL. In the Sender's - * case RandomA is generate, outherwize it is passed. diff --git a/nss-post-handshake-auth-with-tickets.patch b/nss-post-handshake-auth-with-tickets.patch deleted file mode 100644 index ac51f07cd8ef2f5704c205284099a8f351b64e19..0000000000000000000000000000000000000000 --- a/nss-post-handshake-auth-with-tickets.patch +++ /dev/null @@ -1,96 +0,0 @@ -# HG changeset patch -# User Daiki Ueno -# Date 1559121620 -7200 -# Wed May 29 11:20:20 2019 +0200 -# Node ID 29a48b604602a523defd6f9322a5adeca7e284a5 -# Parent 43a7fb4f994a31222c308113b0fccdd5480d5b8e -Bug 1553443, send session ticket only after handshake is marked as finished - -Reviewers: mt - -Reviewed By: mt - -Bug #: 1553443 - -Differential Revision: https://phabricator.services.mozilla.com/D32128 - -diff --git a/gtests/ssl_gtest/ssl_auth_unittest.cc b/gtests/ssl_gtest/ssl_auth_unittest.cc ---- a/gtests/ssl_gtest/ssl_auth_unittest.cc -+++ b/gtests/ssl_gtest/ssl_auth_unittest.cc -@@ -537,6 +537,40 @@ TEST_F(TlsConnectStreamTls13, PostHandsh - capture_cert_req->buffer().len())); - } - -+// Check if post-handshake auth still works when session tickets are enabled: -+// https://bugzilla.mozilla.org/show_bug.cgi?id=1553443 -+TEST_F(TlsConnectStreamTls13, PostHandshakeAuthWithSessionTicketsEnabled) { -+ EnsureTlsSetup(); -+ client_->SetupClientAuth(); -+ EXPECT_EQ(SECSuccess, SSL_OptionSet(client_->ssl_fd(), -+ SSL_ENABLE_POST_HANDSHAKE_AUTH, PR_TRUE)); -+ EXPECT_EQ(SECSuccess, SSL_OptionSet(client_->ssl_fd(), -+ SSL_ENABLE_SESSION_TICKETS, PR_TRUE)); -+ EXPECT_EQ(SECSuccess, SSL_OptionSet(server_->ssl_fd(), -+ SSL_ENABLE_SESSION_TICKETS, PR_TRUE)); -+ size_t called = 0; -+ server_->SetAuthCertificateCallback( -+ [&called](TlsAgent*, PRBool, PRBool) -> SECStatus { -+ called++; -+ return SECSuccess; -+ }); -+ Connect(); -+ EXPECT_EQ(0U, called); -+ // Send CertificateRequest. -+ EXPECT_EQ(SECSuccess, SSL_GetClientAuthDataHook( -+ client_->ssl_fd(), GetClientAuthDataHook, nullptr)); -+ EXPECT_EQ(SECSuccess, SSL_SendCertificateRequest(server_->ssl_fd())) -+ << "Unexpected error: " << PORT_ErrorToName(PORT_GetError()); -+ server_->SendData(50); -+ client_->ReadBytes(50); -+ client_->SendData(50); -+ server_->ReadBytes(50); -+ EXPECT_EQ(1U, called); -+ ScopedCERTCertificate cert1(SSL_PeerCertificate(server_->ssl_fd())); -+ ScopedCERTCertificate cert2(SSL_LocalCertificate(client_->ssl_fd())); -+ EXPECT_TRUE(SECITEM_ItemsAreEqual(&cert1->derCert, &cert2->derCert)); -+} -+ - // In TLS 1.3, the client sends its cert rejection on the - // second flight, and since it has already received the - // server's Finished, it transitions to complete and -diff --git a/lib/ssl/tls13con.c b/lib/ssl/tls13con.c ---- a/lib/ssl/tls13con.c -+++ b/lib/ssl/tls13con.c -@@ -4561,6 +4561,11 @@ tls13_ServerHandleFinished(sslSocket *ss - return SECFailure; - } - -+ rv = tls13_FinishHandshake(ss); -+ if (rv != SECSuccess) { -+ return SECFailure; -+ } -+ - ssl_GetXmitBufLock(ss); - if (ss->opt.enableSessionTickets) { - rv = tls13_SendNewSessionTicket(ss, NULL, 0); -@@ -4573,8 +4578,7 @@ tls13_ServerHandleFinished(sslSocket *ss - } - } - ssl_ReleaseXmitBufLock(ss); -- -- return tls13_FinishHandshake(ss); -+ return SECSuccess; - - loser: - ssl_ReleaseXmitBufLock(ss); -diff --git a/tests/ssl/sslauth.txt b/tests/ssl/sslauth.txt ---- a/tests/ssl/sslauth.txt -+++ b/tests/ssl/sslauth.txt -@@ -42,6 +42,7 @@ - noECC 0 -r_-r_-r_-r_-E -V_tls1.3:tls1.3_-E_-n_TestUser_-w_nss TLS 1.3 Require client auth on post hs (client auth) - noECC 0 -r_-r_-r_-E -V_tls1.3:tls1.3_-E_-n_none_-w_nss TLS 1.3 Request don't require client auth on post hs (client does not provide auth) - noECC 1 -r_-r_-r_-r_-E -V_tls1.3:tls1.3_-E_-n_none_-w_nss TLS 1.3 Require client auth on post hs (client does not provide auth) -+ noECC 0 -r_-r_-r_-E_-u -V_tls1.3:tls1.3_-E_-n_TestUser_-w_nss TLS 1.3 Request don't require client auth on post hs with session ticket (client auth) - # - # Use EC cert for client authentication - # diff --git a/nss-reorder-cipher-suites-gtests.patch b/nss-reorder-cipher-suites-gtests.patch index 73b049fa46df70367a50791e847ca4160d03d3a5..fbedd09395f5174b1b04c07302fd8bfd6615aeda 100644 --- a/nss-reorder-cipher-suites-gtests.patch +++ b/nss-reorder-cipher-suites-gtests.patch @@ -1,7 +1,7 @@ -diff -up nss/gtests/ssl_gtest/ssl_auth_unittest.cc.reorder-cipher-suites-gtests nss/gtests/ssl_gtest/ssl_auth_unittest.cc ---- nss/gtests/ssl_gtest/ssl_auth_unittest.cc.reorder-cipher-suites-gtests 2019-03-16 01:25:08.000000000 +0100 -+++ nss/gtests/ssl_gtest/ssl_auth_unittest.cc 2019-03-22 11:25:50.523173253 +0100 -@@ -728,7 +728,9 @@ static SSLNamedGroup NamedGroupForEcdsa3 +diff -up ./gtests/ssl_gtest/ssl_auth_unittest.cc.reorder-cipher-suites-gtests ./gtests/ssl_gtest/ssl_auth_unittest.cc +--- ./gtests/ssl_gtest/ssl_auth_unittest.cc.reorder-cipher-suites-gtests 2021-05-28 02:50:43.000000000 -0700 ++++ ./gtests/ssl_gtest/ssl_auth_unittest.cc 2021-06-03 17:01:27.530383629 -0700 +@@ -1036,7 +1036,9 @@ static SSLNamedGroup NamedGroupForEcdsa3 // NSS tries to match the group size to the symmetric cipher. In TLS 1.1 and // 1.0, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is the highest priority suite, so // we use P-384. With TLS 1.2 on we pick AES-128 GCM so use x25519. @@ -12,14 +12,22 @@ diff -up nss/gtests/ssl_gtest/ssl_auth_unittest.cc.reorder-cipher-suites-gtests return ssl_grp_ec_secp384r1; } return ssl_grp_ec_curve25519; -@@ -1377,20 +1379,24 @@ INSTANTIATE_TEST_CASE_P( +@@ -1831,27 +1833,31 @@ INSTANTIATE_TEST_SUITE_P( + ::testing::Values(TlsAgent::kServerRsa), + ::testing::Values(ssl_auth_rsa_sign), + ::testing::Values(ssl_sig_rsa_pkcs1_sha1))); ++// FIXME: In RHEL, we assign TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 ++// a higher priority than AES-128 GCM, and that causes the following ++// 4 TLS 1.2 tests to fail. + INSTANTIATE_TEST_SUITE_P( + SignatureSchemeEcdsaP256, TlsSignatureSchemeConfiguration, + ::testing::Combine(TlsConnectTestBase::kTlsVariantsAll, +- TlsConnectTestBase::kTlsV12Plus, ++ TlsConnectTestBase::kTlsV13, ::testing::Values(TlsAgent::kServerEcdsa256), ::testing::Values(ssl_auth_ecdsa), ::testing::Values(ssl_sig_ecdsa_secp256r1_sha256))); -+ // FIXME: In RHEL, we assign TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 -+ // a higher priority than AES-128 GCM, and that causes the following -+ // 3 TLS 1.2 tests to fail. - INSTANTIATE_TEST_CASE_P( + INSTANTIATE_TEST_SUITE_P( SignatureSchemeEcdsaP384, TlsSignatureSchemeConfiguration, ::testing::Combine(TlsConnectTestBase::kTlsVariantsAll, - TlsConnectTestBase::kTlsV12Plus, @@ -27,7 +35,7 @@ diff -up nss/gtests/ssl_gtest/ssl_auth_unittest.cc.reorder-cipher-suites-gtests ::testing::Values(TlsAgent::kServerEcdsa384), ::testing::Values(ssl_auth_ecdsa), ::testing::Values(ssl_sig_ecdsa_secp384r1_sha384))); - INSTANTIATE_TEST_CASE_P( + INSTANTIATE_TEST_SUITE_P( SignatureSchemeEcdsaP521, TlsSignatureSchemeConfiguration, ::testing::Combine(TlsConnectTestBase::kTlsVariantsAll, - TlsConnectTestBase::kTlsV12Plus, @@ -36,19 +44,19 @@ diff -up nss/gtests/ssl_gtest/ssl_auth_unittest.cc.reorder-cipher-suites-gtests ::testing::Values(ssl_auth_ecdsa), ::testing::Values(ssl_sig_ecdsa_secp521r1_sha512))); +#if 0 - INSTANTIATE_TEST_CASE_P( + INSTANTIATE_TEST_SUITE_P( SignatureSchemeEcdsaSha1, TlsSignatureSchemeConfiguration, ::testing::Combine(TlsConnectTestBase::kTlsVariantsAll, -@@ -1399,4 +1405,5 @@ INSTANTIATE_TEST_CASE_P( +@@ -1860,4 +1866,5 @@ INSTANTIATE_TEST_SUITE_P( TlsAgent::kServerEcdsa384), ::testing::Values(ssl_auth_ecdsa), ::testing::Values(ssl_sig_ecdsa_sha1))); +#endif } // namespace nss_test -diff -up nss/gtests/ssl_gtest/ssl_recordsize_unittest.cc.reorder-cipher-suites-gtests nss/gtests/ssl_gtest/ssl_recordsize_unittest.cc ---- nss/gtests/ssl_gtest/ssl_recordsize_unittest.cc.reorder-cipher-suites-gtests 2019-03-16 01:25:08.000000000 +0100 -+++ nss/gtests/ssl_gtest/ssl_recordsize_unittest.cc 2019-03-22 11:25:50.523173253 +0100 -@@ -71,11 +71,13 @@ void CheckRecordSizes(const std::shared_ +diff -up ./gtests/ssl_gtest/ssl_recordsize_unittest.cc.reorder-cipher-suites-gtests ./gtests/ssl_gtest/ssl_recordsize_unittest.cc +--- ./gtests/ssl_gtest/ssl_recordsize_unittest.cc.reorder-cipher-suites-gtests 2021-05-28 02:50:43.000000000 -0700 ++++ ./gtests/ssl_gtest/ssl_recordsize_unittest.cc 2021-06-03 16:47:23.130301387 -0700 +@@ -72,11 +72,13 @@ void CheckRecordSizes(const std::shared_ break; case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: @@ -62,9 +70,9 @@ diff -up nss/gtests/ssl_gtest/ssl_recordsize_unittest.cc.reorder-cipher-suites-g // Expansion is 20 for the MAC. Maximum block padding is 16. Maximum // padding is added when the input plus the MAC is an exact multiple of // the block size. -diff -up nss/gtests/ssl_gtest/ssl_staticrsa_unittest.cc.reorder-cipher-suites-gtests nss/gtests/ssl_gtest/ssl_staticrsa_unittest.cc ---- nss/gtests/ssl_gtest/ssl_staticrsa_unittest.cc.reorder-cipher-suites-gtests 2019-03-16 01:25:08.000000000 +0100 -+++ nss/gtests/ssl_gtest/ssl_staticrsa_unittest.cc 2019-03-22 11:29:30.452433420 +0100 +diff -up ./gtests/ssl_gtest/ssl_staticrsa_unittest.cc.reorder-cipher-suites-gtests ./gtests/ssl_gtest/ssl_staticrsa_unittest.cc +--- ./gtests/ssl_gtest/ssl_staticrsa_unittest.cc.reorder-cipher-suites-gtests 2021-05-28 02:50:43.000000000 -0700 ++++ ./gtests/ssl_gtest/ssl_staticrsa_unittest.cc 2021-06-03 16:47:23.130301387 -0700 @@ -133,7 +133,19 @@ TEST_P(TlsConnectGenericPre13, TooLargeR TEST_P(TlsConnectGeneric, ServerAuthBiggestRsa) { Reset(TlsAgent::kRsa8192); @@ -86,10 +94,10 @@ diff -up nss/gtests/ssl_gtest/ssl_staticrsa_unittest.cc.reorder-cipher-suites-gt } } // namespace nss_test -diff -up nss/gtests/ssl_gtest/tls_agent.cc.reorder-cipher-suites-gtests nss/gtests/ssl_gtest/tls_agent.cc ---- nss/gtests/ssl_gtest/tls_agent.cc.reorder-cipher-suites-gtests 2019-03-22 11:28:19.936944328 +0100 -+++ nss/gtests/ssl_gtest/tls_agent.cc 2019-03-22 11:29:58.712828287 +0100 -@@ -532,6 +532,9 @@ void TlsAgent::CheckKEA(SSLKEAType kea, +diff -up ./gtests/ssl_gtest/tls_agent.cc.reorder-cipher-suites-gtests ./gtests/ssl_gtest/tls_agent.cc +--- ./gtests/ssl_gtest/tls_agent.cc.reorder-cipher-suites-gtests 2021-05-28 02:50:43.000000000 -0700 ++++ ./gtests/ssl_gtest/tls_agent.cc 2021-06-03 16:47:23.130301387 -0700 +@@ -603,6 +603,9 @@ void TlsAgent::CheckKEA(SSLKEAType kea, case ssl_grp_ec_secp384r1: kea_size = 384; break; diff --git a/nss-skip-bltest-and-fipstest.patch b/nss-skip-bltest-and-fipstest.patch index 7d55d10c70abfe2564bbed0a0ecd1f8677342762..1045573334d4f4d55c5cbc4ca102242ac2394bef 100644 --- a/nss-skip-bltest-and-fipstest.patch +++ b/nss-skip-bltest-and-fipstest.patch @@ -1,6 +1,6 @@ -diff -up nss/cmd/Makefile.skipthem nss/cmd/Makefile ---- nss/cmd/Makefile.skipthem 2017-01-13 16:41:04.117486801 +0100 -+++ nss/cmd/Makefile 2017-01-13 16:42:31.396335957 +0100 +diff -up ./cmd/Makefile.skipthem ./cmd/Makefile +--- ./cmd/Makefile.skipthem 2021-05-28 02:50:43.000000000 -0700 ++++ ./cmd/Makefile 2021-06-03 15:16:36.015186252 -0700 @@ -19,7 +19,11 @@ BLTEST_SRCDIR = ECPERF_SRCDIR = FREEBL_ECTEST_SRCDIR = @@ -13,3 +13,14 @@ diff -up nss/cmd/Makefile.skipthem nss/cmd/Makefile else BLTEST_SRCDIR = bltest ECPERF_SRCDIR = ecperf +diff -up ./cmd/shlibsign/Makefile.skipthem ./cmd/shlibsign/Makefile +--- ./cmd/shlibsign/Makefile.skipthem 2021-06-03 15:16:36.015186252 -0700 ++++ ./cmd/shlibsign/Makefile 2021-06-03 15:18:49.494720335 -0700 +@@ -95,7 +95,3 @@ else + endif + endif + +-libs: install +-ifdef CHECKLOC +- $(MAKE) $(CHECKLOC) +-endif diff --git a/nss-skip-cavs-tests.patch b/nss-skip-cavs-tests.patch new file mode 100644 index 0000000000000000000000000000000000000000..2ce36226fe47ce4a4bd217e751bf51b64556e3f5 --- /dev/null +++ b/nss-skip-cavs-tests.patch @@ -0,0 +1,11 @@ +diff -up nss/tests/fips/fips.sh.skip-cavs nss/tests/fips/fips.sh +--- nss/tests/fips/fips.sh.skip-cavs 2020-07-29 08:38:23.930846917 +0200 ++++ nss/tests/fips/fips.sh 2020-07-29 08:38:30.001805500 +0200 +@@ -318,6 +318,6 @@ fips_cleanup() + + fips_init + fips_140 +-fips_cavs ++#fips_cavs + fips_cleanup + echo "fips.sh done" diff --git a/nss-skip-sysinit-gtests.patch b/nss-skip-sysinit-gtests.patch index 4c3ea2982eac0522dab2d9c56f973ee4f5a54778..ca0e3d6bd5e3aba92a34f6acf225907702af13cd 100644 --- a/nss-skip-sysinit-gtests.patch +++ b/nss-skip-sysinit-gtests.patch @@ -1,11 +1,11 @@ diff -up nss/gtests/manifest.mn.skip-sysinit-gtests nss/gtests/manifest.mn ---- nss/gtests/manifest.mn.skip-sysinit-gtests 2019-04-26 12:55:05.979302035 +0200 -+++ nss/gtests/manifest.mn 2019-04-26 12:55:09.507228984 +0200 -@@ -27,7 +27,6 @@ NSS_SRCDIRS = \ +--- nss/gtests/manifest.mn.skip-sysinit-gtests 2020-07-22 17:52:34.117219907 +0200 ++++ nss/gtests/manifest.mn 2020-07-22 17:53:10.196957474 +0200 +@@ -31,7 +31,6 @@ NSS_SRCDIRS = \ smime_gtest \ softoken_gtest \ ssl_gtest \ - $(SYSINIT_GTEST) \ nss_bogo_shim \ + pkcs11testmodule \ $(NULL) - endif diff --git a/nss-skip-tls13-fips-tests.sh b/nss-skip-tls13-fips-tests.sh deleted file mode 100644 index 2d4ff9ca1deb5c0e4e675e0677e1c52cbe680e14..0000000000000000000000000000000000000000 --- a/nss-skip-tls13-fips-tests.sh +++ /dev/null @@ -1,16 +0,0 @@ -diff -up nss/tests/ssl/ssl.sh.skip-tls13-fips-mode nss/tests/ssl/ssl.sh ---- nss/tests/ssl/ssl.sh.skip-tls13-fips-mode 2019-05-16 10:52:35.926904215 +0200 -+++ nss/tests/ssl/ssl.sh 2019-05-16 10:53:05.953281239 +0200 -@@ -412,6 +412,12 @@ ssl_auth() - echo "${testname}" | grep "TLS 1.3" > /dev/null - TLS13=$? - -+ if [ "${TLS13}" -eq 0 ] && \ -+ [ "$SERVER_MODE" = "fips" -o "$CLIENT_MODE" = "fips" ] ; then -+ echo "$SCRIPTNAME: skipping $testname (non-FIPS only)" -+ continue -+ fi -+ - if [ "${CLIENT_MODE}" = "fips" -a "${CAUTH}" -eq 0 ] ; then - echo "$SCRIPTNAME: skipping $testname (non-FIPS only)" - elif [ "$ectype" = "SNI" -a "$NORM_EXT" = "Extended Test" ] ; then diff --git a/nss-sql-default-tests.patch b/nss-sql-default-tests.patch new file mode 100644 index 0000000000000000000000000000000000000000..6aabecd4a68cd82adf0e12a20cc2f7281b34c70d --- /dev/null +++ b/nss-sql-default-tests.patch @@ -0,0 +1,70 @@ +diff -up ./tests/all.sh.sql-default-tests ./tests/all.sh +--- ./tests/all.sh.sql-default-tests 2021-06-03 15:44:45.759708770 -0700 ++++ ./tests/all.sh 2021-06-03 15:50:12.649678081 -0700 +@@ -51,10 +51,10 @@ + # pkix - run test suites with PKIX enabled + # upgradedb - upgrade existing certificate databases to shareable + # format (creates them if doesn't exist yet) and run +-# test suites with those databases. Requires to enable libdm. ++# test suites with those databases. + # sharedb - run test suites with shareable database format + # enabled (databases are created directly to this +-# format). This is the default and doesn't need to be run separately. ++# format). + # threadunsafe - run test suites with thread unsafe environment variable + # so simulate running NSS locking for PKCS #11 modules which + # are not thread safe. +@@ -137,7 +137,7 @@ run_tests() + } + + ########################## run_cycle_standard ########################## +-# run test suites with sql database (no PKIX) ++# run test suites with dbm database (no PKIX, no sharedb) + ######################################################################## + run_cycle_standard() + { +@@ -146,7 +146,7 @@ run_cycle_standard() + TESTS="${ALL_TESTS}" + TESTS_SKIP="libpkix pkits" + +- NSS_DEFAULT_DB_TYPE=${NSS_DEFAULT_DB_TYPE:-"sql"} ++ NSS_DEFAULT_DB_TYPE=dbm + export NSS_DEFAULT_DB_TYPE + + run_tests +@@ -323,7 +323,7 @@ if [ -z "${INIT_SOURCED}" -o "${INIT_SOU + . ./init.sh + fi + +-cycles="standard pkix threadunsafe" ++cycles="standard pkix upgradedb sharedb threadunsafe" + CYCLES=${NSS_CYCLES:-$cycles} + + NO_INIT_SUPPORT=`certutil --build-flags |grep -cw NSS_NO_INIT_SUPPORT` +diff -up ./tests/common/init.sh.sql-default-tests ./tests/common/init.sh +--- ./tests/common/init.sh.sql-default-tests 2021-05-28 02:50:43.000000000 -0700 ++++ ./tests/common/init.sh 2021-06-03 15:44:45.771708842 -0700 +@@ -651,9 +651,9 @@ if [ -z "${INIT_SOURCED}" -o "${INIT_SOU + + RELOAD_CRL=1 + +- # if test mode isn't set, test scripts default to expecting sql ++ # if test mode isn't set, test scripts default to expecting dbm + if [ "${TEST_MODE}" = "" ]; then +- NSS_DEFAULT_DB_TYPE=${NSS_DEFAULT_DB_TYPE:-"sql"} ++ NSS_DEFAULT_DB_TYPE="dbm" + export NSS_DEFAULT_DB_TYPE + fi + +diff -up ./tests/remote/Makefile.sql-default-tests ./tests/remote/Makefile +--- ./tests/remote/Makefile.sql-default-tests 2021-05-28 02:50:43.000000000 -0700 ++++ ./tests/remote/Makefile 2021-06-03 15:44:45.771708842 -0700 +@@ -56,7 +56,7 @@ ifeq ($(OS_TARGET),Android) + TEST_SHELL?=$$HOME/bin/sh + ANDROID_PORT?="2222" + #Define the subset of tests that is known to work on Android +-NSS_CYCLES?="standard pkix sharedb" ++NSS_CYCLES?="standard pkix upgradedb sharedb" + NSS_TESTS?="cipher lowhash libpkix cert dbtests tools sdr crmf smime ssl ocsp merge pkits chains" + NSS_SSL_TESTS?="crl normal_normal iopr" + NSS_SSL_RUN?="cov auth stress" diff --git a/nss-sql-default.patch b/nss-sql-default.patch index fd397788abe085fc97b176355641a9a0df72ec9f..d2dbcc4f46ec9265013042a6894fc0f8731a10ab 100644 --- a/nss-sql-default.patch +++ b/nss-sql-default.patch @@ -1,42 +1,35 @@ -# HG changeset patch -# User Kai Engert -# Date 1511548994 -3600 -# Fri Nov 24 19:43:14 2017 +0100 -# Node ID b0658ed367633e505d38c0c0f63b801ddbbb21a4 -# Parent 807662e6ba57db5be05036511ac8634466ed473f -Bug 1377940, Change NSS default storage file format (currently DBM), when no prefix is given, to SQL, r=rrelyea, r=fkiefer - ---- a/tests/all.sh -+++ b/tests/all.sh -@@ -111,6 +111,8 @@ RUN_FIPS="" +diff -up nss/tests/all.sh.sql-default nss/tests/all.sh +--- nss/tests/all.sh.sql-default 2020-06-17 00:50:59.000000000 +0200 ++++ nss/tests/all.sh 2020-07-22 17:41:08.591206201 +0200 +@@ -114,8 +114,6 @@ RUN_FIPS="" ######################################################################## run_tests() { -+ echo "Running test cycle: ${TEST_MODE} ----------------------" -+ echo "List of tests that will be executed: ${TESTS}" +- echo "Running test cycle: ${TEST_MODE} ----------------------" +- echo "List of tests that will be executed: ${TESTS}" for TEST in ${TESTS} do # NOTE: the spaces are important. If you don't include -@@ -172,8 +174,9 @@ run_cycle_pkix() - NSS_SSL_TESTS=`echo "${NSS_SSL_TESTS}" | sed -e "s/normal//g" -e "s/fips//g" -e "s/_//g"` +@@ -173,9 +171,8 @@ run_cycle_pkix() + export -n NSS_SSL_RUN -- # use the default format -+ # use the default format. (unset for the shell, export -n for binaries) +- # use the default format. (unset for the shell, export -n for binaries) ++ # use the default format export -n NSS_DEFAULT_DB_TYPE -+ unset NSS_DEFAULT_DB_TYPE +- unset NSS_DEFAULT_DB_TYPE run_tests } -diff --git a/tests/merge/merge.sh b/tests/merge/merge.sh ---- a/tests/merge/merge.sh -+++ b/tests/merge/merge.sh +diff -up nss/tests/merge/merge.sh.sql-default nss/tests/merge/merge.sh +--- nss/tests/merge/merge.sh.sql-default 2020-06-17 00:50:59.000000000 +0200 ++++ nss/tests/merge/merge.sh 2020-07-22 17:24:45.819348633 +0200 @@ -98,7 +98,7 @@ merge_init() # are dbm databases. if [ "${TEST_MODE}" = "UPGRADE_DB" ]; then save=${NSS_DEFAULT_DB_TYPE} -- NSS_DEFAULT_DB_TYPE= ; export NSS_DEFAULT_DB_TYPE -+ NSS_DEFAULT_DB_TYPE=dbm ; export NSS_DEFAULT_DB_TYPE +- NSS_DEFAULT_DB_TYPE=dbm ; export NSS_DEFAULT_DB_TYPE ++ NSS_DEFAULT_DB_TYPE= ; export NSS_DEFAULT_DB_TYPE fi certutil -N -d ${CONFLICT1DIR} -f ${R_PWFILE} diff --git a/nss-ssl2-compatible-client-hello.patch b/nss-ssl2-compatible-client-hello.patch index a1f5217133220a1c1fd70422e94b3950941e6820..ec013e21c802e507778ed3efe1bc77cc510ed971 100644 --- a/nss-ssl2-compatible-client-hello.patch +++ b/nss-ssl2-compatible-client-hello.patch @@ -1,12 +1,12 @@ -diff -up nss/lib/ssl/sslsock.c.ssl2hello nss/lib/ssl/sslsock.c ---- nss/lib/ssl/sslsock.c.ssl2hello 2019-04-26 11:31:02.139693304 +0200 -+++ nss/lib/ssl/sslsock.c 2019-04-26 11:31:36.842975724 +0200 -@@ -86,7 +86,7 @@ static sslOptions ssl_defaults = { - .enableTls13CompatMode = PR_FALSE, +diff -up ./lib/ssl/sslsock.c.ssl2hello ./lib/ssl/sslsock.c +--- ./lib/ssl/sslsock.c.ssl2hello 2021-06-03 15:39:52.237945867 -0700 ++++ ./lib/ssl/sslsock.c 2021-06-03 15:43:21.746203666 -0700 +@@ -90,7 +90,7 @@ static sslOptions ssl_defaults = { + .enableDtls13VersionCompat = PR_FALSE, .enableDtlsShortHeader = PR_FALSE, .enableHelloDowngradeCheck = PR_FALSE, - .enableV2CompatibleHello = PR_FALSE, + .enableV2CompatibleHello = PR_TRUE, - .enablePostHandshakeAuth = PR_FALSE - }; - + .enablePostHandshakeAuth = PR_FALSE, + .suppressEndOfEarlyData = PR_FALSE, + .enableTls13GreaseEch = PR_FALSE, diff --git a/fix-min-library-version-in-SSLVersionRange.patch b/nss-version-range.patch similarity index 31% rename from fix-min-library-version-in-SSLVersionRange.patch rename to nss-version-range.patch index 00facbf780b3571aa56cf8155cc3738b6864d375..4693e96d3b8be90e691086759c4412ee482d3403 100644 --- a/fix-min-library-version-in-SSLVersionRange.patch +++ b/nss-version-range.patch @@ -1,12 +1,14 @@ -diff -up ./lib/ssl/sslsock.c.1171318 ./lib/ssl/sslsock.c ---- ./lib/ssl/sslsock.c.1171318 2016-02-04 10:57:08.489310227 -0800 -+++ ./lib/ssl/sslsock.c 2016-02-04 11:02:59.290818001 -0800 -@@ -92,7 +92,7 @@ static sslOptions ssl_defaults = { +diff -up nss/lib/ssl/sslsock.c.version-range nss/lib/ssl/sslsock.c +--- nss/lib/ssl/sslsock.c.version-range 2020-07-30 08:20:35.811375910 +0200 ++++ nss/lib/ssl/sslsock.c 2020-07-30 08:21:02.132188806 +0200 +@@ -98,8 +98,8 @@ static sslOptions ssl_defaults = { * default range of enabled SSL/TLS protocols */ static SSLVersionRange versions_defaults_stream = { - SSL_LIBRARY_VERSION_TLS_1_0, +- SSL_LIBRARY_VERSION_TLS_1_3 + SSL_LIBRARY_VERSION_3_0, - SSL_LIBRARY_VERSION_TLS_1_2 ++ SSL_LIBRARY_VERSION_TLS_1_2 }; + static SSLVersionRange versions_defaults_datagram = { diff --git a/nss.spec b/nss.spec index 425d13f29432112cfda9dc52b03fa2cab536b9cc..83100095991b13a9a316e4745de6ee3d3bbcf036 100644 --- a/nss.spec +++ b/nss.spec @@ -1,15 +1,14 @@ -%global nspr_version 4.21.0 -%global nss_util_version 3.44.0 -%global nss_util_build -3 +%global nspr_version 4.31.0 +%global nss_util_version 3.67.0 +%global nss_util_build -1 # adjust to the version that gets submitted for FIPS validation -%global nss_softokn_fips_version 3.44.0 -%global nss_softokn_version 3.44.0 # Attention: Separate softokn versions for build and runtime. +%global nss_softokn_version 3.67.0 %global runtime_required_softokn_build_version -1 # Building NSS doesn't require the same version of softokn built for runtime. -%global build_required_softokn_build_version -1 -%global nss_version 3.44.0 -%define anolis_release .0.1 +%global nss_softokn_build_version 3.53.1 +%global build_required_softokn_build_version -2 +%global nss_version 3.67.0 %global unsupported_tools_directory %{_libdir}/nss/unsupported-tools %global allTools "certutil cmsutil crlutil derdump modutil nss-policy-check pk12util pp signtool signver ssltap vfychain vfyserv" @@ -42,7 +41,7 @@ rpm.define(string.format("nss_archive_version %s", Summary: Network Security Services Name: nss Version: %{nss_version} -Release: 7%{anolis_release}%{?dist} +Release: 4%{?dist} License: MPLv2.0 URL: http://www.mozilla.org/projects/security/pki/nss/ Group: System Environment/Libraries @@ -57,7 +56,7 @@ BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: nspr-devel >= %{nspr_version} # TODO: revert to same version as nss once we are done with the merge # Using '>=' but on RHEL the requires should be '=' -BuildRequires: nss-softokn-devel >= %{nss_softokn_version}%{build_required_softokn_build_version} +BuildRequires: nss-softokn-devel >= %{nss_softokn_build_version}%{build_required_softokn_build_version} BuildRequires: nss-util-devel >= %{nss_util_version}%{nss_util_build} BuildRequires: sqlite-devel BuildRequires: zlib-devel @@ -104,9 +103,8 @@ Source30: PayPalRootCA.cert Source31: PayPalICA.cert Source32: nss-rhel7.config Source33: TestOldCA.p12 -Source34: NameConstraints.ipaca.cert -Source35: NameConstraints.ocsp1.cert - +Source34: NameConstraints.ocsp1.cert +Source35: NameConstraints.ipaca.cert Patch2: add-relro-linker-option.patch Patch3: renegotiate-transitional.patch @@ -130,11 +128,15 @@ Patch53: Bug-1001841-disable-sslv2-tests.patch Patch56: p-ignore-setpolicy.patch # Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=943144 Patch62: nss-fix-deadlock-squash.patch -Patch100: fix-min-library-version-in-SSLVersionRange.patch +# In RHEL-7, we still disable TLS 1.3 by default, and set SSL 3.0 as +# the hard minimum +Patch100: nss-version-range.patch Patch108: nss-sni-c-v-fix.patch Patch123: nss-skip-util-gtest.patch Patch126: nss-reorder-cipher-suites.patch Patch127: nss-disable-cipher-suites.patch +# revert sql man page changes +Patch128: nss-3.67-revert-sql-manage-change.patch Patch130: nss-reorder-cipher-suites-gtests.patch # To revert the change in: # https://bugzilla.mozilla.org/show_bug.cgi?id=1377940 @@ -144,8 +146,6 @@ Patch139: nss-modutil-skip-changepw-fips.patch # Work around for yum # https://bugzilla.redhat.com/show_bug.cgi?id=1469526 Patch141: nss-sysinit-getenv.patch -# Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=1542207 -Patch147: nss-dsa-policy.patch # To revert the change in: # https://bugzilla.mozilla.org/show_bug.cgi?id=818686 Patch148: nss-sysinit-userdb.patch @@ -154,30 +154,41 @@ Patch149: nss-skip-sysinit-gtests.patch # Enable SSLv2 compatible ClientHello, disabled in the change: # https://bugzilla.mozilla.org/show_bug.cgi?id=1483128 Patch150: nss-ssl2-compatible-client-hello.patch -# TLS 1.3 currently doesn't work under FIPS mode: -# https://bugzilla.redhat.com/show_bug.cgi?id=1710372 -Patch151: nss-skip-tls13-fips-tests.sh # For backward compatibility: make -V "ssl3:" continue working, while # the minimum version is clamped to tls1.0 Patch152: nss-version-range-set.patch -# TLS 1.3 currently doesn't work under FIPS mode: -# https://bugzilla.redhat.com/show_bug.cgi?id=1710372 -Patch153: nss-fips-disable-tls13.patch -# Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=1552208 -Patch154: nss-disable-pkcs1-sigalgs-tls13.patch -# Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=1553443 -Patch155: nss-post-handshake-auth-with-tickets.patch -# https://bugzilla.mozilla.org/show_bug.cgi?id=1473806 -Patch156: nss-fix-public-key-from-priv.patch -Patch157: nss-add-ipsec-usage-to-manpage.patch -# https://bugzilla.mozilla.org/show_bug.cgi?id=1515342 -Patch159: nss-3.44-handle-malformed-ecdh.patch -Patch160: nss-3.44-handle-malformed-ecdh-gtests.patch - -# Add by Anolis -#https://github.com/nss-dev/nss/commit/e24c7f21749e4d203e0e0f8a3433ca021ae11bda -Patch1000: 0001-nss-anolis-nameconstraints.patch -# End +# CAVS testing should be done in nss-softkn package +Patch156: nss-skip-cavs-tests.patch +# no upsteam bug yet +Patch157: nss-3.53-fix-private_key_mac.patch +# To revert the testing portion of the change: +# https://bugzilla.mozilla.org/show_bug.cgi?id=1594933 +Patch158: nss-sql-default-tests.patch +# Local patch: disable Delegated Credentials +Patch159: nss-disable-dc.patch +# restore defaults when creating pkcs12 files +Patch160:nss-3.66-restore-old-pkcs12-default.patch + +# patches that just need to be upstreamed +# https://bugzilla.mozilla.org/show_bug.cgi?id=1662738 +Patch200: nss-3.66-no-small-primes.patch +# no bug number +Patch201: nss-3.67-fix-sdb-timeout.patch +# no bug number +Patch202: nss-3.67-fix-ssl-alerts.patch +# no bug number +Patch203: nss-3.67-fix-pkcs12-policy.patch + +# disable tests that don't work with the 3.53 softoken +# so builds can complete. +Patch300: nss-3.66-no-combo-tests.patch + +# disable tests that don't work in the brew environment +# because we can't reference external servers. +Patch301: nss-3.66-disable-external-host-test.patch + +Patch400: nss-3.67-cve-2021-43527.patch +Patch401: nss-3.67-cve-2021-43527-test.patch %description Network Security Services (NSS) is a set of libraries designed to @@ -239,7 +250,7 @@ Requires: nss-devel = %{version}-%{release} # TODO: revert to using nss_softokn_version once we are done with # the merge into to new rhel git repo # For RHEL we should have '=' instead of '>=' -Requires: nss-softokn-freebl-devel >= %{nss_softokn_version} +Requires: nss-softokn-freebl-devel >= %{nss_softokn_build_version} %description pkcs11-devel Library files for developing PKCS #11 modules using basic NSS @@ -255,22 +266,22 @@ low level services. %{__cp} %{SOURCE30} -f ./nss/tests/libpkix/certs %{__cp} %{SOURCE31} -f ./nss/tests/libpkix/certs %{__cp} %{SOURCE33} -f ./nss/tests/tools -%{__cp} %{SOURCE34} -f ./nss/tests/libpkix/certs/ -%{__cp} %{SOURCE35} -f ./nss/tests/libpkix/certs/ +%{__cp} %{SOURCE34} -f ./nss/tests/libpkix/certs +%{__cp} %{SOURCE35} -f ./nss/tests/libpkix/certs %patch2 -p0 -b .relro %patch3 -p0 -b .transitional %patch16 -p0 -b .539183 %patch40 -p0 -b .noocsptest %patch47 -p0 -b .templates -%patch49 -p0 -b .skipthem %patch50 -p0 -b .iquote pushd nss +%patch49 -p0 -b .skipthem %patch52 -p1 -b .disableSSL2libssl %patch53 -p1 -b .disableSSL2tests %patch56 -p1 -b .1026677_ignore_set_policy %patch62 -p1 -b .fix_deadlock -%patch100 -p0 -b .1171318 +%patch100 -p1 -b .version-range popd %patch108 -p0 -b .sni_c_v_fix pushd nss @@ -278,28 +289,27 @@ pushd nss %patch126 -p1 -b .reorder-cipher-suites %patch127 -p1 -b .disable-cipher-suites %patch130 -p1 -b .reorder-cipher-suites-gtests -%patch136 -p1 -R -b .sql-default +%patch136 -p1 -b .sql-default %patch139 -p1 -b .modutil-skip-changepw-fips %patch148 -R -p1 -b .sysinit-userdb %patch141 -p1 -b .sysinit-getenv -%patch147 -p1 -b .dsa-policy %patch149 -p1 -b .skip-sysinit-gtests %patch150 -p1 -b .ssl2hello -%patch151 -p1 -b .skip-tls13-fips-mode %patch152 -p1 -b .version-range-set -%patch153 -p1 -b .fips-disable-tls13 -%patch154 -p1 -b .disable-pkcs1-sigalgs-tls13 -%patch155 -p1 -b .post-handshake-auth-with-tickets -popd -%patch156 -p1 -b .pub-priv-mechs -%patch157 -p1 -b .ipsec-usage -pushd nss -%patch159 -p1 -b .handle-malformed-ecdh -%patch160 -p1 -b .handle-malformed-ecdh-gtests -popd - -pushd nss -%patch1000 -p1 -b 0001-nss-anolis-nameconstraints.patch +%patch156 -p1 -b .skip-cavs +%patch157 -p1 -b .privkey-mac +%patch128 -R -p1 -b .sql-man-page +%patch158 -p1 -b .sql-default-tests +%patch159 -p1 -b .dc +%patch160 -p1 -b .restore-pkcs12-defaults +%patch200 -p1 -b .no-small-primes +%patch201 -p1 -b .fix-sdb-timeout +%patch202 -p1 -b .fix-ssl-alerts +%patch203 -p1 -b .fix-pkcs12-policy +%patch300 -p1 -b .oldsoft +%patch301 -p1 -b .brew +%patch400 -p1 -b .cve-2021-43527 +%patch401 -p1 -b .cve-2021-43527-test popd ######################################################### @@ -406,9 +416,6 @@ export NSS_BLTEST_NOT_AVAILABLE=1 export NSS_FORCE_FIPS=1 -%{__make} -C ./nss/coreconf -%{__make} -C ./nss/lib/dbm - # Set the policy file location # if set NSS will always check for the policy file and load if it exists export POLICY_FILE="nss-rhel7.config" @@ -421,7 +428,9 @@ export POLICY_PATH="/etc/pki/nss-legacy" %{__mkdir_p} ./dist/private/nss %{__mv} ./nss/verref.h ./dist/private/nss/verref.h -%{__make} -C ./nss +%{__make} -C ./nss all +%{__make} -C ./nss latest + unset NSS_BLTEST_NOT_AVAILABLE # build the man pages clean @@ -576,8 +585,15 @@ pushd ./nss/tests/ # all.sh is the test suite script # don't need to run all the tests when testing packaging -# nss_cycles: standard pkix upgradedb sharedb +export NSS_DEFAULT_DB_TYPE=dbm #in RHEL 7, the default db is sql, but we want + # standard to test dbm, or upgradedb will fail +%global nss_full_cycles "standard pkix upgradedb sharedb threadunsafe" +%global nss_cycles "standard pkix upgradedb sharedb" +%global nss_full_tests "libpkix cert dbtests tools fips sdr crmf smime ssl ocsp merge pkits chains ec gtests ssl_gtests" %global nss_tests "libpkix cert dbtests tools fips sdr crmf smime ssl ocsp merge pkits chains ec gtests ssl_gtests" +%ifarch x86_64 +%global nss_cycles "standard pkix upgradedb sharedb threadunsafe" +%endif # nss_ssl_tests: crl bypass_normal normal_bypass normal_fips fips_normal iopr # nss_ssl_run: cov auth stress # @@ -586,12 +602,34 @@ pushd ./nss/tests/ # global nss_ssl_tests "normal_fips" # global nss_ssl_run "cov auth" -# Temporarily disabling ssl stress tests for s390 +# Temporarily disabling tests for s390 %ifarch s390 %global nss_ssl_run "cov auth" +%global nss_tests "libpkix cert dbtests tools sdr crmf smime ocsp merge pkits ec gtests" %endif +%ifarch s390x +%global nss_ssl_run "cov auth" +%global nss_tests "libpkix cert dbtests tools sdr crmf smime ocsp merge pkits ec gtests" +%endif +# nss_ssl_tests: crl bypass_normal normal_bypass normal_fips fips_normal iopr +soft=$(rpm -q nss-softokn) +soft_minor=${soft:14:2} +nss_soft=%{nss_softokn_version} +nss_soft_minor=${nss_soft:2:2} +export NSS_CYCLES=%{?nss_full_cycles} +export NSS_TESTS=%{?nss_full_tests} +export NSS_SSL_RUN=%{?nss_full_ssl_run} +export NSS_SSL_TESTS=%{?nss_full_ssl_tests} +if [ ${soft_minor} -lt ${nss_soft_minor} ]; then + export NSS_OLD_SOFTOKEN=1 + export NSS_DISABLE_PPC_GHASH=1 + export NSS_CYCLES=%{?nss_cycles} + export NSS_TESTS=%{?nss_tests} + export NSS_SSL_RUN=%{?nss_ssl_run} + export NSS_SSL_TESTS=%{?nss_ssl_tests} +fi -HOST=localhost DOMSUF=localdomain PORT=$MYRAND NSS_CYCLES=%{?nss_cycles} NSS_TESTS=%{?nss_tests} NSS_SSL_TESTS=%{?nss_ssl_tests} NSS_SSL_RUN=%{?nss_ssl_run} ./all.sh +HOST=localhost DOMSUF=localdomain PORT=$MYRAND ./all.sh popd @@ -872,6 +910,7 @@ fi %{_includedir}/nss3/p12plcy.h %{_includedir}/nss3/p12t.h %{_includedir}/nss3/pk11func.h +%{_includedir}/nss3/pk11hpke.h %{_includedir}/nss3/pk11pqg.h %{_includedir}/nss3/pk11priv.h %{_includedir}/nss3/pk11pub.h @@ -911,20 +950,64 @@ fi %changelog -* Mon Aug 30 2021 xiezhongtian - 3.44.0-7.0.1 -- Update test cert PayPalEE.cert which had expired -- Renew two chains libpkix test certificates +* Thu Nov 18 2021 Bob Relyea - 3.67.0-4 +- fix CVE-2021-43527 + +* Tue Sep 14 2021 Bob Relyea - 3.67.0-3 +- revert sql default language in man pages +- fix SEC_PKCS12EnableCipher so python-nss tests will still work. + +* Wed Jul 7 2021 Bob Relyea - 3.67.0-2 +- fix sdb timeout issue +- fix incorrect ssl alerts in Signature scheme processing + +* Tue Jun 22 2021 Bob Relyea - 3.67.0-1 +- Rebase to NSS 3.67 + +* Tue Jun 15 2021 Bob Relyea - 3.66.0-2 +- restore pkcs12 defaults + +* Thu Jun 03 2021 Bob Relyea - 3.66.0-1 +- Rebase to NSS 3.66 + +* Wed Mar 03 2021 Bob Relyea - 3.53.1-7 +- Fix HSM load failure because of CKO_Profile +- Allow builds with strict-proto -* Fri Dec 6 2019 Bob Relyea - 3.44.0-7 +* Mon Feb 22 2021 Bob Relyea - 3.53.1-6 +- Update to CVE 2020-256423 TLS flood DOS attack patch. + +* Thu Feb 18 2021 Bob Relyea - 3.53.1-5 +- Fix CVE 2020-256423 TLS flood DOS Attack. + +* Mon Feb 1 2021 Bob Relyea - 3.53.1-4 +- Fix deadlock issue +- Fix 3 FTBS issues, 2 expired certs, one semantic change in nss-softokn. + +* Sat Aug 1 2020 Daiki Ueno - 3.53.1-3 +- Disable dh timing test because it's unreliable on s390 (from Bob Relyea) +- Explicitly enable upgradedb/sharedb test cycles + +* Thu Jul 30 2020 Daiki Ueno - 3.53.1-2 +- Disable TLS 1.3 by default + +* Wed Jul 22 2020 Daiki Ueno - 3.53.1-1 +- Rebase to NSS 3.53.1 + +* Fri Dec 6 2019 Bob Relyea - 3.44.0-8 - Increase timeout on ssl_gtest so that slow platforms can complete when running on a busy system. -* Thu Dec 5 2019 Bob Relyea - 3.44.0-6 +* Thu Dec 5 2019 Bob Relyea - 3.44.0-7 - back out out-of-bounds patch (patch for nss-softokn). - Fix segfault on empty or malformed ecdh keys (#1777712) -* Wed Dec 4 2019 Bob Relyea - 3.44.0-5 -- Fix out-of-bounds write in NSC_EncryptUpdate (#1775910) +* Wed Dec 4 2019 Bob Relyea - 3.44.0-6 +- Fix out-of-bounds write in NSC_EncryptUpdate (#1775911,#1775910) + +* Wed Aug 14 2019 Bob Relyea - 3.44.0-5 +- Fix pkix name constraints processing to only process the common name if the + certusage you are checking is IPSEC or SSL Server. * Wed Jun 5 2019 Bob Relyea - 3.44.0-4 - Fix certutil man page