Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package mozilla-nss for openSUSE:Factory checked in at 2021-07-17 23:36:23 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/mozilla-nss (Old) and /work/SRC/openSUSE:Factory/.mozilla-nss.new.2632 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "mozilla-nss" Sat Jul 17 23:36:23 2021 rev:175 rq:906331 version:3.66 Changes: -------- --- /work/SRC/openSUSE:Factory/mozilla-nss/mozilla-nss.changes 2021-06-01 10:33:08.804372259 +0200 +++ /work/SRC/openSUSE:Factory/.mozilla-nss.new.2632/mozilla-nss.changes 2021-07-17 23:36:28.402046210 +0200 @@ -1,0 +2,21 @@ +Sat Jul 10 08:50:18 UTC 2021 - Wolfgang Rosenauer <[email protected]> + +- update to NSS 3.66 + * no releasenotes available yet + https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.66_release_notes +- update to NSS 3.65 + * bmo#1709654 - Update for NetBSD configuration. + * bmo#1709750 - Disable HPKE test when fuzzing. + * bmo#1566124 - Optimize AES-GCM for ppc64le. + * bmo#1699021 - Add AES-256-GCM to HPKE. + * bmo#1698419 - ECH -10 updates. + * bmo#1692930 - Update HPKE to final version. + * bmo#1707130 - NSS should use modern algorithms in PKCS#12 files by default. + * bmo#1703936 - New coverity/cpp scanner errors. + * bmo#1697303 - NSS needs to update it's csp clearing to FIPS 180-3 standards. + * bmo#1702663 - Need to support RSA PSS with Hashing PKCS #11 Mechanisms. + * bmo#1705119 - Deadlock when using GCM and non-thread safe tokens. +- refreshed patches +- Firefox 90.0 requires NSS 3.66 + +------------------------------------------------------------------- Old: ---- nss-3.64.tar.gz New: ---- nss-3.66.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ mozilla-nss.spec ++++++ --- /var/tmp/diff_new_pack.noOKCW/_old 2021-07-17 23:36:31.418022961 +0200 +++ /var/tmp/diff_new_pack.noOKCW/_new 2021-07-17 23:36:31.418022961 +0200 @@ -17,14 +17,14 @@ # -%global nss_softokn_fips_version 3.64 -%define NSPR_min_version 4.30 +%global nss_softokn_fips_version 3.66 +%define NSPR_min_version 4.31 %define nspr_ver %(rpm -q --queryformat '%%{VERSION}' mozilla-nspr) %define nssdbdir %{_sysconfdir}/pki/nssdb Name: mozilla-nss -Version: 3.64 +Version: 3.66 Release: 0 -%define underscore_version 3_64 +%define underscore_version 3_66 Summary: Network Security Services License: MPL-2.0 Group: System/Libraries ++++++ add-relro-linker-option.patch ++++++ --- /var/tmp/diff_new_pack.noOKCW/_old 2021-07-17 23:36:31.470022560 +0200 +++ /var/tmp/diff_new_pack.noOKCW/_new 2021-07-17 23:36:31.474022528 +0200 @@ -1,7 +1,8 @@ -diff -up nss/coreconf/Linux.mk.relro nss/coreconf/Linux.mk ---- nss/coreconf/Linux.mk.relro 2013-04-09 14:29:45.943228682 -0700 -+++ nss/coreconf/Linux.mk 2013-04-09 14:31:26.194953927 -0700 -@@ -174,6 +174,12 @@ endif +Index: nss/coreconf/Linux.mk +=================================================================== +--- nss.orig/coreconf/Linux.mk ++++ nss/coreconf/Linux.mk +@@ -183,6 +183,12 @@ endif endif endif ++++++ baselibs.conf ++++++ --- /var/tmp/diff_new_pack.noOKCW/_old 2021-07-17 23:36:31.486022436 +0200 +++ /var/tmp/diff_new_pack.noOKCW/_new 2021-07-17 23:36:31.490022406 +0200 @@ -1,5 +1,5 @@ mozilla-nss - requires "mozilla-nspr-<targettype> >= 4.30" + requires "mozilla-nspr-<targettype> >= 4.31" requires "libfreebl3-<targettype>" requires "libsoftokn3-<targettype>" requires "libnssckbi.so" ++++++ malloc.patch ++++++ --- /var/tmp/diff_new_pack.noOKCW/_old 2021-07-17 23:36:31.506022282 +0200 +++ /var/tmp/diff_new_pack.noOKCW/_new 2021-07-17 23:36:31.510022251 +0200 @@ -1,8 +1,8 @@ -diff --git a/tests/ssl/ssl.sh b/tests/ssl/ssl.sh -index c1730d8..5eee525 100755 ---- a/tests/ssl/ssl.sh -+++ b/tests/ssl/ssl.sh -@@ -1449,6 +1449,7 @@ ssl_run_tests() +Index: nss/tests/ssl/ssl.sh +=================================================================== +--- nss.orig/tests/ssl/ssl.sh ++++ nss/tests/ssl/ssl.sh +@@ -1683,6 +1683,7 @@ ssl_run_tests() ################################# main ################################# ++++++ nss-3.64.tar.gz -> nss-3.66.tar.gz ++++++ /work/SRC/openSUSE:Factory/mozilla-nss/nss-3.64.tar.gz /work/SRC/openSUSE:Factory/.mozilla-nss.new.2632/nss-3.66.tar.gz differ: char 5, line 1 ++++++ nss-fips-approved-crypto-non-ec.patch ++++++ --- /var/tmp/diff_new_pack.noOKCW/_old 2021-07-17 23:36:31.554021912 +0200 +++ /var/tmp/diff_new_pack.noOKCW/_new 2021-07-17 23:36:31.558021881 +0200 @@ -6,9 +6,10 @@ # Parent 3f4d682c9a1e8b3d939c744ee249e23179db5191 imported patch nss-fips-approved-crypto-non-ec.patch -diff --git a/lib/freebl/deprecated/alg2268.c b/lib/freebl/deprecated/alg2268.c ---- a/lib/freebl/deprecated/alg2268.c -+++ b/lib/freebl/deprecated/alg2268.c +Index: nss/lib/freebl/deprecated/alg2268.c +=================================================================== +--- nss.orig/lib/freebl/deprecated/alg2268.c ++++ nss/lib/freebl/deprecated/alg2268.c @@ -16,6 +16,8 @@ #include <stddef.h> /* for ptrdiff_t */ #endif @@ -18,7 +19,7 @@ /* ** RC2 symmetric block cypher */ -@@ -119,6 +121,7 @@ +@@ -119,6 +121,7 @@ static const PRUint8 S[256] = { RC2Context * RC2_AllocateContext(void) { @@ -26,7 +27,7 @@ return PORT_ZNew(RC2Context); } SECStatus -@@ -133,6 +136,8 @@ +@@ -133,6 +136,8 @@ RC2_InitContext(RC2Context *cx, const un #endif PRUint8 tmpB; @@ -35,7 +36,7 @@ if (!key || !cx || !len || len > (sizeof cx->B) || efLen8 > (sizeof cx->B)) { PORT_SetError(SEC_ERROR_INVALID_ARGS); -@@ -204,7 +209,11 @@ +@@ -204,7 +209,11 @@ RC2Context * RC2_CreateContext(const unsigned char *key, unsigned int len, const unsigned char *iv, int mode, unsigned efLen8) { @@ -48,7 +49,7 @@ if (cx) { SECStatus rv = RC2_InitContext(cx, key, len, iv, mode, efLen8, 0); if (rv != SECSuccess) { -@@ -456,7 +465,11 @@ +@@ -456,7 +465,11 @@ RC2_Encrypt(RC2Context *cx, unsigned cha unsigned int *outputLen, unsigned int maxOutputLen, const unsigned char *input, unsigned int inputLen) { @@ -61,7 +62,7 @@ if (inputLen) { if (inputLen % RC2_BLOCK_SIZE) { PORT_SetError(SEC_ERROR_INPUT_LEN); -@@ -490,7 +503,11 @@ +@@ -490,7 +503,11 @@ RC2_Decrypt(RC2Context *cx, unsigned cha unsigned int *outputLen, unsigned int maxOutputLen, const unsigned char *input, unsigned int inputLen) { @@ -74,9 +75,10 @@ if (inputLen) { if (inputLen % RC2_BLOCK_SIZE) { PORT_SetError(SEC_ERROR_INPUT_LEN); -diff --git a/lib/freebl/arcfour.c b/lib/freebl/arcfour.c ---- a/lib/freebl/arcfour.c -+++ b/lib/freebl/arcfour.c +Index: nss/lib/freebl/arcfour.c +=================================================================== +--- nss.orig/lib/freebl/arcfour.c ++++ nss/lib/freebl/arcfour.c @@ -13,6 +13,7 @@ #include "prtypes.h" @@ -85,7 +87,7 @@ /* Architecture-dependent defines */ -@@ -108,6 +109,7 @@ +@@ -108,6 +109,7 @@ static const Stype Kinit[256] = { RC4Context * RC4_AllocateContext(void) { @@ -93,7 +95,7 @@ return PORT_ZNew(RC4Context); } -@@ -121,6 +123,8 @@ +@@ -121,6 +123,8 @@ RC4_InitContext(RC4Context *cx, const un PRUint8 K[256]; PRUint8 *L; @@ -102,7 +104,7 @@ /* verify the key length. */ PORT_Assert(len > 0 && len < ARCFOUR_STATE_SIZE); if (len == 0 || len >= ARCFOUR_STATE_SIZE) { -@@ -162,7 +166,11 @@ +@@ -162,7 +166,11 @@ RC4_InitContext(RC4Context *cx, const un RC4Context * RC4_CreateContext(const unsigned char *key, int len) { @@ -115,7 +117,7 @@ if (cx) { SECStatus rv = RC4_InitContext(cx, key, len, NULL, 0, 0, 0); if (rv != SECSuccess) { -@@ -176,6 +184,7 @@ +@@ -176,6 +184,7 @@ RC4_CreateContext(const unsigned char *k void RC4_DestroyContext(RC4Context *cx, PRBool freeit) { @@ -123,7 +125,7 @@ if (freeit) PORT_ZFree(cx, sizeof(*cx)); } -@@ -548,6 +557,8 @@ +@@ -548,6 +557,8 @@ RC4_Encrypt(RC4Context *cx, unsigned cha unsigned int *outputLen, unsigned int maxOutputLen, const unsigned char *input, unsigned int inputLen) { @@ -132,7 +134,7 @@ PORT_Assert(maxOutputLen >= inputLen); if (maxOutputLen < inputLen) { PORT_SetError(SEC_ERROR_OUTPUT_LEN); -@@ -571,6 +582,8 @@ +@@ -571,6 +582,8 @@ RC4_Decrypt(RC4Context *cx, unsigned cha unsigned int *outputLen, unsigned int maxOutputLen, const unsigned char *input, unsigned int inputLen) { @@ -141,9 +143,10 @@ PORT_Assert(maxOutputLen >= inputLen); if (maxOutputLen < inputLen) { PORT_SetError(SEC_ERROR_OUTPUT_LEN); -diff --git a/lib/freebl/deprecated/seed.c b/lib/freebl/deprecated/seed.c ---- a/lib/freebl/deprecated/seed.c -+++ b/lib/freebl/deprecated/seed.c +Index: nss/lib/freebl/deprecated/seed.c +=================================================================== +--- nss.orig/lib/freebl/deprecated/seed.c ++++ nss/lib/freebl/deprecated/seed.c @@ -17,6 +17,8 @@ #include "seed.h" #include "secerr.h" @@ -153,7 +156,7 @@ static const seed_word SS[4][256] = { { 0x2989a1a8, 0x05858184, 0x16c6d2d4, 0x13c3d3d0, 0x14445054, 0x1d0d111c, 0x2c8ca0ac, 0x25052124, -@@ -301,6 +303,8 @@ +@@ -301,6 +303,8 @@ SEED_set_key(const unsigned char rawkey[ seed_word K0, K1, K2, K3; seed_word t0, t1; @@ -162,7 +165,7 @@ char2word(rawkey, K0); char2word(rawkey + 4, K1); char2word(rawkey + 8, K2); -@@ -349,6 +353,8 @@ +@@ -349,6 +353,8 @@ SEED_encrypt(const unsigned char s[SEED_ seed_word L0, L1, R0, R1; seed_word t0, t1; @@ -171,7 +174,7 @@ char2word(s, L0); char2word(s + 4, L1); char2word(s + 8, R0); -@@ -385,6 +391,8 @@ +@@ -385,6 +391,8 @@ SEED_decrypt(const unsigned char s[SEED_ seed_word L0, L1, R0, R1; seed_word t0, t1; @@ -180,7 +183,7 @@ char2word(s, L0); char2word(s + 4, L1); char2word(s + 8, R0); -@@ -419,6 +427,8 @@ +@@ -419,6 +427,8 @@ SEED_ecb_encrypt(const unsigned char *in size_t inLen, const SEED_KEY_SCHEDULE *ks, int enc) { @@ -189,7 +192,7 @@ if (enc) { while (inLen > 0) { SEED_encrypt(in, out, ks); -@@ -445,6 +455,8 @@ +@@ -445,6 +455,8 @@ SEED_cbc_encrypt(const unsigned char *in unsigned char tmp[SEED_BLOCK_SIZE]; const unsigned char *iv = ivec; @@ -198,7 +201,7 @@ if (enc) { while (len >= SEED_BLOCK_SIZE) { for (n = 0; n < SEED_BLOCK_SIZE; ++n) { -@@ -528,6 +540,7 @@ +@@ -528,6 +540,7 @@ SEED_cbc_encrypt(const unsigned char *in SEEDContext * SEED_AllocateContext(void) { @@ -206,7 +209,7 @@ return PORT_ZNew(SEEDContext); } -@@ -536,6 +549,8 @@ +@@ -536,6 +549,8 @@ SEED_InitContext(SEEDContext *cx, const unsigned int keylen, const unsigned char *iv, int mode, unsigned int encrypt, unsigned int unused) { @@ -215,7 +218,7 @@ if (!cx) { PORT_SetError(SEC_ERROR_INVALID_ARGS); return SECFailure; -@@ -567,10 +582,14 @@ +@@ -567,10 +582,14 @@ SEEDContext * SEED_CreateContext(const unsigned char *key, const unsigned char *iv, int mode, PRBool encrypt) { @@ -224,16 +227,16 @@ - encrypt, 0); + SEEDContext *cx; + SECStatus rv; - -+ IN_FIPS_RETURN(NULL); + ++ IN_FIPS_RETURN(NULL); + + cx = PORT_ZNew(SEEDContext); + rv = SEED_InitContext(cx, key, SEED_KEY_LENGTH, iv, mode, + encrypt, 0); if (rv != SECSuccess) { PORT_ZFree(cx, sizeof *cx); cx = NULL; -@@ -595,6 +614,8 @@ +@@ -595,6 +614,8 @@ SEED_Encrypt(SEEDContext *cx, unsigned c unsigned int maxOutLen, const unsigned char *in, unsigned int inLen) { @@ -242,7 +245,7 @@ if (!cx) { PORT_SetError(SEC_ERROR_INVALID_ARGS); return SECFailure; -@@ -635,6 +656,8 @@ +@@ -635,6 +656,8 @@ SEED_Decrypt(SEEDContext *cx, unsigned c unsigned int maxOutLen, const unsigned char *in, unsigned int inLen) { @@ -251,9 +254,10 @@ if (!cx) { PORT_SetError(SEC_ERROR_INVALID_ARGS); return SECFailure; -diff --git a/lib/freebl/fips.h b/lib/freebl/fips.h ---- a/lib/freebl/fips.h -+++ b/lib/freebl/fips.h +Index: nss/lib/freebl/fips.h +=================================================================== +--- nss.orig/lib/freebl/fips.h ++++ nss/lib/freebl/fips.h @@ -8,8 +8,20 @@ #ifndef FIPS_H #define FIPS_H @@ -275,9 +279,10 @@ #endif -diff --git a/lib/freebl/md2.c b/lib/freebl/md2.c ---- a/lib/freebl/md2.c -+++ b/lib/freebl/md2.c +Index: nss/lib/freebl/md2.c +=================================================================== +--- nss.orig/lib/freebl/md2.c ++++ nss/lib/freebl/md2.c @@ -13,6 +13,8 @@ #include "blapi.h" @@ -287,7 +292,7 @@ #define MD2_DIGEST_LEN 16 #define MD2_BUFSIZE 16 #define MD2_X_SIZE 48 /* The X array, [CV | INPUT | TMP VARS] */ -@@ -66,7 +68,11 @@ +@@ -66,7 +68,11 @@ SECStatus MD2_Hash(unsigned char *dest, const char *src) { unsigned int len; @@ -300,7 +305,7 @@ if (!cx) { PORT_SetError(PR_OUT_OF_MEMORY_ERROR); return SECFailure; -@@ -81,7 +87,11 @@ +@@ -81,7 +87,11 @@ MD2_Hash(unsigned char *dest, const char MD2Context * MD2_NewContext(void) { @@ -313,7 +318,7 @@ if (cx == NULL) { PORT_SetError(PR_OUT_OF_MEMORY_ERROR); return NULL; -@@ -99,6 +109,8 @@ +@@ -99,6 +109,8 @@ MD2_DestroyContext(MD2Context *cx, PRBoo void MD2_Begin(MD2Context *cx) { @@ -322,7 +327,7 @@ memset(cx, 0, sizeof(*cx)); cx->unusedBuffer = MD2_BUFSIZE; } -@@ -196,6 +208,8 @@ +@@ -196,6 +208,8 @@ MD2_Update(MD2Context *cx, const unsigne { PRUint32 bytesToConsume; @@ -331,7 +336,7 @@ /* Fill the remaining input buffer. */ if (cx->unusedBuffer != MD2_BUFSIZE) { bytesToConsume = PR_MIN(inputLen, cx->unusedBuffer); -@@ -226,6 +240,9 @@ +@@ -226,6 +240,9 @@ MD2_End(MD2Context *cx, unsigned char *d unsigned int *digestLen, unsigned int maxDigestLen) { PRUint8 padStart; @@ -341,9 +346,10 @@ if (maxDigestLen < MD2_BUFSIZE) { PORT_SetError(SEC_ERROR_INVALID_ARGS); return; -diff --git a/lib/freebl/md5.c b/lib/freebl/md5.c ---- a/lib/freebl/md5.c -+++ b/lib/freebl/md5.c +Index: nss/lib/freebl/md5.c +=================================================================== +--- nss.orig/lib/freebl/md5.c ++++ nss/lib/freebl/md5.c @@ -15,6 +15,8 @@ #include "blapi.h" #include "blapii.h" @@ -353,7 +359,7 @@ #define MD5_HASH_LEN 16 #define MD5_BUFFER_SIZE 64 #define MD5_END_BUFFER (MD5_BUFFER_SIZE - 8) -@@ -195,6 +197,7 @@ +@@ -195,6 +197,7 @@ struct MD5ContextStr { SECStatus MD5_Hash(unsigned char *dest, const char *src) { @@ -361,7 +367,7 @@ return MD5_HashBuf(dest, (const unsigned char *)src, PORT_Strlen(src)); } -@@ -204,6 +207,8 @@ +@@ -204,6 +207,8 @@ MD5_HashBuf(unsigned char *dest, const u unsigned int len; MD5Context cx; @@ -370,7 +376,7 @@ MD5_Begin(&cx); MD5_Update(&cx, src, src_length); MD5_End(&cx, dest, &len, MD5_HASH_LEN); -@@ -215,7 +220,11 @@ +@@ -215,7 +220,11 @@ MD5Context * MD5_NewContext(void) { /* no need to ZAlloc, MD5_Begin will init the context */ @@ -383,7 +389,7 @@ if (cx == NULL) { PORT_SetError(PR_OUT_OF_MEMORY_ERROR); return NULL; -@@ -226,7 +235,8 @@ +@@ -226,7 +235,8 @@ MD5_NewContext(void) void MD5_DestroyContext(MD5Context *cx, PRBool freeit) { @@ -393,7 +399,7 @@ if (freeit) { PORT_Free(cx); } -@@ -235,6 +245,8 @@ +@@ -235,6 +245,8 @@ MD5_DestroyContext(MD5Context *cx, PRBoo void MD5_Begin(MD5Context *cx) { @@ -402,7 +408,7 @@ cx->lsbInput = 0; cx->msbInput = 0; /* memset(cx->inBuf, 0, sizeof(cx->inBuf)); */ -@@ -425,6 +437,8 @@ +@@ -425,6 +437,8 @@ MD5_Update(MD5Context *cx, const unsigne PRUint32 inBufIndex = cx->lsbInput & 63; const PRUint32 *wBuf; @@ -411,7 +417,7 @@ /* Add the number of input bytes to the 64-bit input counter. */ addto64(cx->msbInput, cx->lsbInput, inputLen); if (inBufIndex) { -@@ -498,6 +512,8 @@ +@@ -498,6 +512,8 @@ MD5_End(MD5Context *cx, unsigned char *d PRUint32 lowInput, highInput; PRUint32 inBufIndex = cx->lsbInput & 63; @@ -420,7 +426,7 @@ if (maxDigestLen < MD5_HASH_LEN) { PORT_SetError(SEC_ERROR_INVALID_ARGS); return; -@@ -546,6 +562,8 @@ +@@ -546,6 +562,8 @@ MD5_EndRaw(MD5Context *cx, unsigned char #endif PRUint32 cv[4]; @@ -429,9 +435,10 @@ if (maxDigestLen < MD5_HASH_LEN) { PORT_SetError(SEC_ERROR_INVALID_ARGS); return; -diff --git a/lib/freebl/nsslowhash.c b/lib/freebl/nsslowhash.c ---- a/lib/freebl/nsslowhash.c -+++ b/lib/freebl/nsslowhash.c +Index: nss/lib/freebl/nsslowhash.c +=================================================================== +--- nss.orig/lib/freebl/nsslowhash.c ++++ nss/lib/freebl/nsslowhash.c @@ -12,6 +12,7 @@ #include "plhash.h" #include "nsslowhash.h" @@ -440,7 +447,7 @@ struct NSSLOWInitContextStr { int count; -@@ -92,6 +93,12 @@ +@@ -92,6 +93,12 @@ NSSLOWHASH_NewContext(NSSLOWInitContext { NSSLOWHASHContext *context; @@ -453,9 +460,10 @@ if (post_failed) { PORT_SetError(SEC_ERROR_PKCS11_DEVICE_ERROR); return NULL; -diff --git a/lib/freebl/rawhash.c b/lib/freebl/rawhash.c ---- a/lib/freebl/rawhash.c -+++ b/lib/freebl/rawhash.c +Index: nss/lib/freebl/rawhash.c +=================================================================== +--- nss.orig/lib/freebl/rawhash.c ++++ nss/lib/freebl/rawhash.c @@ -10,6 +10,7 @@ #include "hasht.h" #include "blapi.h" /* below the line */ @@ -464,7 +472,7 @@ static void * null_hash_new_context(void) -@@ -146,7 +147,8 @@ +@@ -146,7 +147,8 @@ const SECHashObject SECRawHashObjects[] const SECHashObject * HASH_GetRawHashObject(HASH_HashType hashType) { @@ -474,15 +482,16 @@ PORT_SetError(SEC_ERROR_INVALID_ARGS); return NULL; } -diff --git a/lib/softoken/pkcs11c.c b/lib/softoken/pkcs11c.c ---- a/lib/softoken/pkcs11c.c -+++ b/lib/softoken/pkcs11c.c -@@ -7282,7 +7282,7 @@ +Index: nss/lib/softoken/pkcs11c.c +=================================================================== +--- nss.orig/lib/softoken/pkcs11c.c ++++ nss/lib/softoken/pkcs11c.c +@@ -7491,7 +7491,7 @@ NSC_DeriveKey(CK_SESSION_HANDLE hSession } else { /* now allocate the hash contexts */ md5 = MD5_NewContext(); - if (md5 == NULL) { + if (md5 == NULL && !isTLS) { + PORT_Memset(crsrdata, 0, sizeof crsrdata); crv = CKR_HOST_MEMORY; break; - } ++++++ nss-fips-cavs-general.patch ++++++ --- /var/tmp/diff_new_pack.noOKCW/_old 2021-07-17 23:36:31.566021819 +0200 +++ /var/tmp/diff_new_pack.noOKCW/_new 2021-07-17 23:36:31.566021819 +0200 @@ -6,9 +6,10 @@ # Parent 60c5e5d73ce1177fa66d8fd6cf49d9b371ca9be4 imported patch nss-fips-cavs-general.patch -diff --git a/cmd/fipstest/fipstest.c b/cmd/fipstest/fipstest.c ---- a/cmd/fipstest/fipstest.c -+++ b/cmd/fipstest/fipstest.c +Index: nss/cmd/fipstest/fipstest.c +=================================================================== +--- nss.orig/cmd/fipstest/fipstest.c ++++ nss/cmd/fipstest/fipstest.c @@ -5,6 +5,7 @@ #include <stdio.h> #include <stdlib.h> @@ -27,7 +28,7 @@ #define __PASTE(x, y) x##y #undef CK_PKCS11_FUNCTION_INFO #undef CK_NEED_ARG_LIST -@@ -55,6 +59,10 @@ +@@ -55,6 +59,10 @@ EC_CopyParams(PLArenaPool *arena, ECPara #define RSA_MAX_TEST_EXPONENT_BYTES 8 #define PQG_TEST_SEED_BYTES 20 @@ -38,7 +39,7 @@ SECStatus hex_to_byteval(const char *c2, unsigned char *byteval) { -@@ -168,6 +176,62 @@ +@@ -168,6 +176,62 @@ from_hex_str(unsigned char *buf, unsigne return PR_TRUE; } @@ -101,7 +102,7 @@ SECStatus tdea_encrypt_buf( int mode, -@@ -8930,41 +8994,6 @@ +@@ -8930,41 +8994,6 @@ out: } } @@ -143,7 +144,7 @@ void kas_ffc_test(char *reqfn, int do_validity) { -@@ -9387,12 +9416,34 @@ +@@ -9387,12 +9416,34 @@ out: free_param_specs (pspecs); } @@ -178,9 +179,10 @@ RNG_RNGInit(); SECOID_Init(); -diff --git a/lib/freebl/freebl.def b/lib/freebl/freebl.def ---- a/lib/freebl/freebl.def -+++ b/lib/freebl/freebl.def +Index: nss/lib/freebl/freebl.def +=================================================================== +--- nss.orig/lib/freebl/freebl.def ++++ nss/lib/freebl/freebl.def @@ -21,6 +21,7 @@ LIBRARY freebl3 ;- EXPORTS ;- @@ -189,9 +191,10 @@ ;+ local: ;+ *; ;+}; -diff --git a/lib/freebl/freebl_hash.def b/lib/freebl/freebl_hash.def ---- a/lib/freebl/freebl_hash.def -+++ b/lib/freebl/freebl_hash.def +Index: nss/lib/freebl/freebl_hash.def +=================================================================== +--- nss.orig/lib/freebl/freebl_hash.def ++++ nss/lib/freebl/freebl_hash.def @@ -21,6 +21,7 @@ LIBRARY freebl3 ;- EXPORTS ;- @@ -200,9 +203,10 @@ ;+ local: ;+ *; ;+}; -diff --git a/lib/freebl/freebl_hash_vector.def b/lib/freebl/freebl_hash_vector.def ---- a/lib/freebl/freebl_hash_vector.def -+++ b/lib/freebl/freebl_hash_vector.def +Index: nss/lib/freebl/freebl_hash_vector.def +=================================================================== +--- nss.orig/lib/freebl/freebl_hash_vector.def ++++ nss/lib/freebl/freebl_hash_vector.def @@ -21,6 +21,7 @@ LIBRARY freebl3 ;- EXPORTS ;- @@ -211,10 +215,11 @@ ;+ local: ;+ *; ;+}; -diff --git a/lib/freebl/pqg.c b/lib/freebl/pqg.c ---- a/lib/freebl/pqg.c -+++ b/lib/freebl/pqg.c -@@ -1231,7 +1231,8 @@ +Index: nss/lib/freebl/pqg.c +=================================================================== +--- nss.orig/lib/freebl/pqg.c ++++ nss/lib/freebl/pqg.c +@@ -1242,7 +1242,8 @@ cleanup: **/ static SECStatus pqg_ParamGen(unsigned int L, unsigned int N, pqgGenType type, @@ -224,7 +229,7 @@ { unsigned int n; /* Per FIPS 186, app 2.2. 186-3 app A.1.1.2 */ unsigned int seedlen; /* Per FIPS 186-3 app A.1.1.2 (was 'g' 186-1)*/ -@@ -1239,7 +1240,6 @@ +@@ -1250,7 +1251,6 @@ pqg_ParamGen(unsigned int L, unsigned in unsigned int offset; /* Per FIPS 186, app 2.2. 186-3 app A.1.1.2 */ unsigned int outlen; /* Per FIPS 186-3, appendix A.1.1.2. */ unsigned int maxCount; @@ -232,7 +237,7 @@ SECItem *seed; /* Per FIPS 186, app 2.2. 186-3 app A.1.1.2 */ PLArenaPool *arena = NULL; PQGParams *params = NULL; -@@ -1290,7 +1290,8 @@ +@@ -1301,7 +1301,8 @@ pqg_ParamGen(unsigned int L, unsigned in /* fill in P Q, */ SECITEM_TO_MPINT((*pParams)->prime, &P); SECITEM_TO_MPINT((*pParams)->subPrime, &Q); @@ -242,7 +247,7 @@ CHECK_SEC_OK(makeGfromIndex(hashtype, &P, &Q, &(*pVfy)->seed, (*pVfy)->h.data[0], &G)); MPINT_TO_SECITEM(&G, &(*pParams)->base, (*pParams)->arena); -@@ -1330,7 +1331,8 @@ +@@ -1341,7 +1342,8 @@ pqg_ParamGen(unsigned int L, unsigned in /* Select Hash and Compute lengths. */ /* getFirstHash gives us the smallest acceptable hash for this key * strength */ @@ -252,7 +257,7 @@ outlen = HASH_ResultLen(hashtype) * PR_BITS_PER_BYTE; /* Step 3: n = Ceil(L/outlen)-1; (same as n = Floor((L-1)/outlen)) */ -@@ -1532,6 +1534,10 @@ +@@ -1543,6 +1545,10 @@ generate_G: verify->counter = counter; *pParams = params; *pVfy = verify; @@ -262,8 +267,8 @@ + cleanup: if (pseed.data) { - PORT_Free(pseed.data); -@@ -1576,7 +1582,7 @@ + SECITEM_ZfreeItem(&pseed, PR_FALSE); +@@ -1587,7 +1593,7 @@ PQG_ParamGen(unsigned int j, PQGParams * L = 512 + (j * 64); /* bits in P */ seedBytes = L / 8; return pqg_ParamGen(L, DSA1_Q_BITS, FIPS186_1_TYPE, seedBytes, @@ -272,7 +277,7 @@ } SECStatus -@@ -1591,7 +1597,7 @@ +@@ -1602,7 +1608,7 @@ PQG_ParamGenSeedLen(unsigned int j, unsi } L = 512 + (j * 64); /* bits in P */ return pqg_ParamGen(L, DSA1_Q_BITS, FIPS186_1_TYPE, seedBytes, @@ -281,7 +286,7 @@ } SECStatus -@@ -1609,7 +1615,26 @@ +@@ -1620,7 +1626,26 @@ PQG_ParamGenV2(unsigned int L, unsigned /* error code already set */ return SECFailure; } ++++++ nss-fips-combined-hash-sign-dsa-ecdsa.patch ++++++ --- /var/tmp/diff_new_pack.noOKCW/_old 2021-07-17 23:36:31.582021696 +0200 +++ /var/tmp/diff_new_pack.noOKCW/_new 2021-07-17 23:36:31.586021665 +0200 @@ -12,10 +12,10 @@ lib/softoken/softoken.h | 10 ++ 4 files changed, 169 insertions(+), 70 deletions(-) -diff --git a/cmd/lib/pk11table.c b/cmd/lib/pk11table.c -index f7a45fa..d302436 100644 ---- a/cmd/lib/pk11table.c -+++ b/cmd/lib/pk11table.c +Index: nss/cmd/lib/pk11table.c +=================================================================== +--- nss.orig/cmd/lib/pk11table.c ++++ nss/cmd/lib/pk11table.c @@ -273,6 +273,10 @@ const Constant _consts[] = { mkEntry(CKM_DSA_KEY_PAIR_GEN, Mechanism), mkEntry(CKM_DSA, Mechanism), @@ -38,11 +38,11 @@ mkEntry(CKM_ECDH1_DERIVE, Mechanism), mkEntry(CKM_ECDH1_COFACTOR_DERIVE, Mechanism), mkEntry(CKM_ECMQV_DERIVE, Mechanism), -diff --git a/lib/pk11wrap/pk11mech.c b/lib/pk11wrap/pk11mech.c -index d94d59a..ac280f0 100644 ---- a/lib/pk11wrap/pk11mech.c -+++ b/lib/pk11wrap/pk11mech.c -@@ -376,6 +376,10 @@ PK11_GetKeyType(CK_MECHANISM_TYPE type, unsigned long len) +Index: nss/lib/pk11wrap/pk11mech.c +=================================================================== +--- nss.orig/lib/pk11wrap/pk11mech.c ++++ nss/lib/pk11wrap/pk11mech.c +@@ -376,6 +376,10 @@ PK11_GetKeyType(CK_MECHANISM_TYPE type, return CKK_RSA; case CKM_DSA: case CKM_DSA_SHA1: @@ -53,7 +53,7 @@ case CKM_DSA_KEY_PAIR_GEN: return CKK_DSA; case CKM_DH_PKCS_DERIVE: -@@ -386,6 +390,10 @@ PK11_GetKeyType(CK_MECHANISM_TYPE type, unsigned long len) +@@ -386,6 +390,10 @@ PK11_GetKeyType(CK_MECHANISM_TYPE type, return CKK_KEA; case CKM_ECDSA: case CKM_ECDSA_SHA1: @@ -64,11 +64,11 @@ case CKM_EC_KEY_PAIR_GEN: /* aka CKM_ECDSA_KEY_PAIR_GEN */ case CKM_ECDH1_DERIVE: return CKK_EC; /* CKK_ECDSA is deprecated */ -diff --git a/lib/softoken/pkcs11c.c b/lib/softoken/pkcs11c.c -index 08f94bc..ec6b205 100644 ---- a/lib/softoken/pkcs11c.c -+++ b/lib/softoken/pkcs11c.c -@@ -2606,7 +2606,7 @@ nsc_DSA_Verify_Stub(void *ctx, void *sigBuf, unsigned int sigLen, +Index: nss/lib/softoken/pkcs11c.c +=================================================================== +--- nss.orig/lib/softoken/pkcs11c.c ++++ nss/lib/softoken/pkcs11c.c +@@ -2675,7 +2675,7 @@ nsc_DSA_Verify_Stub(void *ctx, void *sig static SECStatus nsc_DSA_Sign_Stub(void *ctx, void *sigBuf, unsigned int *sigLen, unsigned int maxSigLen, @@ -77,7 +77,7 @@ { SECItem signature, digest; SECStatus rv; -@@ -2624,6 +2624,22 @@ nsc_DSA_Sign_Stub(void *ctx, void *sigBuf, +@@ -2693,6 +2693,22 @@ nsc_DSA_Sign_Stub(void *ctx, void *sigBu return rv; } @@ -100,7 +100,7 @@ static SECStatus nsc_ECDSAVerifyStub(void *ctx, void *sigBuf, unsigned int sigLen, void *dataBuf, unsigned int dataLen) -@@ -2641,7 +2657,7 @@ nsc_ECDSAVerifyStub(void *ctx, void *sigBuf, unsigned int sigLen, +@@ -2710,7 +2726,7 @@ nsc_ECDSAVerifyStub(void *ctx, void *sig static SECStatus nsc_ECDSASignStub(void *ctx, void *sigBuf, unsigned int *sigLen, unsigned int maxSigLen, @@ -109,7 +109,7 @@ { SECItem signature, digest; SECStatus rv; -@@ -2659,6 +2675,22 @@ nsc_ECDSASignStub(void *ctx, void *sigBuf, +@@ -2728,6 +2744,22 @@ nsc_ECDSASignStub(void *ctx, void *sigBu return rv; } @@ -132,7 +132,7 @@ /* NSC_SignInit setups up the signing operations. There are three basic * types of signing: * (1) the tradition single part, where "Raw RSA" or "Raw DSA" is applied -@@ -3511,6 +3543,22 @@ NSC_VerifyInit(CK_SESSION_HANDLE hSession, +@@ -3597,6 +3629,22 @@ NSC_VerifyInit(CK_SESSION_HANDLE hSessio info->hashOid = SEC_OID_##mmm; \ goto finish_rsa; @@ -155,51 +155,7 @@ switch (pMechanism->mechanism) { INIT_RSA_VFY_MECH(MD5) INIT_RSA_VFY_MECH(MD2) -@@ -3575,13 +3623,15 @@ NSC_VerifyInit(CK_SESSION_HANDLE hSession, - context->destroy = (SFTKDestroy)sftk_Space; - context->verify = (SFTKVerify)sftk_RSACheckSignPSS; - break; -- case CKM_DSA_SHA1: -- context->multi = PR_TRUE; -- crv = sftk_doSubSHA1(context); -- if (crv != CKR_OK) -- break; -- /* fall through */ -+ -+ INIT_DSA_VFY_MECH(SHA1) -+ INIT_DSA_VFY_MECH(SHA224) -+ INIT_DSA_VFY_MECH(SHA256) -+ INIT_DSA_VFY_MECH(SHA384) -+ INIT_DSA_VFY_MECH(SHA512) -+ - case CKM_DSA: -+ finish_dsa: - if (key_type != CKK_DSA) { - crv = CKR_KEY_TYPE_INCONSISTENT; - break; -@@ -3594,13 +3644,15 @@ NSC_VerifyInit(CK_SESSION_HANDLE hSession, - context->verify = (SFTKVerify)nsc_DSA_Verify_Stub; - context->destroy = sftk_Null; - break; -- case CKM_ECDSA_SHA1: -- context->multi = PR_TRUE; -- crv = sftk_doSubSHA1(context); -- if (crv != CKR_OK) -- break; -- /* fall through */ -+ -+ INIT_ECDSA_VFY_MECH(SHA1) -+ INIT_ECDSA_VFY_MECH(SHA224) -+ INIT_ECDSA_VFY_MECH(SHA256) -+ INIT_ECDSA_VFY_MECH(SHA384) -+ INIT_ECDSA_VFY_MECH(SHA512) -+ - case CKM_ECDSA: -+ finish_ecdsa: - if (key_type != CKK_EC) { - crv = CKR_KEY_TYPE_INCONSISTENT; - break; -@@ -4733,6 +4785,73 @@ loser: +@@ -4825,6 +4873,73 @@ loser: #define PAIRWISE_DIGEST_LENGTH SHA224_LENGTH /* 224-bits */ #define PAIRWISE_MESSAGE_LENGTH 20 /* 160-bits */ @@ -273,7 +229,7 @@ /* * FIPS 140-2 pairwise consistency check utilized to validate key pair. * -@@ -4780,8 +4899,6 @@ sftk_PairwiseConsistencyCheck(CK_SESSION_HANDLE hSession, +@@ -4878,8 +4993,6 @@ sftk_PairwiseConsistencyCheck(CK_SESSION /* Variables used for Signature/Verification functions. */ /* Must be at least 256 bits for DSA2 digest */ @@ -282,7 +238,7 @@ CK_ULONG signature_length; if (keyType == CKK_RSA) { -@@ -4935,76 +5052,32 @@ sftk_PairwiseConsistencyCheck(CK_SESSION_HANDLE hSession, +@@ -5033,76 +5146,32 @@ sftk_PairwiseConsistencyCheck(CK_SESSION } } @@ -369,11 +325,11 @@ if (crv != CKR_OK) { return crv; } -diff --git a/lib/softoken/softoken.h b/lib/softoken/softoken.h -index 30586fc..d5aaffa 100644 ---- a/lib/softoken/softoken.h -+++ b/lib/softoken/softoken.h -@@ -35,6 +35,16 @@ RSA_HashCheckSign(SECOidTag hashOid, NSSLOWKEYPublicKey *key, +Index: nss/lib/softoken/softoken.h +=================================================================== +--- nss.orig/lib/softoken/softoken.h ++++ nss/lib/softoken/softoken.h +@@ -35,6 +35,16 @@ RSA_HashCheckSign(SECOidTag hashOid, NSS const unsigned char *sig, unsigned int sigLen, const unsigned char *hash, unsigned int hashLen); @@ -390,6 +346,3 @@ /* ** Prepare a buffer for padded CBC encryption, growing to the appropriate ** boundary, filling with the appropriate padding. --- -2.26.2 - ++++++ nss-fips-constructor-self-tests.patch ++++++ ++++ 881 lines (skipped) ++++ between /work/SRC/openSUSE:Factory/mozilla-nss/nss-fips-constructor-self-tests.patch ++++ and /work/SRC/openSUSE:Factory/.mozilla-nss.new.2632/nss-fips-constructor-self-tests.patch ++++++ nss-fips-dsa-kat.patch ++++++ --- /var/tmp/diff_new_pack.noOKCW/_old 2021-07-17 23:36:31.602021542 +0200 +++ /var/tmp/diff_new_pack.noOKCW/_new 2021-07-17 23:36:31.606021511 +0200 @@ -11,10 +11,11 @@ nss/lib/freebl/fipsfreebl.c | 143 +++++++++++++++++++++++++++----------------- 2 files changed, 90 insertions(+), 55 deletions(-) -diff --git a/lib/freebl/dsa.c b/lib/freebl/dsa.c ---- a/lib/freebl/dsa.c -+++ b/lib/freebl/dsa.c -@@ -533,7 +533,7 @@ +Index: nss/lib/freebl/dsa.c +=================================================================== +--- nss.orig/lib/freebl/dsa.c ++++ nss/lib/freebl/dsa.c +@@ -536,7 +536,7 @@ DSA_SignDigest(DSAPrivateKey *key, SECIt return rv; } @@ -23,10 +24,11 @@ SECStatus DSA_SignDigestWithSeed(DSAPrivateKey *key, SECItem *signature, -diff --git a/lib/freebl/fipsfreebl.c b/lib/freebl/fipsfreebl.c ---- a/lib/freebl/fipsfreebl.c -+++ b/lib/freebl/fipsfreebl.c -@@ -124,11 +124,11 @@ +Index: nss/lib/freebl/fipsfreebl.c +=================================================================== +--- nss.orig/lib/freebl/fipsfreebl.c ++++ nss/lib/freebl/fipsfreebl.c +@@ -126,11 +126,11 @@ BOOL WINAPI DllMain( /* FIPS preprocessor directives for DSA. */ #define FIPS_DSA_TYPE siBuffer @@ -43,7 +45,7 @@ /* FIPS preprocessor directives for RNG. */ #define FIPS_RNG_XKEY_LENGTH 32 /* 256-bits */ -@@ -1445,70 +1445,105 @@ +@@ -1669,70 +1669,105 @@ freebl_fips_EC_PowerUpSelfTest() static SECStatus freebl_fips_DSA_PowerUpSelfTest(void) { @@ -197,7 +199,7 @@ }; /* DSA variables. */ -@@ -1550,7 +1585,7 @@ +@@ -1774,7 +1809,7 @@ freebl_fips_DSA_PowerUpSelfTest(void) dsa_signature_item.len = sizeof dsa_computed_signature; dsa_digest_item.data = (unsigned char *)dsa_known_digest; ++++++ nss-fips-gcm-ctr.patch ++++++ --- /var/tmp/diff_new_pack.noOKCW/_old 2021-07-17 23:36:31.614021449 +0200 +++ /var/tmp/diff_new_pack.noOKCW/_new 2021-07-17 23:36:31.614021449 +0200 @@ -10,10 +10,11 @@ nss/lib/freebl/gcm.c | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) -diff -r f5cf5d16deb6 -r 5396ffb26887 lib/freebl/gcm.c ---- a/lib/freebl/gcm.c Wed Nov 20 08:23:35 2019 +0100 -+++ b/lib/freebl/gcm.c Wed Nov 20 08:25:39 2019 +0100 -@@ -532,8 +532,14 @@ +Index: nss/lib/freebl/gcm.c +=================================================================== +--- nss.orig/lib/freebl/gcm.c ++++ nss/lib/freebl/gcm.c +@@ -532,8 +532,14 @@ struct GCMContextStr { unsigned char tagKey[MAX_BLOCK_SIZE]; PRBool ctr_context_init; gcmIVContext gcm_iv; @@ -28,7 +29,7 @@ SECStatus gcm_InitCounter(GCMContext *gcm, const unsigned char *iv, unsigned int ivLen, unsigned int tagBits, const unsigned char *aad, unsigned int aadLen); -@@ -669,6 +675,8 @@ +@@ -673,6 +679,8 @@ gcm_InitCounter(GCMContext *gcm, const u goto loser; } @@ -37,7 +38,7 @@ /* finally mix in the AAD data */ rv = gcmHash_Reset(ghash, aad, aadLen); if (rv != SECSuccess) { -@@ -766,6 +774,13 @@ +@@ -774,6 +782,13 @@ GCM_EncryptUpdate(GCMContext *gcm, unsig return SECFailure; } @@ -51,7 +52,7 @@ tagBytes = (gcm->tagBits + (PR_BITS_PER_BYTE - 1)) / PR_BITS_PER_BYTE; if (UINT_MAX - inlen < tagBytes) { PORT_SetError(SEC_ERROR_INPUT_LEN); -@@ -794,6 +809,7 @@ +@@ -802,6 +817,7 @@ GCM_EncryptUpdate(GCMContext *gcm, unsig *outlen = 0; return SECFailure; }; ++++++ nss-fips-pairwise-consistency-check.patch ++++++ --- /var/tmp/diff_new_pack.noOKCW/_old 2021-07-17 23:36:31.622021388 +0200 +++ /var/tmp/diff_new_pack.noOKCW/_new 2021-07-17 23:36:31.622021388 +0200 @@ -10,10 +10,11 @@ nss/lib/softoken/pkcs11c.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) -diff --git a/lib/softoken/pkcs11c.c b/lib/softoken/pkcs11c.c ---- a/lib/softoken/pkcs11c.c -+++ b/lib/softoken/pkcs11c.c -@@ -4730,8 +4730,8 @@ +Index: nss/lib/softoken/pkcs11c.c +=================================================================== +--- nss.orig/lib/softoken/pkcs11c.c ++++ nss/lib/softoken/pkcs11c.c +@@ -4822,8 +4822,8 @@ loser: return crv; } @@ -24,7 +25,7 @@ /* * FIPS 140-2 pairwise consistency check utilized to validate key pair. -@@ -5591,6 +5591,7 @@ +@@ -5771,6 +5771,7 @@ NSC_GenerateKeyPair(CK_SESSION_HANDLE hS (PRUint32)crv); sftk_LogAuditMessage(NSS_AUDIT_ERROR, NSS_AUDIT_SELF_TEST, msg); } ++++++ nss-fips-tls-allow-md5-prf.patch ++++++ --- /var/tmp/diff_new_pack.noOKCW/_old 2021-07-17 23:36:31.630021326 +0200 +++ /var/tmp/diff_new_pack.noOKCW/_new 2021-07-17 23:36:31.634021295 +0200 @@ -13,10 +13,11 @@ nss/lib/softoken/pkcs11c.c | 4 +-- 4 files changed, 90 insertions(+), 23 deletions(-) -diff --git a/lib/freebl/md5.c b/lib/freebl/md5.c ---- a/lib/freebl/md5.c -+++ b/lib/freebl/md5.c -@@ -217,13 +217,11 @@ +Index: nss/lib/freebl/md5.c +=================================================================== +--- nss.orig/lib/freebl/md5.c ++++ nss/lib/freebl/md5.c +@@ -217,13 +217,11 @@ MD5_HashBuf(unsigned char *dest, const u } MD5Context * @@ -31,7 +32,7 @@ cx = (MD5Context *)PORT_Alloc(sizeof(MD5Context)); if (cx == NULL) { PORT_SetError(PR_OUT_OF_MEMORY_ERROR); -@@ -232,6 +230,13 @@ +@@ -232,6 +230,13 @@ MD5_NewContext(void) return cx; } @@ -45,7 +46,7 @@ void MD5_DestroyContext(MD5Context *cx, PRBool freeit) { -@@ -243,10 +248,8 @@ +@@ -243,10 +248,8 @@ MD5_DestroyContext(MD5Context *cx, PRBoo } void @@ -57,7 +58,7 @@ cx->lsbInput = 0; cx->msbInput = 0; /* memset(cx->inBuf, 0, sizeof(cx->inBuf)); */ -@@ -256,6 +259,13 @@ +@@ -256,6 +259,13 @@ MD5_Begin(MD5Context *cx) cx->cv[3] = CV0_4; } @@ -71,7 +72,7 @@ #define cls(i32, s) (tmp = i32, tmp << s | tmp >> (32 - s)) #if defined(SOLARIS) || defined(HPUX) -@@ -431,14 +441,12 @@ +@@ -431,14 +441,12 @@ md5_compress(MD5Context *cx, const PRUin } void @@ -87,7 +88,7 @@ /* Add the number of input bytes to the 64-bit input counter. */ addto64(cx->msbInput, cx->lsbInput, inputLen); if (inBufIndex) { -@@ -487,6 +495,13 @@ +@@ -487,6 +495,13 @@ MD5_Update(MD5Context *cx, const unsigne memcpy(cx->inBuf, input, inputLen); } @@ -101,7 +102,7 @@ static const unsigned char padbytes[] = { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, -@@ -503,8 +518,8 @@ +@@ -503,8 +518,8 @@ static const unsigned char padbytes[] = }; void @@ -112,7 +113,7 @@ { #ifndef IS_LITTLE_ENDIAN PRUint32 tmp; -@@ -512,8 +527,6 @@ +@@ -512,8 +527,6 @@ MD5_End(MD5Context *cx, unsigned char *d PRUint32 lowInput, highInput; PRUint32 inBufIndex = cx->lsbInput & 63; @@ -121,7 +122,7 @@ if (maxDigestLen < MD5_HASH_LEN) { PORT_SetError(SEC_ERROR_INVALID_ARGS); return; -@@ -525,10 +538,10 @@ +@@ -525,10 +538,10 @@ MD5_End(MD5Context *cx, unsigned char *d lowInput <<= 3; if (inBufIndex < MD5_END_BUFFER) { @@ -135,7 +136,7 @@ } /* Store the number of bytes input (before padding) in final 64 bits. */ -@@ -554,16 +567,22 @@ +@@ -554,16 +567,22 @@ MD5_End(MD5Context *cx, unsigned char *d } void @@ -162,7 +163,7 @@ if (maxDigestLen < MD5_HASH_LEN) { PORT_SetError(SEC_ERROR_INVALID_ARGS); return; -@@ -581,6 +600,14 @@ +@@ -581,6 +600,14 @@ MD5_EndRaw(MD5Context *cx, unsigned char *digestLen = MD5_HASH_LEN; } @@ -177,10 +178,11 @@ unsigned int MD5_FlattenSize(MD5Context *cx) { -diff --git a/lib/freebl/rawhash.c b/lib/freebl/rawhash.c ---- a/lib/freebl/rawhash.c -+++ b/lib/freebl/rawhash.c -@@ -154,3 +154,40 @@ +Index: nss/lib/freebl/rawhash.c +=================================================================== +--- nss.orig/lib/freebl/rawhash.c ++++ nss/lib/freebl/rawhash.c +@@ -154,3 +154,40 @@ HASH_GetRawHashObject(HASH_HashType hash } return &SECRawHashObjects[hashType]; } @@ -221,9 +223,10 @@ + + return &SECRawHashObjects[hashType]; +} -diff --git a/lib/freebl/tlsprfalg.c b/lib/freebl/tlsprfalg.c ---- a/lib/freebl/tlsprfalg.c -+++ b/lib/freebl/tlsprfalg.c +Index: nss/lib/freebl/tlsprfalg.c +=================================================================== +--- nss.orig/lib/freebl/tlsprfalg.c ++++ nss/lib/freebl/tlsprfalg.c @@ -12,6 +12,9 @@ #include "hasht.h" #include "alghmac.h" @@ -234,7 +237,7 @@ #define PHASH_STATE_MAX_LEN HASH_LENGTH_MAX /* TLS P_hash function */ -@@ -27,7 +30,7 @@ +@@ -27,7 +30,7 @@ TLS_P_hash(HASH_HashType hashType, const SECStatus status; HMACContext *cx; SECStatus rv = SECFailure; @@ -243,10 +246,11 @@ PORT_Assert((secret != NULL) && (secret->data != NULL || !secret->len)); PORT_Assert((seed != NULL) && (seed->data != NULL)); -diff --git a/lib/softoken/pkcs11c.c b/lib/softoken/pkcs11c.c ---- a/lib/softoken/pkcs11c.c -+++ b/lib/softoken/pkcs11c.c -@@ -6953,7 +6953,7 @@ +Index: nss/lib/softoken/pkcs11c.c +=================================================================== +--- nss.orig/lib/softoken/pkcs11c.c ++++ nss/lib/softoken/pkcs11c.c +@@ -7158,7 +7158,7 @@ NSC_DeriveKey(CK_SESSION_HANDLE hSession SFTKAttribute *att2 = NULL; unsigned char *buf; SHA1Context *sha; @@ -255,7 +259,7 @@ MD2Context *md2; CK_ULONG macSize; CK_ULONG tmpKeySize; -@@ -7484,7 +7484,7 @@ +@@ -7698,7 +7698,7 @@ NSC_DeriveKey(CK_SESSION_HANDLE hSession } sftk_FreeAttribute(att2); md5 = MD5_NewContext(); ++++++ nss-fips-use-getrandom.patch ++++++ --- /var/tmp/diff_new_pack.noOKCW/_old 2021-07-17 23:36:31.642021233 +0200 +++ /var/tmp/diff_new_pack.noOKCW/_new 2021-07-17 23:36:31.642021233 +0200 @@ -8,10 +8,11 @@ Author: Hans Petter Jansson <[email protected]> 11 -diff --git a/coreconf/Linux.mk b/coreconf/Linux.mk ---- a/coreconf/Linux.mk -+++ b/coreconf/Linux.mk -@@ -184,6 +184,18 @@ +Index: nss/coreconf/Linux.mk +=================================================================== +--- nss.orig/coreconf/Linux.mk ++++ nss/coreconf/Linux.mk +@@ -189,6 +189,18 @@ DSO_LDOPTS+=-Wl,-z,relro LDFLAGS += -Wl,-z,relro endif @@ -30,9 +31,10 @@ USE_SYSTEM_ZLIB = 1 ZLIB_LIBS = -lz -diff --git a/lib/freebl/unix_rand.c b/lib/freebl/unix_rand.c ---- a/lib/freebl/unix_rand.c -+++ b/lib/freebl/unix_rand.c +Index: nss/lib/freebl/unix_rand.c +=================================================================== +--- nss.orig/lib/freebl/unix_rand.c ++++ nss/lib/freebl/unix_rand.c @@ -13,6 +13,10 @@ #include <sys/wait.h> #include <sys/stat.h> @@ -88,7 +90,7 @@ size_t RNG_FileUpdate(const char *fileName, size_t limit); /* -@@ -862,6 +903,26 @@ +@@ -862,6 +903,26 @@ ReadFileOK(char *dir, char *file) size_t RNG_SystemRNG(void *dest, size_t maxLen) { @@ -115,7 +117,7 @@ FILE *file; int fd; int bytes; -@@ -895,4 +956,5 @@ +@@ -895,4 +956,5 @@ RNG_SystemRNG(void *dest, size_t maxLen) fileBytes = 0; } return fileBytes; ++++++ nss-fips-zeroization.patch ++++++ --- /var/tmp/diff_new_pack.noOKCW/_old 2021-07-17 23:36:31.650021172 +0200 +++ /var/tmp/diff_new_pack.noOKCW/_new 2021-07-17 23:36:31.654021141 +0200 @@ -14,10 +14,11 @@ nss/lib/freebl/gcm.c | 45 +++++++++++++++++++++++++++++++++---- 5 files changed, 58 insertions(+), 12 deletions(-) -diff --git a/lib/freebl/aeskeywrap.c b/lib/freebl/aeskeywrap.c ---- a/lib/freebl/aeskeywrap.c -+++ b/lib/freebl/aeskeywrap.c -@@ -102,6 +102,7 @@ +Index: nss/lib/freebl/aeskeywrap.c +=================================================================== +--- nss.orig/lib/freebl/aeskeywrap.c ++++ nss/lib/freebl/aeskeywrap.c +@@ -102,6 +102,7 @@ AESKeyWrap_DestroyContext(AESKeyWrapCont { if (cx) { AES_DestroyContext(&cx->aescx, PR_FALSE); @@ -25,10 +26,11 @@ /* memset(cx, 0, sizeof *cx); */ if (freeit) { PORT_Free(cx->mem); -diff --git a/lib/freebl/cts.c b/lib/freebl/cts.c ---- a/lib/freebl/cts.c -+++ b/lib/freebl/cts.c -@@ -37,6 +37,7 @@ +Index: nss/lib/freebl/cts.c +=================================================================== +--- nss.orig/lib/freebl/cts.c ++++ nss/lib/freebl/cts.c +@@ -37,6 +37,7 @@ CTS_CreateContext(void *context, freeblC void CTS_DestroyContext(CTSContext *cts, PRBool freeit) { @@ -36,7 +38,7 @@ if (freeit) { PORT_Free(cts); } -@@ -135,7 +136,7 @@ +@@ -135,7 +136,7 @@ CTS_EncryptUpdate(CTSContext *cts, unsig PORT_Memset(lastBlock + inlen, 0, blocksize - inlen); rv = (*cts->cipher)(cts->context, outbuf, &tmp, maxout, lastBlock, blocksize, blocksize); @@ -45,7 +47,7 @@ if (rv == SECSuccess) { *outlen = written + blocksize; } else { -@@ -230,13 +231,15 @@ +@@ -230,13 +231,15 @@ CTS_DecryptUpdate(CTSContext *cts, unsig rv = (*cts->cipher)(cts->context, outbuf, outlen, maxout, inbuf, fullblocks, blocksize); if (rv != SECSuccess) { @@ -63,7 +65,7 @@ } outbuf += fullblocks; -@@ -280,9 +283,9 @@ +@@ -280,9 +283,9 @@ CTS_DecryptUpdate(CTSContext *cts, unsig rv = (*cts->cipher)(cts->context, Pn, &tmpLen, blocksize, lastBlock, blocksize, blocksize); if (rv != SECSuccess) { @@ -75,7 +77,7 @@ } /* make up for the out of order CBC decryption */ XOR_BLOCK(Pn, Cn_2, blocksize); -@@ -297,7 +300,8 @@ +@@ -297,7 +300,8 @@ CTS_DecryptUpdate(CTSContext *cts, unsig /* clear last block. At this point last block contains Pn xor Cn_1 xor * Cn_2, both of with an attacker would know, so we need to clear this * buffer out */ @@ -86,10 +88,11 @@ - return SECSuccess; + return rv; } -diff --git a/lib/freebl/dh.c b/lib/freebl/dh.c ---- a/lib/freebl/dh.c -+++ b/lib/freebl/dh.c -@@ -192,6 +192,10 @@ +Index: nss/lib/freebl/dh.c +=================================================================== +--- nss.orig/lib/freebl/dh.c ++++ nss/lib/freebl/dh.c +@@ -193,6 +193,10 @@ cleanup: rv = SECFailure; } if (rv) { @@ -100,10 +103,11 @@ *privKey = NULL; PORT_FreeArena(arena, PR_TRUE); } -diff --git a/lib/freebl/ec.c b/lib/freebl/ec.c ---- a/lib/freebl/ec.c -+++ b/lib/freebl/ec.c -@@ -958,7 +958,7 @@ +Index: nss/lib/freebl/ec.c +=================================================================== +--- nss.orig/lib/freebl/ec.c ++++ nss/lib/freebl/ec.c +@@ -943,7 +943,7 @@ ECDSA_VerifyDigest(ECPublicKey *key, con ECParams *ecParams = NULL; SECItem pointC = { siBuffer, NULL, 0 }; int slen; /* length in bytes of a half signature (r or s) */ @@ -112,10 +116,11 @@ unsigned olen; /* length in bytes of the base point order */ unsigned obits; /* length in bits of the base point order */ -diff --git a/lib/freebl/gcm.c b/lib/freebl/gcm.c ---- a/lib/freebl/gcm.c -+++ b/lib/freebl/gcm.c -@@ -162,6 +162,9 @@ +Index: nss/lib/freebl/gcm.c +=================================================================== +--- nss.orig/lib/freebl/gcm.c ++++ nss/lib/freebl/gcm.c +@@ -162,6 +162,9 @@ bmul(uint64_t x, uint64_t y, uint64_t *r *r_high = (uint64_t)(r >> 64); *r_low = (uint64_t)r; @@ -125,7 +130,7 @@ } SECStatus -@@ -200,6 +203,12 @@ +@@ -200,6 +203,12 @@ gcm_HashMult_sftw(gcmHashContext *ghash, } ghash->x_low = ci_low; ghash->x_high = ci_high; @@ -138,7 +143,7 @@ return SECSuccess; } #else -@@ -239,6 +248,10 @@ +@@ -239,6 +248,10 @@ bmul32(uint32_t x, uint32_t y, uint32_t z = z0 | z1 | z2 | z3; *r_high = (uint32_t)(z >> 32); *r_low = (uint32_t)z; @@ -149,7 +154,7 @@ } SECStatus -@@ -324,6 +337,20 @@ +@@ -324,6 +337,20 @@ gcm_HashMult_sftw32(gcmHashContext *ghas ghash->x_high = z_high_h; ghash->x_low = z_high_l; } @@ -170,7 +175,7 @@ return SECSuccess; } #endif /* HAVE_INT128_SUPPORT */ -@@ -859,11 +886,13 @@ +@@ -867,11 +894,13 @@ GCM_DecryptUpdate(GCMContext *gcm, unsig /* verify the block */ rv = gcmHash_Update(gcm->ghash_context, inbuf, inlen); if (rv != SECSuccess) { @@ -186,7 +191,7 @@ } /* Don't decrypt if we can't authenticate the encrypted data! * This assumes that if tagBits is not a multiple of 8, intag will -@@ -871,10 +900,18 @@ +@@ -879,10 +908,18 @@ GCM_DecryptUpdate(GCMContext *gcm, unsig if (NSS_SecureMemcmp(tag, intag, tagBytes) != 0) { /* force a CKR_ENCRYPTED_DATA_INVALID error at in softoken */ PORT_SetError(SEC_ERROR_BAD_DATA); ++++++ nss-opt.patch ++++++ --- /var/tmp/diff_new_pack.noOKCW/_old 2021-07-17 23:36:31.662021079 +0200 +++ /var/tmp/diff_new_pack.noOKCW/_new 2021-07-17 23:36:31.662021079 +0200 @@ -1,8 +1,8 @@ -diff --git a/coreconf/Linux.mk b/coreconf/Linux.mk -index 956f0e4..b3a352a 100644 ---- a/coreconf/Linux.mk -+++ b/coreconf/Linux.mk -@@ -108,11 +108,7 @@ LIBC_TAG = _glibc +Index: nss/coreconf/Linux.mk +=================================================================== +--- nss.orig/coreconf/Linux.mk ++++ nss/coreconf/Linux.mk +@@ -113,11 +113,7 @@ LIBC_TAG = _glibc endif ifdef BUILD_OPT
