Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP3:GA
mozilla-nss.6304
nss-fips-cavs-kdf135.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File nss-fips-cavs-kdf135.patch of Package mozilla-nss.6304
commit aa4fab6ca1baf8ecb90f853480f75f2658d9a371 Author: Hans Petter Jansson <hpj@cl.no> Date: Sun Oct 15 19:45:28 2017 +0200 Patch 18: nss-fips-cavs-kdf135.patch diff --git a/nss/cmd/fipstest/fipstest.c b/nss/cmd/fipstest/fipstest.c index ab73e42..8b17e0e 100644 --- a/nss/cmd/fipstest/fipstest.c +++ b/nss/cmd/fipstest/fipstest.c @@ -5689,9 +5689,9 @@ loser: void tls(char *reqfn) { - char buf[256]; /* holds one line from the input REQUEST file. + char buf[1024]; /* holds one line from the input REQUEST file. * needs to be large enough to hold the longest - * line "XSeed = <128 hex digits>\n". + * line "key_block = <256 hex digits>\n". */ unsigned char *pms = NULL; int pms_len; @@ -5742,8 +5742,8 @@ tls(char *reqfn) CK_MECHANISM master_mech = { CKM_TLS_MASTER_KEY_DERIVE, NULL, 0 }; CK_MECHANISM key_block_mech = { CKM_TLS_KEY_AND_MAC_DERIVE, NULL, 0 }; - CK_SSL3_MASTER_KEY_DERIVE_PARAMS master_params; - CK_SSL3_KEY_MAT_PARAMS key_block_params; + CK_TLS12_MASTER_KEY_DERIVE_PARAMS master_params; + CK_TLS12_KEY_MAT_PARAMS key_block_params; CK_SSL3_KEY_MAT_OUT key_material; CK_RV crv; @@ -5753,6 +5753,7 @@ tls(char *reqfn) master_params.RandomInfo.ulClientRandomLen = sizeof(clientHello_random); master_params.RandomInfo.pServerRandom = serverHello_random; master_params.RandomInfo.ulServerRandomLen = sizeof(serverHello_random); + master_params.prfHashMechanism = CKM_SHA256; master_mech.pParameter = (void *)&master_params; master_mech.ulParameterLen = sizeof(master_params); key_block_params.ulMacSizeInBits = 0; @@ -5764,9 +5765,11 @@ tls(char *reqfn) key_block_params.RandomInfo.pServerRandom = server_random; key_block_params.RandomInfo.ulServerRandomLen = sizeof(server_random); key_block_params.pReturnedKeyMaterial = &key_material; + key_block_params.prfHashMechanism = CKM_SHA256; key_block_mech.pParameter = (void *)&key_block_params; key_block_mech.ulParameterLen = sizeof(key_block_params); + crv = NSC_Initialize((CK_VOID_PTR)&pk11args); if (crv != CKR_OK) { fprintf(stderr, "NSC_Initialize failed crv=0x%x\n", (unsigned int)crv); @@ -5801,14 +5804,38 @@ tls(char *reqfn) key_block_mech.mechanism = CKM_TLS_KEY_AND_MAC_DERIVE; } else if (buf[7] == '2') { master_mech.mechanism = - CKM_NSS_TLS_MASTER_KEY_DERIVE_SHA256; + CKM_TLS12_MASTER_KEY_DERIVE; key_block_mech.mechanism = - CKM_NSS_TLS_KEY_AND_MAC_DERIVE_SHA256; + CKM_TLS12_KEY_AND_MAC_DERIVE; } else { fprintf(stderr, "Unknown TLS type %x\n", (unsigned int)buf[0]); goto loser; } + + if (buf[8] == ',' && buf[9] == ' ') { + int sha_bitlen; + CK_MECHANISM_TYPE hash_mech = CKM_SHA256; + + if (sscanf (&buf [10], "SHA-%d]", &sha_bitlen) == 1) { + switch (sha_bitlen) { + case 256: + hash_mech = CKM_SHA256; + break; + case 384: + hash_mech = CKM_SHA384; + break; + case 512: + hash_mech = CKM_SHA512; + break; + default: + break; + } + } + + master_params.prfHashMechanism = hash_mech; + key_block_params.prfHashMechanism = hash_mech; + } } if (strncmp(buf, "[pre-master", 11) == 0) { if (sscanf(buf, "[pre-master secret length = %d]", @@ -6132,6 +6159,11 @@ main(int argc, char **argv) } else if (strcmp(argv[1], "ddrbg") == 0) { debug = 1; drbg(argv[2]); + } else if (strcmp(argv[1], "tls") == 0) { + /*************/ + /* TLS */ + /*************/ + tls(argv[2]); } return 0; }
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
