diff --git a/Feature-nss-support-SM2-signature-algorithm.patch b/Feature-nss-support-SM2-signature-algorithm.patch index 27e49d7a8d6102d144c4197b54dd26bc1052c01c..2fc37868f6d6af53069a20c0e12122771e7e5e9b 100644 --- a/Feature-nss-support-SM2-signature-algorithm.patch +++ b/Feature-nss-support-SM2-signature-algorithm.patch @@ -250,7 +250,7 @@ index 85a569f..253ce8d 100644 + 'sm2.c', 'sysrand.c', 'tlsprfalg.c', - ], + 'secmpi.c', diff --git a/lib/freebl/manifest.mn b/lib/freebl/manifest.mn index fd3218d..2dbf7c9 100644 --- a/lib/freebl/manifest.mn diff --git a/Feature-nss-support-SM3-digest-algorithm.patch b/Feature-nss-support-SM3-digest-algorithm.patch index c3fe17bf3a46bbbe5b7c15c5ce97718332b0edb1..2584f5216d2ccc59d8b6dd27714a3f95bf2e7ddc 100644 --- a/Feature-nss-support-SM3-digest-algorithm.patch +++ b/Feature-nss-support-SM3-digest-algorithm.patch @@ -139,7 +139,7 @@ index 0054e17..2d400ec 100644 typedef struct SEEDContextStr SEEDContext; typedef struct ChaCha20ContextStr ChaCha20Context; diff --git a/lib/freebl/freebl_base.gypi b/lib/freebl/freebl_base.gypi -index afbffac..85a569f 100644 +index 34b6b3c..8f64046 100644 --- a/lib/freebl/freebl_base.gypi +++ b/lib/freebl/freebl_base.gypi @@ -58,6 +58,7 @@ @@ -149,31 +149,31 @@ index afbffac..85a569f 100644 + 'sm3.c', 'sysrand.c', 'tlsprfalg.c', - ], + 'secmpi.c', diff --git a/lib/freebl/ldvector.c b/lib/freebl/ldvector.c -index ac3b862..67bb001 100644 +index 6f4bd6a..143584b 100644 --- a/lib/freebl/ldvector.c +++ b/lib/freebl/ldvector.c -@@ -376,9 +376,20 @@ static const struct FREEBLVectorStr vector = - /* End of version 3.024 */ - ChaCha20_InitContext, - ChaCha20_CreateContext, -- ChaCha20_DestroyContext -+ ChaCha20_DestroyContext, +@@ -375,9 +375,20 @@ static const struct FREEBLVectorStr vector = { + /* End of version 3.024 */ + ChaCha20_InitContext, + ChaCha20_CreateContext, +- ChaCha20_DestroyContext ++ ChaCha20_DestroyContext, - /* End of version 3.025 */ -+ SM3_NewContext, -+ SM3_DestroyContext, -+ SM3_Begin, -+ SM3_Update, -+ SM3_End, -+ SM3_HashBuf, -+ SM3_Hash, -+ SM3_TraceState, -+ SM3_FlattenSize, -+ SM3_Flatten, -+ SM3_Resurrect - }; + /* End of version 3.025 */ ++ SM3_NewContext, ++ SM3_DestroyContext, ++ SM3_Begin, ++ SM3_Update, ++ SM3_End, ++ SM3_HashBuf, ++ SM3_Hash, ++ SM3_TraceState, ++ SM3_FlattenSize, ++ SM3_Flatten, ++ SM3_Resurrect + }; const FREEBLVector* diff --git a/lib/freebl/loader.c b/lib/freebl/loader.c diff --git a/backport-CVE-2021-43527.patch b/backport-CVE-2021-43527.patch deleted file mode 100644 index bc40c387d93826e3bea72e7122ae0f8f66533db6..0000000000000000000000000000000000000000 --- a/backport-CVE-2021-43527.patch +++ /dev/null @@ -1,288 +0,0 @@ -From 73a449016a1ff68539031ad600d88eab4399911f Mon Sep 17 00:00:00 2001 -From: Dennis Jackson -Date: Mon, 22 Nov 2021 10:40:42 +0000 -Subject: [PATCH] Bug 1737470 - Ensure DER encoded signatures are within size - limits. r=jschanck,mt,bbeurdouche,rrelyea - -Differential Revision: https://phabricator.services.mozilla.com/D129514 ---- - lib/cryptohi/secvfy.c | 192 ++++++++++++++++++++++++++---------------- - 1 file changed, 121 insertions(+), 71 deletions(-) - -diff --git a/lib/cryptohi/secvfy.c b/lib/cryptohi/secvfy.c -index 2540a544c5..17545848cf 100644 ---- a/lib/cryptohi/secvfy.c -+++ b/lib/cryptohi/secvfy.c -@@ -164,6 +164,37 @@ verifyPKCS1DigestInfo(const VFYContext *cx, const SECItem *digest) - PR_FALSE /*XXX: unsafeAllowMissingParameters*/); - } - -+static unsigned int -+checkedSignatureLen(const SECKEYPublicKey *pubk) -+{ -+ unsigned int sigLen = SECKEY_SignatureLen(pubk); -+ if (sigLen == 0) { -+ /* Error set by SECKEY_SignatureLen */ -+ return sigLen; -+ } -+ unsigned int maxSigLen; -+ switch (pubk->keyType) { -+ case rsaKey: -+ case rsaPssKey: -+ maxSigLen = (RSA_MAX_MODULUS_BITS + 7) / 8; -+ break; -+ case dsaKey: -+ maxSigLen = DSA_MAX_SIGNATURE_LEN; -+ break; -+ case ecKey: -+ maxSigLen = 2 * MAX_ECKEY_LEN; -+ break; -+ default: -+ PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG); -+ return 0; -+ } -+ if (sigLen > maxSigLen) { -+ PORT_SetError(SEC_ERROR_INVALID_KEY); -+ return 0; -+ } -+ return sigLen; -+} -+ - /* - * decode the ECDSA or DSA signature from it's DER wrapping. - * The unwrapped/raw signature is placed in the buffer pointed -@@ -174,38 +205,38 @@ decodeECorDSASignature(SECOidTag algid, const SECItem *sig, unsigned char *dsig, - unsigned int len) - { - SECItem *dsasig = NULL; /* also used for ECDSA */ -- SECStatus rv = SECSuccess; - -- if ((algid != SEC_OID_ANSIX9_DSA_SIGNATURE) && -- (algid != SEC_OID_ANSIX962_EC_PUBLIC_KEY)) { -- if (sig->len != len) { -- PORT_SetError(SEC_ERROR_BAD_DER); -- return SECFailure; -+ /* Safety: Ensure algId is as expected and that signature size is within maxmimums */ -+ if (algid == SEC_OID_ANSIX9_DSA_SIGNATURE) { -+ if (len > DSA_MAX_SIGNATURE_LEN) { -+ goto loser; - } -- -- PORT_Memcpy(dsig, sig->data, sig->len); -- return SECSuccess; -- } -- -- if (algid == SEC_OID_ANSIX962_EC_PUBLIC_KEY) { -+ } else if (algid == SEC_OID_ANSIX962_EC_PUBLIC_KEY) { - if (len > MAX_ECKEY_LEN * 2) { -- PORT_SetError(SEC_ERROR_BAD_DER); -- return SECFailure; -+ goto loser; - } -- } -- dsasig = DSAU_DecodeDerSigToLen((SECItem *)sig, len); -- -- if ((dsasig == NULL) || (dsasig->len != len)) { -- rv = SECFailure; - } else { -- PORT_Memcpy(dsig, dsasig->data, dsasig->len); -+ goto loser; - } - -- if (dsasig != NULL) -+ /* Decode and pad to length */ -+ dsasig = DSAU_DecodeDerSigToLen((SECItem *)sig, len); -+ if (dsasig == NULL) { -+ goto loser; -+ } -+ if (dsasig->len != len) { - SECITEM_FreeItem(dsasig, PR_TRUE); -- if (rv == SECFailure) -- PORT_SetError(SEC_ERROR_BAD_DER); -- return rv; -+ goto loser; -+ } -+ -+ PORT_Memcpy(dsig, dsasig->data, len); -+ SECITEM_FreeItem(dsasig, PR_TRUE); -+ -+ return SECSuccess; -+ -+loser: -+ PORT_SetError(SEC_ERROR_BAD_DER); -+ return SECFailure; - } - - const SEC_ASN1Template hashParameterTemplate[] = -@@ -281,7 +312,7 @@ SECStatus - sec_DecodeSigAlg(const SECKEYPublicKey *key, SECOidTag sigAlg, - const SECItem *param, SECOidTag *encalgp, SECOidTag *hashalg) - { -- int len; -+ unsigned int len; - PLArenaPool *arena; - SECStatus rv; - SECItem oid; -@@ -466,48 +497,52 @@ vfy_CreateContext(const SECKEYPublicKey *key, const SECItem *sig, - cx->pkcs1RSADigestInfo = NULL; - rv = SECSuccess; - if (sig) { -- switch (type) { -- case rsaKey: -- rv = recoverPKCS1DigestInfo(hashAlg, &cx->hashAlg, -- &cx->pkcs1RSADigestInfo, -- &cx->pkcs1RSADigestInfoLen, -- cx->key, -- sig, wincx); -- break; -- case rsaPssKey: -- sigLen = SECKEY_SignatureLen(key); -- if (sigLen == 0) { -- /* error set by SECKEY_SignatureLen */ -- rv = SECFailure; -+ rv = SECFailure; -+ if (type == rsaKey) { -+ rv = recoverPKCS1DigestInfo(hashAlg, &cx->hashAlg, -+ &cx->pkcs1RSADigestInfo, -+ &cx->pkcs1RSADigestInfoLen, -+ cx->key, -+ sig, wincx); -+ } else { -+ sigLen = checkedSignatureLen(key); -+ /* Check signature length is within limits */ -+ if (sigLen == 0) { -+ /* error set by checkedSignatureLen */ -+ rv = SECFailure; -+ goto loser; -+ } -+ if (sigLen > sizeof(cx->u)) { -+ PORT_SetError(SEC_ERROR_BAD_SIGNATURE); -+ rv = SECFailure; -+ goto loser; -+ } -+ switch (type) { -+ case rsaPssKey: -+ if (sig->len != sigLen) { -+ PORT_SetError(SEC_ERROR_BAD_SIGNATURE); -+ rv = SECFailure; -+ goto loser; -+ } -+ PORT_Memcpy(cx->u.buffer, sig->data, sigLen); -+ rv = SECSuccess; - break; -- } -- if (sig->len != sigLen) { -- PORT_SetError(SEC_ERROR_BAD_SIGNATURE); -- rv = SECFailure; -+ case ecKey: -+ case dsaKey: -+ /* decodeECorDSASignature will check sigLen == sig->len after padding */ -+ rv = decodeECorDSASignature(encAlg, sig, cx->u.buffer, sigLen); - break; -- } -- PORT_Memcpy(cx->u.buffer, sig->data, sigLen); -- break; -- case dsaKey: -- case ecKey: -- sigLen = SECKEY_SignatureLen(key); -- if (sigLen == 0) { -- /* error set by SECKEY_SignatureLen */ -+ default: -+ /* Unreachable */ - rv = SECFailure; -- break; -- } -- rv = decodeECorDSASignature(encAlg, sig, cx->u.buffer, sigLen); -- break; -- default: -- rv = SECFailure; -- PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG); -- break; -+ goto loser; -+ } -+ } -+ if (rv != SECSuccess) { -+ goto loser; - } - } - -- if (rv) -- goto loser; -- - /* check hash alg again, RSA may have changed it.*/ - if (HASH_GetHashTypeByOidTag(cx->hashAlg) == HASH_AlgNULL) { - /* error set by HASH_GetHashTypeByOidTag */ -@@ -650,11 +685,16 @@ VFY_EndWithSignature(VFYContext *cx, SECItem *sig) - switch (cx->key->keyType) { - case ecKey: - case dsaKey: -- dsasig.data = cx->u.buffer; -- dsasig.len = SECKEY_SignatureLen(cx->key); -+ dsasig.len = checkedSignatureLen(cx->key); - if (dsasig.len == 0) { - return SECFailure; - } -+ if (dsasig.len > sizeof(cx->u)) { -+ PORT_SetError(SEC_ERROR_BAD_SIGNATURE); -+ return SECFailure; -+ } -+ dsasig.data = cx->u.buffer; -+ - if (sig) { - rv = decodeECorDSASignature(cx->encAlg, sig, dsasig.data, - dsasig.len); -@@ -686,8 +726,13 @@ VFY_EndWithSignature(VFYContext *cx, SECItem *sig) - } - - rsasig.data = cx->u.buffer; -- rsasig.len = SECKEY_SignatureLen(cx->key); -+ rsasig.len = checkedSignatureLen(cx->key); - if (rsasig.len == 0) { -+ /* Error set by checkedSignatureLen */ -+ return SECFailure; -+ } -+ if (rsasig.len > sizeof(cx->u)) { -+ PORT_SetError(SEC_ERROR_BAD_SIGNATURE); - return SECFailure; - } - if (sig) { -@@ -749,7 +794,6 @@ vfy_VerifyDigest(const SECItem *digest, const SECKEYPublicKey *key, - SECStatus rv; - VFYContext *cx; - SECItem dsasig; /* also used for ECDSA */ -- - rv = SECFailure; - - cx = vfy_CreateContext(key, sig, encAlg, hashAlg, NULL, wincx); -@@ -757,19 +801,25 @@ vfy_VerifyDigest(const SECItem *digest, const SECKEYPublicKey *key, - switch (key->keyType) { - case rsaKey: - rv = verifyPKCS1DigestInfo(cx, digest); -+ /* Error (if any) set by verifyPKCS1DigestInfo */ - break; -- case dsaKey: - case ecKey: -+ case dsaKey: - dsasig.data = cx->u.buffer; -- dsasig.len = SECKEY_SignatureLen(cx->key); -+ dsasig.len = checkedSignatureLen(cx->key); - if (dsasig.len == 0) { -+ /* Error set by checkedSignatureLen */ -+ rv = SECFailure; - break; - } -- if (PK11_Verify(cx->key, &dsasig, (SECItem *)digest, cx->wincx) != -- SECSuccess) { -+ if (dsasig.len > sizeof(cx->u)) { -+ PORT_SetError(SEC_ERROR_BAD_SIGNATURE); -+ rv = SECFailure; -+ break; -+ } -+ rv = PK11_Verify(cx->key, &dsasig, (SECItem *)digest, cx->wincx); -+ if (rv != SECSuccess) { - PORT_SetError(SEC_ERROR_BAD_SIGNATURE); -- } else { -- rv = SECSuccess; - } - break; - default: diff --git a/nss-3.72.tar.gz b/nss-3.85.tar.gz similarity index 84% rename from nss-3.72.tar.gz rename to nss-3.85.tar.gz index 03c18e014aaf6b74079f1f26cbf06790d78b9422..40f3a5939d1d0dc78bc7824d985b395298008fa1 100644 Binary files a/nss-3.72.tar.gz and b/nss-3.85.tar.gz differ diff --git a/nss-539183.patch b/nss-539183.patch deleted file mode 100644 index eda32492eff006038ccdadd229ff07c57fdd6ebb..0000000000000000000000000000000000000000 --- a/nss-539183.patch +++ /dev/null @@ -1,62 +0,0 @@ ---- ./nss/cmd/httpserv/httpserv.c.539183 2016-05-21 18:31:39.879585420 -0700 -+++ ./nss/cmd/httpserv/httpserv.c 2016-05-21 18:37:22.374464057 -0700 -@@ -953,23 +953,23 @@ - getBoundListenSocket(unsigned short port) - { - PRFileDesc *listen_sock; - int listenQueueDepth = 5 + (2 * maxThreads); - PRStatus prStatus; - PRNetAddr addr; - PRSocketOptionData opt; - -- addr.inet.family = PR_AF_INET; -- addr.inet.ip = PR_INADDR_ANY; -- addr.inet.port = PR_htons(port); -+ if (PR_SetNetAddr(PR_IpAddrAny, PR_AF_INET6, port, &addr) != PR_SUCCESS) { -+ errExit("PR_SetNetAddr"); -+ } - -- listen_sock = PR_NewTCPSocket(); -+ listen_sock = PR_OpenTCPSocket(PR_AF_INET6); - if (listen_sock == NULL) { -- errExit("PR_NewTCPSocket"); -+ errExit("PR_OpenTCPSockett"); - } - - opt.option = PR_SockOpt_Nonblocking; - opt.value.non_blocking = PR_FALSE; - prStatus = PR_SetSocketOption(listen_sock, &opt); - if (prStatus < 0) { - PR_Close(listen_sock); - errExit("PR_SetSocketOption(PR_SockOpt_Nonblocking)"); ---- ./nss/cmd/selfserv/selfserv.c.539183 2016-05-21 18:31:39.882585367 -0700 -+++ ./nss/cmd/selfserv/selfserv.c 2016-05-21 18:41:43.092801174 -0700 -@@ -1711,23 +1711,23 @@ - getBoundListenSocket(unsigned short port) - { - PRFileDesc *listen_sock; - int listenQueueDepth = 5 + (2 * maxThreads); - PRStatus prStatus; - PRNetAddr addr; - PRSocketOptionData opt; - -- addr.inet.family = PR_AF_INET; -- addr.inet.ip = PR_INADDR_ANY; -- addr.inet.port = PR_htons(port); -+ if (PR_SetNetAddr(PR_IpAddrAny, PR_AF_INET6, port, &addr) != PR_SUCCESS) { -+ errExit("PR_SetNetAddr"); -+ } - -- listen_sock = PR_NewTCPSocket(); -+ listen_sock = PR_OpenTCPSocket(PR_AF_INET6); - if (listen_sock == NULL) { -- errExit("PR_NewTCPSocket"); -+ errExit("PR_OpenTCPSocket error"); - } - - opt.option = PR_SockOpt_Nonblocking; - opt.value.non_blocking = PR_FALSE; - prStatus = PR_SetSocketOption(listen_sock, &opt); - if (prStatus < 0) { - PR_Close(listen_sock); - errExit("PR_SetSocketOption(PR_SockOpt_Nonblocking)"); diff --git a/nss.spec b/nss.spec index 18d84bc1503a23510bda9023291cdd07a5ff8af8..19b1012191897fdf227aaff06bc22021433c4d95 100644 --- a/nss.spec +++ b/nss.spec @@ -1,6 +1,6 @@ -%global nspr_version 4.26.0 -%global nss_version 3.72.0 -%global nss_archive_version 3.72 +%global nspr_version 4.35.0 +%global nss_version 3.85.0 +%global nss_archive_version 3.85 %global unsupported_tools_directory %{_libdir}/nss/unsupported-tools %global allTools "certutil cmsutil crlutil derdump modutil pk12util signtool signver ssltap vfychain vfyserv" @@ -14,7 +14,7 @@ Summary: Network Security Services Name: nss Version: %{nss_version} -Release: 6 +Release: 1 License: MPLv2.0 URL: http://www.mozilla.org/projects/security/pki/nss/ Provides: nss-system-init @@ -25,7 +25,7 @@ BuildRequires: nspr-devel >= %{nspr_version} nss-softokn sqlite-devel zlib-de BuildRequires: pkgconf gawk psmisc perl-interpreter gcc-c++ obsoletes: nss-sysinit < %{version}-%{release} -Source0: https://ftp.mozilla.org/pub/security/nss/releases/NSS_3_72_RTM/src/%{name}-%{nss_archive_version}.tar.gz +Source0: https://ftp.mozilla.org/pub/security/nss/releases/NSS_3_85_RTM/src/%{name}-%{nss_archive_version}.tar.gz Source1: nss-util.pc Source2: nss-util-config Source3: nss-softokn.pc @@ -39,9 +39,6 @@ Source13: blank-cert9.db Source14: blank-key4.db Source15: system-pkcs11.txt Source16: setup-nsssysinit.sh -Patch0: nss-539183.patch - -Patch6000: backport-CVE-2021-43527.patch # Feature: support sm2 and sm3 Patch9000: Feature-nss-add-implement-of-SM3-digest-algorithm.patch @@ -130,9 +127,7 @@ Help document for NSS %prep %setup -q -n %{name}-%{nss_archive_version} -%patch0 -p0 -b .539183 pushd nss -%patch6000 -p1 %patch9000 -p1 %patch9001 -p1 %patch9002 -p1 @@ -559,6 +554,9 @@ update-crypto-policies &>/dev/null||: %doc %{_mandir}/man* %changelog +* Tue Dec 27 2022 zhouchenchen - 3.85.0-1 +- update source0 url + * Wed Nov 23 2022 zhouchenchen - 3.72.0-6 - update source0 url