Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP2:GA
mozilla-nss.1743
nss-CC-approved_crypto-ECs.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File nss-CC-approved_crypto-ECs.patch of Package mozilla-nss.1743
# HG changeset patch # Parent d9a01714b36cd0410dbe6b2d1c3c3bb8fe4b7805 Disable non-approved elliptic curves in FIPS mode - return errors when one of them is requested and do not offer these curves in SSL/TLS negotiation. Approved curves for FIPS-140-2 are: NIST P-224, P-256, P-384, P-521. bsc#924307 diff --git a/lib/freebl/ecdecode.c b/lib/freebl/ecdecode.c --- a/lib/freebl/ecdecode.c +++ b/lib/freebl/ecdecode.c @@ -9,19 +9,27 @@ #endif #include "blapi.h" #include "secoid.h" #include "secitem.h" #include "secerr.h" #include "ec.h" #include "ecl-curve.h" +#include "fips.h" #define CHECK_OK(func) if (func == NULL) goto cleanup #define CHECK_SEC_OK(func) if (SECSuccess != (rv = func)) goto cleanup +#define DISABLED_IF(x) \ + do { \ + if (x) { \ + rv = SECFailure; \ + goto cleanup; \ + } \ + } while (0) /* * Initializes a SECItem from a hexadecimal string * * Warning: This function ignores leading 00's, so any leading 00's * in the hexadecimal string must be optional. */ static SECItem * @@ -197,350 +205,400 @@ EC_FillParams(PLArenaPool *arena, const printf("Curve: %s\n", SECOID_FindOIDTagDescription(tag)); #endif switch (tag) { /* Binary curves */ case SEC_OID_ANSIX962_EC_C2PNB163V1: + DISABLED_IF(FIPS_mode()); /* Populate params for c2pnb163v1 */ CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_PNB163V1, ec_field_GF2m, params) ); break; case SEC_OID_ANSIX962_EC_C2PNB163V2: + DISABLED_IF(FIPS_mode()); /* Populate params for c2pnb163v2 */ CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_PNB163V2, ec_field_GF2m, params) ); break; case SEC_OID_ANSIX962_EC_C2PNB163V3: + DISABLED_IF(FIPS_mode()); /* Populate params for c2pnb163v3 */ CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_PNB163V3, ec_field_GF2m, params) ); break; case SEC_OID_ANSIX962_EC_C2PNB176V1: + DISABLED_IF(FIPS_mode()); /* Populate params for c2pnb176v1 */ CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_PNB176V1, ec_field_GF2m, params) ); break; case SEC_OID_ANSIX962_EC_C2TNB191V1: + DISABLED_IF(FIPS_mode()); /* Populate params for c2tnb191v1 */ CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_TNB191V1, ec_field_GF2m, params) ); break; case SEC_OID_ANSIX962_EC_C2TNB191V2: + DISABLED_IF(FIPS_mode()); /* Populate params for c2tnb191v2 */ CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_TNB191V2, ec_field_GF2m, params) ); break; case SEC_OID_ANSIX962_EC_C2TNB191V3: + DISABLED_IF(FIPS_mode()); /* Populate params for c2tnb191v3 */ CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_TNB191V3, ec_field_GF2m, params) ); break; case SEC_OID_ANSIX962_EC_C2PNB208W1: + DISABLED_IF(FIPS_mode()); /* Populate params for c2pnb208w1 */ CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_PNB208W1, ec_field_GF2m, params) ); break; case SEC_OID_ANSIX962_EC_C2TNB239V1: + DISABLED_IF(FIPS_mode()); /* Populate params for c2tnb239v1 */ CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_TNB239V1, ec_field_GF2m, params) ); break; case SEC_OID_ANSIX962_EC_C2TNB239V2: + DISABLED_IF(FIPS_mode()); /* Populate params for c2tnb239v2 */ CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_TNB239V2, ec_field_GF2m, params) ); break; case SEC_OID_ANSIX962_EC_C2TNB239V3: + DISABLED_IF(FIPS_mode()); /* Populate params for c2tnb239v3 */ CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_TNB239V3, ec_field_GF2m, params) ); break; case SEC_OID_ANSIX962_EC_C2PNB272W1: + DISABLED_IF(FIPS_mode()); /* Populate params for c2pnb272w1 */ CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_PNB272W1, ec_field_GF2m, params) ); break; case SEC_OID_ANSIX962_EC_C2PNB304W1: + DISABLED_IF(FIPS_mode()); /* Populate params for c2pnb304w1 */ CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_PNB304W1, ec_field_GF2m, params) ); break; case SEC_OID_ANSIX962_EC_C2TNB359V1: + DISABLED_IF(FIPS_mode()); /* Populate params for c2tnb359v1 */ CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_TNB359V1, ec_field_GF2m, params) ); break; case SEC_OID_ANSIX962_EC_C2PNB368W1: + DISABLED_IF(FIPS_mode()); /* Populate params for c2pnb368w1 */ CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_PNB368W1, ec_field_GF2m, params) ); break; case SEC_OID_ANSIX962_EC_C2TNB431R1: + DISABLED_IF(FIPS_mode()); /* Populate params for c2tnb431r1 */ CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_TNB431R1, ec_field_GF2m, params) ); break; case SEC_OID_SECG_EC_SECT113R1: + DISABLED_IF(FIPS_mode()); /* Populate params for sect113r1 */ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_113R1, ec_field_GF2m, params) ); break; case SEC_OID_SECG_EC_SECT113R2: + DISABLED_IF(FIPS_mode()); /* Populate params for sect113r2 */ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_113R2, ec_field_GF2m, params) ); break; case SEC_OID_SECG_EC_SECT131R1: + DISABLED_IF(FIPS_mode()); /* Populate params for sect131r1 */ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_131R1, ec_field_GF2m, params) ); break; case SEC_OID_SECG_EC_SECT131R2: + DISABLED_IF(FIPS_mode()); /* Populate params for sect131r2 */ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_131R2, ec_field_GF2m, params) ); break; case SEC_OID_SECG_EC_SECT163K1: + DISABLED_IF(FIPS_mode()); /* Populate params for sect163k1 * (the NIST K-163 curve) */ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_163K1, ec_field_GF2m, params) ); break; case SEC_OID_SECG_EC_SECT163R1: + DISABLED_IF(FIPS_mode()); /* Populate params for sect163r1 */ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_163R1, ec_field_GF2m, params) ); break; case SEC_OID_SECG_EC_SECT163R2: + DISABLED_IF(FIPS_mode()); /* Populate params for sect163r2 * (the NIST B-163 curve) */ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_163R2, ec_field_GF2m, params) ); break; case SEC_OID_SECG_EC_SECT193R1: + DISABLED_IF(FIPS_mode()); /* Populate params for sect193r1 */ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_193R1, ec_field_GF2m, params) ); break; case SEC_OID_SECG_EC_SECT193R2: + DISABLED_IF(FIPS_mode()); /* Populate params for sect193r2 */ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_193R2, ec_field_GF2m, params) ); break; case SEC_OID_SECG_EC_SECT233K1: + DISABLED_IF(FIPS_mode()); /* Populate params for sect233k1 * (the NIST K-233 curve) */ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_233K1, ec_field_GF2m, params) ); break; case SEC_OID_SECG_EC_SECT233R1: + DISABLED_IF(FIPS_mode()); /* Populate params for sect233r1 * (the NIST B-233 curve) */ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_233R1, ec_field_GF2m, params) ); break; case SEC_OID_SECG_EC_SECT239K1: + DISABLED_IF(FIPS_mode()); /* Populate params for sect239k1 */ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_239K1, ec_field_GF2m, params) ); break; case SEC_OID_SECG_EC_SECT283K1: + DISABLED_IF(FIPS_mode()); /* Populate params for sect283k1 * (the NIST K-283 curve) */ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_283K1, ec_field_GF2m, params) ); break; case SEC_OID_SECG_EC_SECT283R1: + DISABLED_IF(FIPS_mode()); /* Populate params for sect283r1 * (the NIST B-283 curve) */ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_283R1, ec_field_GF2m, params) ); break; case SEC_OID_SECG_EC_SECT409K1: + DISABLED_IF(FIPS_mode()); /* Populate params for sect409k1 * (the NIST K-409 curve) */ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_409K1, ec_field_GF2m, params) ); break; case SEC_OID_SECG_EC_SECT409R1: + DISABLED_IF(FIPS_mode()); /* Populate params for sect409r1 * (the NIST B-409 curve) */ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_409R1, ec_field_GF2m, params) ); break; case SEC_OID_SECG_EC_SECT571K1: + DISABLED_IF(FIPS_mode()); /* Populate params for sect571k1 * (the NIST K-571 curve) */ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_571K1, ec_field_GF2m, params) ); break; case SEC_OID_SECG_EC_SECT571R1: + DISABLED_IF(FIPS_mode()); /* Populate params for sect571r1 * (the NIST B-571 curve) */ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_571R1, ec_field_GF2m, params) ); break; /* Prime curves */ case SEC_OID_ANSIX962_EC_PRIME192V1: + DISABLED_IF(FIPS_mode()); /* Populate params for prime192v1 aka secp192r1 * (the NIST P-192 curve) */ CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_PRIME_192V1, ec_field_GFp, params) ); break; case SEC_OID_ANSIX962_EC_PRIME192V2: + DISABLED_IF(FIPS_mode()); /* Populate params for prime192v2 */ CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_PRIME_192V2, ec_field_GFp, params) ); break; case SEC_OID_ANSIX962_EC_PRIME192V3: + DISABLED_IF(FIPS_mode()); /* Populate params for prime192v3 */ CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_PRIME_192V3, ec_field_GFp, params) ); break; case SEC_OID_ANSIX962_EC_PRIME239V1: + DISABLED_IF(FIPS_mode()); /* Populate params for prime239v1 */ CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_PRIME_239V1, ec_field_GFp, params) ); break; case SEC_OID_ANSIX962_EC_PRIME239V2: + DISABLED_IF(FIPS_mode()); /* Populate params for prime239v2 */ CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_PRIME_239V2, ec_field_GFp, params) ); break; case SEC_OID_ANSIX962_EC_PRIME239V3: + DISABLED_IF(FIPS_mode()); /* Populate params for prime239v3 */ CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_PRIME_239V3, ec_field_GFp, params) ); break; case SEC_OID_ANSIX962_EC_PRIME256V1: /* Populate params for prime256v1 aka secp256r1 * (the NIST P-256 curve) */ CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_PRIME_256V1, ec_field_GFp, params) ); break; case SEC_OID_SECG_EC_SECP112R1: + DISABLED_IF(FIPS_mode()); /* Populate params for secp112r1 */ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_112R1, ec_field_GFp, params) ); break; case SEC_OID_SECG_EC_SECP112R2: + DISABLED_IF(FIPS_mode()); /* Populate params for secp112r2 */ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_112R2, ec_field_GFp, params) ); break; case SEC_OID_SECG_EC_SECP128R1: + DISABLED_IF(FIPS_mode()); /* Populate params for secp128r1 */ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_128R1, ec_field_GFp, params) ); break; case SEC_OID_SECG_EC_SECP128R2: + DISABLED_IF(FIPS_mode()); /* Populate params for secp128r2 */ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_128R2, ec_field_GFp, params) ); break; case SEC_OID_SECG_EC_SECP160K1: + DISABLED_IF(FIPS_mode()); /* Populate params for secp160k1 */ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_160K1, ec_field_GFp, params) ); break; case SEC_OID_SECG_EC_SECP160R1: + DISABLED_IF(FIPS_mode()); /* Populate params for secp160r1 */ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_160R1, ec_field_GFp, params) ); break; case SEC_OID_SECG_EC_SECP160R2: + DISABLED_IF(FIPS_mode()); /* Populate params for secp160r1 */ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_160R2, ec_field_GFp, params) ); break; case SEC_OID_SECG_EC_SECP192K1: + DISABLED_IF(FIPS_mode()); /* Populate params for secp192k1 */ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_192K1, ec_field_GFp, params) ); break; case SEC_OID_SECG_EC_SECP224K1: + DISABLED_IF(FIPS_mode()); /* Populate params for secp224k1 */ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_224K1, ec_field_GFp, params) ); break; case SEC_OID_SECG_EC_SECP224R1: /* Populate params for secp224r1 * (the NIST P-224 curve) */ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_224R1, ec_field_GFp, params) ); break; case SEC_OID_SECG_EC_SECP256K1: + DISABLED_IF(FIPS_mode()); /* Populate params for secp256k1 */ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_256K1, ec_field_GFp, params) ); break; case SEC_OID_SECG_EC_SECP384R1: /* Populate params for secp384r1 * (the NIST P-384 curve) diff --git a/lib/ssl/ssl3ecc.c b/lib/ssl/ssl3ecc.c --- a/lib/ssl/ssl3ecc.c +++ b/lib/ssl/ssl3ecc.c @@ -1139,20 +1139,24 @@ ssl3_SendSupportedCurvesXtn( } } return ecListSize; } PRUint32 ssl3_GetSupportedECCurveMask(sslSocket *ss) { + PRUint32 mask = SSL3_ALL_SUPPORTED_CURVES_MASK; if (ssl3_SuiteBOnly(ss)) { - return SSL3_SUITE_B_SUPPORTED_CURVES_MASK; + mask = SSL3_SUITE_B_SUPPORTED_CURVES_MASK; } - return SSL3_ALL_SUPPORTED_CURVES_MASK; + if (PK11_IsFIPS()) { + mask &= SSL3_FIPS_SUPPORTED_CURVES_MASK; + } + return mask; } /* Send our "canned" (precompiled) Supported Point Formats extension, * which says that we only support uncompressed points. */ PRInt32 ssl3_SendSupportedPointFormatsXtn( sslSocket * ss, diff --git a/lib/ssl/sslimpl.h b/lib/ssl/sslimpl.h --- a/lib/ssl/sslimpl.h +++ b/lib/ssl/sslimpl.h @@ -141,16 +141,18 @@ typedef enum { SSLAppOpRead = 0, #define SSL_MAX_CACHED_CERT_LEN 4060 #define NUM_MIXERS 9 /* Mask of the 25 named curves we support. */ #define SSL3_ALL_SUPPORTED_CURVES_MASK 0x3fffffe /* Mask of only 3 curves, suite B */ #define SSL3_SUITE_B_SUPPORTED_CURVES_MASK 0x3800000 +/* Mask of the curces supported in FIPS: P-224, P-256, P-384, P-521 */ +#define SSL3_FIPS_SUPPORTED_CURVES_MASK 0x3a00000 #ifndef BPB #define BPB 8 /* Bits Per Byte */ #endif #define EXPORT_RSA_KEY_LENGTH 64 /* bytes */ /* The minimum server key sizes accepted by the clients. diff --git a/lib/ssl/sslsock.c b/lib/ssl/sslsock.c --- a/lib/ssl/sslsock.c +++ b/lib/ssl/sslsock.c @@ -12,16 +12,17 @@ #include "ssl.h" #include "sslimpl.h" #include "sslproto.h" #include "nspr.h" #include "private/pprio.h" #ifndef NO_PKCS11_BYPASS #include "blapi.h" #endif +#include "pk11pub.h" #include "nss.h" #define SET_ERROR_CODE /* reminder */ static const sslSocketOps ssl_default_ops = { /* No SSL. */ ssl_DefConnect, NULL, ssl_DefBind, @@ -2979,16 +2980,21 @@ ssl_NewSocket(PRBool makeLocks, SSLProto ss->pkcs11PinArg = NULL; ss->ephemeralECDHKeyPair = NULL; ssl_ChooseOps(ss); ssl2_InitSocketPolicy(ss); ssl3_InitSocketPolicy(ss); PR_INIT_CLIST(&ss->ssl3.hs.lastMessageFlight); + /* cannot cresate step down keys in fips mode */ + if (!ss->opt.noStepDown && PK11_IsFIPS()) { + ss->opt.noStepDown = PR_TRUE; + } + if (makeLocks) { status = ssl_MakeLocks(ss); if (status != SECSuccess) goto loser; } status = ssl_CreateSecurityInfo(ss); if (status != SECSuccess) goto loser;
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
