commit mozilla-nss for openSUSE:Factory

Source-Sync Wed, 03 Sep 2025 14:35:22 -0700

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package mozilla-nss for openSUSE:Factory 
checked in at 2025-09-03 21:06:26
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/mozilla-nss (Old)
 and      /work/SRC/openSUSE:Factory/.mozilla-nss.new.1977 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "mozilla-nss"

Wed Sep  3 21:06:26 2025 rev:232 rq:1300982 version:3.115.1

Changes:
--------
--- /work/SRC/openSUSE:Factory/mozilla-nss/mozilla-nss.changes  2025-07-26 
13:39:46.717435741 +0200
+++ /work/SRC/openSUSE:Factory/.mozilla-nss.new.1977/mozilla-nss.changes        
2025-09-03 21:06:28.634217585 +0200
@@ -1,0 +2,57 @@
+Fri Aug 22 07:38:07 UTC 2025 - Martin Sirringhaus <[email protected]>
+
+- update to NSS 3.115.1
+  * bmo#1982742 - restore support for finding certificates by decoded serial 
number.
+  * bmo#1984165 - avoid CKR_BUFFER_TO_SMALL error in trust lookups.
+
+-------------------------------------------------------------------
+Mon Aug 18 15:05:26 UTC 2025 - Martin Sirringhaus <[email protected]>
+
+- update to NSS 3.115
+  * bmo#1970304 - CID 1648399 - Resource leak in shlibsign.c
+  * bmo#1981034 - CKA_SEED needs to be marked as a private attribute
+  * bmo#1981518 - Fix bad syntax on Windows in softoken_gtest.cc
+  * bmo#1974505 - Key private/public/secret keys by key type in softoken keydb
+  * bmo#1980990 - add PK11_HPKE_GetSharedSecret to abi-check expected report
+  * bmo#1980429 - remove NetscapeStepUpMatchesServerAuth from mozpkix 
TrustDomain
+  * bmo#1927351 - Fixup ABI
+  * bmo#1927351 - add ECH_SECRET and ECH_CONFIG to SSLKEYLOG for both client 
and server
+  * bmo#1900841 - ECH fuzz target
+  * bmo#1965331 - Implement PKCS #11 v3.2 FIPS indicator and validation objects
+  * bmo#1978677 - remove expired explicitly distrusted DigiNotar lookalike root
+  * bmo#1965329 - Implement PKCS #11 v3.2 functions
+
+- update to NSS 3.114
+  * bmo#1977376 - NSS 3.114 source distribution should include NSPR 4.37
+  * bmo#1970079 - Prevent leaks during pkcs12 decoding
+  * bmo#1953731 - Remove redundant assert in p7local.c
+  * bmo#1974515 - Bump nssckbi version to 2.80
+  * bmo#1961848 - Remove expired Baltimore CyberTrust Root
+  * bmo#1972391 - Add TrustAsia Dedicated Roots to NSS
+  * bmo#1974511 - Add SwissSign 2022 Roots to NSS
+  * bmo#1836559 - Add backwards compatibility for CK_PKCS5_PBKD2_PARAMS
+  * bmo#1965328 - Implement PKCS #11 v3.2 trust objects in softoken
+  * bmo#1965328 - Implement PKCS #11 v3.2 trust objects - nss proper
+  * bmo#1974331 - remove dead code in ssl3con.c
+  * bmo#1934867 - DTLS (excl DTLS1.3) Changing Holddown timer logic
+  * bmo#1974299 - Bump nssckbi version to 2.79
+  * bmo#1967826 - remove unneccessary assertion
+  * bmo#1948485 - Update mechanisms for Softoken PCT
+  * bmo#1974299 - convert Chunghwa Telecom ePKI Root removal to a distrust 
after
+  * bmo#1973925 - Ensure ssl_HaveRecvBufLock and friends respect opt.noLocks
+  * bmo#1973930 - use -O2 for asan build
+  * bmo#1973187 - Fix leaking locks when toggling SSL_NO_LOCKS
+  * bmo#1973105 - remove out-of-function semicolon
+  * bmo#1963009 - Extend pkcs8 fuzz target
+  * bmo#1963008 - Extend pkcs7 fuzz target
+  * bmo#1908763 - Remove unused assignment to pageno
+  * bmo#1908762 - Remove unused assignment to nextChunk
+  * bmo#1973490 - don't run commands as part of shell `local` declarations
+  * bmo#1973490 - fix sanitizer setup
+  * bmo#1973187 - don't silence ssl_gtests output when running with coverage
+  * bmo#1967411 - Release docs and housekeeping
+  * bmo#1972768 - migrate to new linux tester pool
+
+- rebase FIPS patches to adjust for upstream FIPS work
+
+-------------------------------------------------------------------

Old:
----
  nss-3.113.tar.gz

New:
----
  nss-3.115.1.tar.gz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ mozilla-nss.spec ++++++
--- /var/tmp/diff_new_pack.6pdqnI/_old  2025-09-03 21:06:32.570383912 +0200
+++ /var/tmp/diff_new_pack.6pdqnI/_new  2025-09-03 21:06:32.570383912 +0200
@@ -1,7 +1,7 @@
 #
 # spec file for package mozilla-nss
 #
-# Copyright (c) 2025 SUSE LLC
+# Copyright (c) 2025 SUSE LLC and contributors
 # Copyright (c) 2006-2025 Wolfgang Rosenauer
 #
 # All modifications and additions to the file contributed by third parties
@@ -17,15 +17,15 @@
 #
 
 
-%global nss_softokn_fips_version 3.113
+%global nss_softokn_fips_version 3.115
 %define NSPR_min_version 4.36
 %define nspr_ver %(rpm -q --queryformat '%%{VERSION}' mozilla-nspr)
 %define nssdbdir %{_sysconfdir}/pki/nssdb
 %global crypto_policies_version 20210218
 Name:           mozilla-nss
-Version:        3.113
+Version:        3.115.1
 Release:        0
-%define underscore_version 3_113
+%define underscore_version 3_115_1
 Summary:        Network Security Services
 License:        MPL-2.0
 Group:          System/Libraries



++++++ nss-3.113.tar.gz -> nss-3.115.1.tar.gz ++++++
/work/SRC/openSUSE:Factory/mozilla-nss/nss-3.113.tar.gz 
/work/SRC/openSUSE:Factory/.mozilla-nss.new.1977/nss-3.115.1.tar.gz differ: 
char 5, line 1

++++++ nss-allow-slow-tests.patch ++++++
--- /var/tmp/diff_new_pack.6pdqnI/_old  2025-09-03 21:06:32.726390504 +0200
+++ /var/tmp/diff_new_pack.6pdqnI/_new  2025-09-03 21:06:32.730390674 +0200
@@ -2,7 +2,7 @@
 ===================================================================
 --- nss.orig/tests/sdr/sdr.sh
 +++ nss/tests/sdr/sdr.sh
-@@ -146,7 +146,8 @@ sdr_main()
+@@ -162,7 +162,8 @@ sdr_main()
    RARRAY=($dtime)
    TIMEARRAY=(${RARRAY[1]//./ })
    echo "${TIMEARRAY[0]} seconds"

++++++ nss-fips-180-3-csp-clearing.patch ++++++
--- /var/tmp/diff_new_pack.6pdqnI/_old  2025-09-03 21:06:32.746391350 +0200
+++ /var/tmp/diff_new_pack.6pdqnI/_new  2025-09-03 21:06:32.750391518 +0200
@@ -16,7 +16,7 @@
 ===================================================================
 --- nss.orig/lib/softoken/sftkdb.c
 +++ nss/lib/softoken/sftkdb.c
-@@ -1538,7 +1538,7 @@ loser:
+@@ -1565,7 +1565,7 @@ loser:
          PORT_ZFree(data, dataSize);
      }
      if (arena) {
@@ -29,7 +29,7 @@
 ===================================================================
 --- nss.orig/lib/softoken/sftkpwd.c
 +++ nss/lib/softoken/sftkpwd.c
-@@ -1459,7 +1459,7 @@ loser:
+@@ -1465,7 +1465,7 @@ loser:
          PORT_ZFree(newKey.data, newKey.len);
      }
      if (result) {

++++++ nss-fips-approved-crypto-non-ec.patch ++++++
--- /var/tmp/diff_new_pack.6pdqnI/_old  2025-09-03 21:06:32.766392195 +0200
+++ /var/tmp/diff_new_pack.6pdqnI/_new  2025-09-03 21:06:32.770392364 +0200
@@ -87,7 +87,7 @@
  
  /* Architecture-dependent defines */
  
-@@ -162,7 +163,9 @@ RC4_InitContext(RC4Context *cx, const un
+@@ -161,7 +162,9 @@ RC4_InitContext(RC4Context *cx, const un
  RC4Context *
  RC4_CreateContext(const unsigned char *key, int len)
  {
@@ -368,27 +368,27 @@
 ===================================================================
 --- nss.orig/lib/softoken/pkcs11c.c
 +++ nss/lib/softoken/pkcs11c.c
-@@ -539,7 +539,7 @@ sftk_InitGeneric(SFTKSession *session, C
-     context->blockSize = 0;
+@@ -541,7 +541,7 @@ sftk_InitGeneric(SFTKSession *session, C
      context->maxLen = 0;
+     context->signature = NULL;
      context->isFIPS = sftk_operationIsFIPS(session->slot, pMechanism,
 -                                           operation, key);
 +                                           operation, key, 0);
      *contextPtr = context;
      return CKR_OK;
  }
-@@ -4990,6 +4990,10 @@ NSC_GenerateKey(CK_SESSION_HANDLE hSessi
+@@ -5136,6 +5136,10 @@ NSC_GenerateKey(CK_SESSION_HANDLE hSessi
          goto loser;
      }
  
-+    key->isFIPS = sftk_operationIsFIPS(slot, pMechanism, 
CKA_KEY_GEN_MECHANISM,
-+                                       key, key_length * PR_BITS_PER_BYTE);
-+    session->lastOpWasFIPS = key->isFIPS;
++    sftk_setFIPS(key, sftk_operationIsFIPS(slot, pMechanism, 
CKA_KEY_GEN_MECHANISM,
++                                       key, key_length * PR_BITS_PER_BYTE));
++    session->lastOpWasFIPS = sftk_hasFIPS(key);
 +
      /*
       * handle the base object stuff
       */
-@@ -5004,6 +5008,7 @@ NSC_GenerateKey(CK_SESSION_HANDLE hSessi
+@@ -5150,6 +5154,7 @@ NSC_GenerateKey(CK_SESSION_HANDLE hSessi
      if (crv == CKR_OK) {
          *phKey = key->handle;
      }
@@ -396,7 +396,7 @@
  loser:
      PORT_Memset(buf, 0, sizeof buf);
      sftk_FreeObject(key);
-@@ -5475,7 +5480,7 @@ NSC_GenerateKeyPair(CK_SESSION_HANDLE hS
+@@ -5638,7 +5643,7 @@ NSC_GenerateKeyPair(CK_SESSION_HANDLE hS
      CK_OBJECT_CLASS privClass = CKO_PRIVATE_KEY;
      int i;
      SFTKSlot *slot = sftk_SlotFromSessionHandle(hSession);
@@ -405,7 +405,7 @@
  
      /* RSA */
      int public_modulus_bits = 0;
-@@ -6081,11 +6086,11 @@ NSC_GenerateKeyPair(CK_SESSION_HANDLE hS
+@@ -6253,11 +6258,11 @@ NSC_GenerateKeyPair(CK_SESSION_HANDLE hS
       * created and linked.
       */
      crv = sftk_handleObject(publicKey, session);
@@ -418,7 +418,7 @@
          return crv;
      }
      if (sftk_isTrue(privateKey, CKA_SENSITIVE)) {
-@@ -6129,12 +6134,20 @@ NSC_GenerateKeyPair(CK_SESSION_HANDLE hS
+@@ -6301,12 +6306,20 @@ NSC_GenerateKeyPair(CK_SESSION_HANDLE hS
          sftk_FreeObject(publicKey);
          NSC_DestroyObject(hSession, privateKey->handle);
          sftk_FreeObject(privateKey);
@@ -426,9 +426,9 @@
          return crv;
      }
 +
-+    publicKey->isFIPS = sftk_operationIsFIPS(slot, pMechanism, 
CKA_KEY_PAIR_GEN_MECHANISM, publicKey, 0);
-+    privateKey->isFIPS = sftk_operationIsFIPS(slot, pMechanism, 
CKA_KEY_PAIR_GEN_MECHANISM, privateKey, 0);
-+    session->lastOpWasFIPS = privateKey->isFIPS;
++    sftk_setFIPS(publicKey, sftk_operationIsFIPS(slot, pMechanism, 
CKA_KEY_PAIR_GEN_MECHANISM, publicKey, 0));
++    sftk_setFIPS(privateKey, sftk_operationIsFIPS(slot, pMechanism, 
CKA_KEY_PAIR_GEN_MECHANISM, privateKey, 0));
++    session->lastOpWasFIPS = sftk_hasFIPS(privateKey);
 +    
      *phPrivateKey = privateKey->handle;
      *phPublicKey = publicKey->handle;
@@ -439,7 +439,7 @@
  
      return CKR_OK;
  }
-@@ -7326,6 +7339,14 @@ sftk_HKDF(CK_HKDF_PARAMS_PTR params, CK_
+@@ -7529,6 +7542,14 @@ sftk_HKDF(CK_HKDF_PARAMS_PTR params, CK_
          return CKR_TEMPLATE_INCONSISTENT;
      }
  
@@ -454,17 +454,16 @@
      /* sourceKey is NULL if we are called from the POST, skip the
       * sensitiveCheck */
      if (sourceKey != NULL) {
-@@ -7374,7 +7395,8 @@ sftk_HKDF(CK_HKDF_PARAMS_PTR params, CK_
-                     mech.pParameter = params;
+@@ -7578,7 +7599,7 @@ sftk_HKDF(CK_HKDF_PARAMS_PTR params, CK_
                      mech.ulParameterLen = sizeof(*params);
-                     key->isFIPS = sftk_operationIsFIPS(saltKey->slot, &mech,
--                                                       CKA_DERIVE, saltKey);
-+                                                       CKA_DERIVE, saltKey,
-+                                                       
keySize*PR_BITS_PER_BYTE);
+                     sftk_setFIPS(key, sftk_operationIsFIPS(saltKey->slot,
+                                                            &mech, CKA_DERIVE,
+-                                                           saltKey));
++                                                           saltKey, 
keySize*PR_BITS_PER_BYTE));
                  }
                  saltKey_att = sftk_FindAttribute(saltKey, CKA_VALUE);
                  if (saltKey_att == NULL) {
-@@ -7416,7 +7438,7 @@ sftk_HKDF(CK_HKDF_PARAMS_PTR params, CK_
+@@ -7620,7 +7641,7 @@ sftk_HKDF(CK_HKDF_PARAMS_PTR params, CK_
      /* HKDF-Expand */
      if (!params->bExpand) {
          okm = prk;
@@ -473,17 +472,17 @@
      } else {
          /* T(1) = HMAC-Hash(prk, "" | info | 0x01)
           * T(n) = HMAC-Hash(prk, T(n-1) | info | n
-@@ -7640,7 +7662,8 @@ NSC_DeriveKey(CK_SESSION_HANDLE hSession
-             return CKR_KEY_HANDLE_INVALID;
+@@ -7845,7 +7866,8 @@ NSC_DeriveKey(CK_SESSION_HANDLE hSession
          }
      }
--    key->isFIPS = sftk_operationIsFIPS(slot, pMechanism, CKA_DERIVE, 
sourceKey);
-+    key->isFIPS = sftk_operationIsFIPS(slot, pMechanism, CKA_DERIVE, 
sourceKey,
-+                                       keySize*PR_BITS_PER_BYTE);
+     sftk_setFIPS(key, sftk_operationIsFIPS(slot, pMechanism,
+-                                           CKA_DERIVE, sourceKey));
++                                           CKA_DERIVE, sourceKey,
++                                           keySize*PR_BITS_PER_BYTE));
  
      switch (mechanism) {
          /* get a public key from a private key. nsslowkey_ConvertToPublickey()
-@@ -7841,7 +7864,7 @@ NSC_DeriveKey(CK_SESSION_HANDLE hSession
+@@ -8050,7 +8072,7 @@ NSC_DeriveKey(CK_SESSION_HANDLE hSession
              } else {
                  /* now allocate the hash contexts */
                  md5 = MD5_NewContext();
@@ -492,11 +491,11 @@
                      PORT_Memset(crsrdata, 0, sizeof crsrdata);
                      crv = CKR_HOST_MEMORY;
                      break;
-@@ -8230,6 +8253,7 @@ NSC_DeriveKey(CK_SESSION_HANDLE hSession
+@@ -8439,6 +8461,7 @@ NSC_DeriveKey(CK_SESSION_HANDLE hSession
                  PORT_Assert(i <= sizeof key_block);
              }
  
-+            session->lastOpWasFIPS = key->isFIPS;
++            session->lastOpWasFIPS = sftk_hasFIPS(key);
              crv = CKR_OK;
  
              if (0) {
@@ -728,8 +727,7 @@
      { CKM_SHA224_HMAC, { 112, 224, CKF_SGN }, 1, SFTKFIPSNone },
 @@ -141,46 +192,88 @@ SFTKFIPSAlgorithmList sftk_fips_mechs[]
      /* --------------------- Secret Key Operations ------------------------ */
--    { CKM_GENERIC_SECRET_KEY_GEN, { 8, 256, CKF_GEN }, 1, SFTKFIPSNone },
-+    { CKM_GENERIC_SECRET_KEY_GEN, { 112, 512, CKF_GEN }, 1, SFTKFIPSNone },
+     { CKM_GENERIC_SECRET_KEY_GEN, { 8, 256, CKF_GEN }, 1, SFTKFIPSNone },
      /* ---------------------- SSL/TLS operations ------------------------- */
 +#if 0
 +    /* Non-approved: SP 800-1400 - bsc#1222833 */
@@ -836,7 +834,7 @@
 ===================================================================
 --- nss.orig/lib/softoken/pkcs11u.c
 +++ nss/lib/softoken/pkcs11u.c
-@@ -2251,6 +2251,12 @@ sftk_AttributeToFlags(CK_ATTRIBUTE_TYPE
+@@ -2315,6 +2315,12 @@ sftk_AttributeToFlags(CK_ATTRIBUTE_TYPE
          case CKA_NSS_MESSAGE | CKA_VERIFY:
              flags = CKF_MESSAGE_VERIFY;
              break;
@@ -849,7 +847,7 @@
          default:
              break;
      }
-@@ -2327,7 +2333,7 @@ sftk_quickGetECCCurveOid(SFTKObject *sou
+@@ -2391,7 +2397,7 @@ sftk_quickGetECCCurveOid(SFTKObject *sou
  static int
  sftk_getKeyLength(SFTKObject *source)
  {
@@ -858,7 +856,7 @@
      CK_ATTRIBUTE_TYPE keyAttribute;
      CK_ULONG keyLength = 0;
      SFTKAttribute *attribute;
-@@ -2347,7 +2353,7 @@ sftk_getKeyLength(SFTKObject *source)
+@@ -2411,7 +2417,7 @@ sftk_getKeyLength(SFTKObject *source)
           * key length is CKA_VALUE, which is the default */
          keyType = CKK_INVALID_KEY_TYPE;
      }
@@ -867,7 +865,7 @@
          SECOidTag curve = sftk_quickGetECCCurveOid(source);
          switch (curve) {
              case SEC_OID_CURVE25519:
-@@ -2389,14 +2395,55 @@ sftk_getKeyLength(SFTKObject *source)
+@@ -2453,14 +2459,55 @@ sftk_getKeyLength(SFTKObject *source)
      return keyLength;
  }
  
@@ -924,7 +922,7 @@
      switch (mechInfo->special) {
          case SFTKFIPSDH: {
              SECItem dhPrime;
-@@ -2425,10 +2472,27 @@ sftk_handleSpecial(SFTKSlot *slot, CK_ME
+@@ -2489,10 +2536,27 @@ sftk_handleSpecial(SFTKSlot *slot, CK_ME
          }
          case SFTKFIPSNone:
              return PR_FALSE;
@@ -953,7 +951,7 @@
          case SFTKFIPSAEAD: {
              if (mech->ulParameterLen == 0) {
                  /* AEAD ciphers are only in FIPS mode if we are using the
-@@ -2456,11 +2520,44 @@ sftk_handleSpecial(SFTKSlot *slot, CK_ME
+@@ -2520,11 +2584,44 @@ sftk_handleSpecial(SFTKSlot *slot, CK_ME
              if (hashObj == NULL) {
                  return PR_FALSE;
              }
@@ -998,7 +996,7 @@
          default:
              break;
      }
-@@ -2471,7 +2568,7 @@ sftk_handleSpecial(SFTKSlot *slot, CK_ME
+@@ -2535,7 +2632,7 @@ sftk_handleSpecial(SFTKSlot *slot, CK_ME
  
  PRBool
  sftk_operationIsFIPS(SFTKSlot *slot, CK_MECHANISM *mech, CK_ATTRIBUTE_TYPE op,
@@ -1007,23 +1005,21 @@
  {
  #ifndef NSS_HAS_FIPS_INDICATORS
      return PR_FALSE;
-@@ -2484,18 +2581,35 @@ sftk_operationIsFIPS(SFTKSlot *slot, CK_
+@@ -2548,9 +2645,6 @@ sftk_operationIsFIPS(SFTKSlot *slot, CK_
      if (!sftk_isFIPS(slot->slotID)) {
          return PR_FALSE;
      }
--    if (source && !source->isFIPS) {
+-    if (source && !sftk_hasFIPS(source)) {
 -        return PR_FALSE;
 -    }
      if (mech == NULL) {
          return PR_FALSE;
      }
--
-     /* now get the calculated values */
-     opFlags = sftk_AttributeToFlags(op);
+@@ -2560,6 +2654,27 @@ sftk_operationIsFIPS(SFTKSlot *slot, CK_
      if (opFlags == 0) {
          return PR_FALSE;
      }
-+    if (source && !source->isFIPS
++    if (source && !sftk_hasFIPS(source)
 +        && !((mech->mechanism == CKM_DSA_SHA224
 +              || mech->mechanism == CKM_DSA_SHA256
 +              || mech->mechanism == CKM_DSA_SHA384
@@ -1047,7 +1043,7 @@
      keyLength = sftk_getKeyLength(source);
  
      /* check against our algorithm array */
-@@ -2503,13 +2617,15 @@ sftk_operationIsFIPS(SFTKSlot *slot, CK_
+@@ -2567,13 +2682,15 @@ sftk_operationIsFIPS(SFTKSlot *slot, CK_
          SFTKFIPSAlgorithmList *mechs = &sftk_fips_mechs[i];
          /* if we match the number of records exactly, then we are an
           * approved algorithm in the approved mode with an approved key */
@@ -1073,7 +1069,7 @@
 ===================================================================
 --- nss.orig/lib/util/pkcs11t.h
 +++ nss/lib/util/pkcs11t.h
-@@ -576,6 +576,7 @@ typedef CK_ULONG CK_JAVA_MIDP_SECURITY_D
+@@ -617,6 +617,7 @@ typedef CK_ULONG CK_JAVA_MIDP_SECURITY_D
  
  /* CKA_KEY_GEN_MECHANISM is new for v2.11 */
  #define CKA_KEY_GEN_MECHANISM 0x00000166UL
@@ -1085,7 +1081,7 @@
 ===================================================================
 --- nss.orig/lib/softoken/pkcs11.c
 +++ nss/lib/softoken/pkcs11.c
-@@ -575,17 +575,17 @@ static const struct mechanismList mechan
+@@ -596,17 +596,17 @@ static const struct mechanismList mechan
      { CKM_TLS_MASTER_KEY_DERIVE, { 48, 48, CKF_DERIVE }, PR_FALSE },
      { CKM_TLS12_MASTER_KEY_DERIVE, { 48, 48, CKF_DERIVE }, PR_FALSE },
      { CKM_NSS_TLS_MASTER_KEY_DERIVE_SHA256,
@@ -1112,14 +1108,14 @@
 ===================================================================
 --- nss.orig/lib/softoken/pkcs11i.h
 +++ nss/lib/softoken/pkcs11i.h
-@@ -968,7 +968,8 @@ CK_FLAGS sftk_AttributeToFlags(CK_ATTRIB
+@@ -975,7 +975,8 @@ CK_FLAGS sftk_AttributeToFlags(CK_ATTRIB
  /* check the FIPS table to determine if this current operation is allowed by
   * FIPS security policy */
  PRBool sftk_operationIsFIPS(SFTKSlot *slot, CK_MECHANISM *mech,
 -                            CK_ATTRIBUTE_TYPE op, SFTKObject *source);
 +                            CK_ATTRIBUTE_TYPE op, SFTKObject *source,
 +                            CK_ULONG targetKeySize);
- /* add validation objects to the slot */
- CK_RV sftk_CreateValidationObjects(SFTKSlot *slot);
- 
+ /* manage the fips flag on objects */
+ void sftk_setFIPS(SFTKObject *obj, PRBool isFIPS);
+ PRBool sftk_hasFIPS(SFTKObject *obj);
 

++++++ nss-fips-combined-hash-sign-dsa-ecdsa.patch ++++++
--- /var/tmp/diff_new_pack.6pdqnI/_old  2025-09-03 21:06:32.798393547 +0200
+++ /var/tmp/diff_new_pack.6pdqnI/_new  2025-09-03 21:06:32.802393716 +0200
@@ -16,7 +16,7 @@
 ===================================================================
 --- nss.orig/cmd/lib/pk11table.c
 +++ nss/cmd/lib/pk11table.c
-@@ -274,6 +274,10 @@ const Constant _consts[] = {
+@@ -283,6 +283,10 @@ const Constant _consts[] = {
      mkEntry(CKM_DSA_KEY_PAIR_GEN, Mechanism),
      mkEntry(CKM_DSA, Mechanism),
      mkEntry(CKM_DSA_SHA1, Mechanism),
@@ -27,7 +27,7 @@
      mkEntry(CKM_DH_PKCS_KEY_PAIR_GEN, Mechanism),
      mkEntry(CKM_DH_PKCS_DERIVE, Mechanism),
      mkEntry(CKM_X9_42_DH_DERIVE, Mechanism),
-@@ -439,6 +443,10 @@ const Constant _consts[] = {
+@@ -448,6 +452,10 @@ const Constant _consts[] = {
      mkEntry(CKM_EC_KEY_PAIR_GEN, Mechanism),
      mkEntry(CKM_ECDSA, Mechanism),
      mkEntry(CKM_ECDSA_SHA1, Mechanism),
@@ -68,7 +68,7 @@
 ===================================================================
 --- nss.orig/lib/softoken/pkcs11c.c
 +++ nss/lib/softoken/pkcs11c.c
-@@ -2849,6 +2849,38 @@ nsc_EDDSASignStub(void *ctx, unsigned ch
+@@ -2850,6 +2850,38 @@ nsc_EDDSASignStub(void *ctx, unsigned ch
      return rv;
  }
  
@@ -107,7 +107,7 @@
  /* NSC_SignInit setups up the signing operations. There are three basic
   * types of signing:
   *      (1) the tradition single part, where "Raw RSA" or "Raw DSA" is applied
-@@ -3756,6 +3788,22 @@ NSC_VerifyInit(CK_SESSION_HANDLE hSessio
+@@ -3757,6 +3789,22 @@ NSC_VerifyInit(CK_SESSION_HANDLE hSessio
          info->hashOid = SEC_OID_##mmm;        \
          goto finish_rsa;
  
@@ -130,182 +130,18 @@
      switch (pMechanism->mechanism) {
          INIT_RSA_VFY_MECH(MD5)
          INIT_RSA_VFY_MECH(MD2)
-@@ -5018,6 +5066,73 @@ loser:
- #define PAIRWISE_DIGEST_LENGTH SHA224_LENGTH /* 224-bits */
- #define PAIRWISE_MESSAGE_LENGTH 20           /* 160-bits */
- 
-+static CK_RV
-+pairwise_signverify_mech (CK_SESSION_HANDLE hSession,
-+                          SFTKObject *publicKey, SFTKObject *privateKey,
-+                          CK_MECHANISM mech,
-+                          CK_ULONG signature_length,
-+                          CK_ULONG pairwise_digest_length)
-+{
-+    /* Variables used for Signature/Verification functions. */
-+    /* Must be at least 256 bits for DSA2 digest */
-+    unsigned char *known_digest = (unsigned char *)"Mozilla Rules the World 
through NSS!";
-+    unsigned char *signature;
-+    CK_RV crv;
-+
-+    /* Allocate space for signature data. */
-+    signature = (unsigned char *)PORT_ZAlloc(signature_length);
-+    if (signature == NULL) {
-+        return CKR_HOST_MEMORY;
-+    }
-+
-+    /* Sign the known hash using the private key. */
-+    crv = NSC_SignInit(hSession, &mech, privateKey->handle);
-+    if (crv != CKR_OK) {
-+        PORT_Free(signature);
-+        return crv;
-+    }
-+
-+    crv = NSC_Sign(hSession,
-+                   known_digest,
-+                   pairwise_digest_length,
-+                   signature,
-+                   &signature_length);
-+    if (crv != CKR_OK) {
-+        PORT_Free(signature);
-+        return crv;
-+    }
-+
-+    /* detect trivial signing transforms */
-+    if ((signature_length >= pairwise_digest_length) &&
-+        (PORT_Memcmp(known_digest, signature + (signature_length - 
pairwise_digest_length), pairwise_digest_length) == 0)) {
-+        PORT_Free(signature);
-+        return CKR_DEVICE_ERROR;
-+    }
-+
-+    /* Verify the known hash using the public key. */
-+    crv = NSC_VerifyInit(hSession, &mech, publicKey->handle);
-+    if (crv != CKR_OK) {
-+        PORT_Free(signature);
-+        return crv;
-+    }
-+
-+    crv = NSC_Verify(hSession,
-+                     known_digest,
-+                     pairwise_digest_length,
-+                     signature,
-+                     signature_length);
-+
-+    /* Free signature data. */
-+    PORT_Free(signature);
-+
-+    if ((crv == CKR_SIGNATURE_LEN_RANGE) ||
-+        (crv == CKR_SIGNATURE_INVALID)) {
-+        return CKR_GENERAL_ERROR;
-+    }
-+
-+    return crv;
-+}
-+
- /*
-  * FIPS 140-2 pairwise consistency check utilized to validate key pair.
-  *
-@@ -5072,8 +5187,6 @@ sftk_PairwiseConsistencyCheck(CK_SESSION
- 
-     /* Variables used for Signature/Verification functions. */
-     /* Must be at least 256 bits for DSA2 digest */
--    unsigned char *known_digest = (unsigned char *)"Mozilla Rules the World 
through NSS!";
--    unsigned char *signature;
-     CK_ULONG signature_length;
- 
-     if (keyType == CKK_RSA) {
-@@ -5227,80 +5340,37 @@ sftk_PairwiseConsistencyCheck(CK_SESSION
+@@ -5266,10 +5314,9 @@ sftk_PairwiseConsistencyCheck(CK_SESSION
+             canSignVerify = PR_FALSE;
          }
      }
- 
-+#define SIGNVERIFY_CHECK_MECH(vfymech)                                        
       \
-+    mech.mechanism = vfymech;                                                 
       \
-+    crv = pairwise_signverify_mech (hSession, publicKey, privateKey,          
       \
-+                                    mech, signature_length, 
pairwise_digest_length); \
-+    if (crv != CKR_OK)                                                        
       \
-+        return crv;
+-
 +    
-+
      if (canSignVerify) {
+         CK_RSA_PKCS_PSS_PARAMS pssParams;
 -        /* Determine length of signature. */
          switch (keyType) {
              case CKK_RSA:
                  signature_length = modulusLen;
--                mech.mechanism = CKM_RSA_PKCS;
-+                SIGNVERIFY_CHECK_MECH(CKM_SHA224_RSA_PKCS)
-                 break;
-             case CKK_DSA:
-                 signature_length = DSA_MAX_SIGNATURE_LEN;
-                 pairwise_digest_length = subPrimeLen;
--                mech.mechanism = CKM_DSA;
-+                SIGNVERIFY_CHECK_MECH(CKM_DSA_SHA224)
-                 break;
-             case CKK_EC:
-                 signature_length = MAX_ECKEY_LEN * 2;
--                mech.mechanism = CKM_ECDSA;
-+                SIGNVERIFY_CHECK_MECH(CKM_ECDSA_SHA224)
-                 break;
-             case CKK_EC_EDWARDS:
-                 signature_length = ED25519_SIGN_LEN;
--                mech.mechanism = CKM_EDDSA;
-+                SIGNVERIFY_CHECK_MECH(CKM_EDDSA)
-                 break;
-             default:
-                 return CKR_DEVICE_ERROR;
-         }
- 
--        /* Allocate space for signature data. */
--        signature = (unsigned char *)PORT_ZAlloc(signature_length);
--        if (signature == NULL) {
--            return CKR_HOST_MEMORY;
--        }
--
--        /* Sign the known hash using the private key. */
--        crv = NSC_SignInit(hSession, &mech, privateKey->handle);
--        if (crv != CKR_OK) {
--            PORT_Free(signature);
--            return crv;
--        }
--
--        crv = NSC_Sign(hSession,
--                       known_digest,
--                       pairwise_digest_length,
--                       signature,
--                       &signature_length);
--        if (crv != CKR_OK) {
--            PORT_Free(signature);
--            return crv;
--        }
--
--        /* detect trivial signing transforms */
--        if ((signature_length >= pairwise_digest_length) &&
--            (PORT_Memcmp(known_digest, signature + (signature_length - 
pairwise_digest_length), pairwise_digest_length) == 0)) {
--            PORT_Free(signature);
--            return CKR_GENERAL_ERROR;
--        }
--
--        /* Verify the known hash using the public key. */
--        crv = NSC_VerifyInit(hSession, &mech, publicKey->handle);
--        if (crv != CKR_OK) {
--            PORT_Free(signature);
--            return crv;
--        }
--
--        crv = NSC_Verify(hSession,
--                         known_digest,
--                         pairwise_digest_length,
--                         signature,
--                         signature_length);
--
--        /* Free signature data. */
--        PORT_Free(signature);
--
--        if ((crv == CKR_SIGNATURE_LEN_RANGE) ||
--            (crv == CKR_SIGNATURE_INVALID)) {
--            return CKR_GENERAL_ERROR;
--        }
-         if (crv != CKR_OK) {
-             return crv;
-         }
 Index: nss/lib/softoken/softoken.h
 ===================================================================
 --- nss.orig/lib/softoken/softoken.h

++++++ nss-fips-pairwise-consistency-check.patch ++++++
--- /var/tmp/diff_new_pack.6pdqnI/_old  2025-09-03 21:06:32.826394730 +0200
+++ /var/tmp/diff_new_pack.6pdqnI/_new  2025-09-03 21:06:32.830394899 +0200
@@ -14,18 +14,7 @@
 ===================================================================
 --- nss.orig/lib/softoken/pkcs11c.c
 +++ nss/lib/softoken/pkcs11c.c
-@@ -5009,8 +5009,8 @@ loser:
-     return crv;
- }
- 
--#define PAIRWISE_DIGEST_LENGTH SHA1_LENGTH /* 160-bits */
--#define PAIRWISE_MESSAGE_LENGTH 20         /* 160-bits */
-+#define PAIRWISE_DIGEST_LENGTH SHA224_LENGTH /* 224-bits */
-+#define PAIRWISE_MESSAGE_LENGTH 20           /* 160-bits */
- 
- /*
-  * FIPS 140-2 pairwise consistency check utilized to validate key pair.
-@@ -6077,6 +6077,7 @@ NSC_GenerateKeyPair(CK_SESSION_HANDLE hS
+@@ -6165,6 +6165,7 @@ NSC_GenerateKeyPair(CK_SESSION_HANDLE hS
                              (PRUint32)crv);
                  sftk_LogAuditMessage(NSS_AUDIT_ERROR, NSS_AUDIT_SELF_TEST, 
msg);
              }

++++++ nss-fips-pct-pubkeys.patch ++++++
--- /var/tmp/diff_new_pack.6pdqnI/_old  2025-09-03 21:06:32.846395575 +0200
+++ /var/tmp/diff_new_pack.6pdqnI/_new  2025-09-03 21:06:32.850395744 +0200
@@ -5,9 +5,9 @@
 ===================================================================
 --- nss.orig/lib/softoken/pkcs11c.c
 +++ nss/lib/softoken/pkcs11c.c
-@@ -5132,6 +5132,88 @@ pairwise_signverify_mech (CK_SESSION_HAN
-     return crv;
- }
+@@ -5093,6 +5093,88 @@ loser:
+ 
+ #define PAIRWISE_MESSAGE_LENGTH 20 /* 160-bits */
  
 +/* This function regenerates a public key from a private key 
 + * (not simply returning the saved public key) and compares it
@@ -92,9 +92,9 @@
 +}
 +
  /*
-  * FIPS 140-2 pairwise consistency check utilized to validate key pair.
+  * FIPS 140-3 pairwise consistency check utilized to validate key pair.
   *
-@@ -5484,6 +5566,30 @@ sftk_PairwiseConsistencyCheck(CK_SESSION
+@@ -5550,6 +5632,30 @@ sftk_PairwiseConsistencyCheck(CK_SESSION
          }
      }
  

++++++ nss-fips-rsa-keygen-strictness.patch ++++++
--- /var/tmp/diff_new_pack.6pdqnI/_old  2025-09-03 21:06:32.862396252 +0200
+++ /var/tmp/diff_new_pack.6pdqnI/_new  2025-09-03 21:06:32.866396420 +0200
@@ -92,7 +92,7 @@
      if (err != MP_OKAY) {
          if (err == MP_UNDEF) {
              PORT_SetError(SEC_ERROR_NEED_RANDOM);
-@@ -288,10 +303,12 @@ RSA_NewKey(int keySizeInBits, SECItem *p
+@@ -297,10 +312,12 @@ RSA_NewKey(int keySizeInBits, SECItem *p
      mp_int q = { 0, 0, 0, NULL };
      mp_int e = { 0, 0, 0, NULL };
      mp_int d = { 0, 0, 0, NULL };
@@ -106,7 +106,7 @@
      int prerr = 0;
      RSAPrivateKey *key = NULL;
      PLArenaPool *arena = NULL;
-@@ -309,11 +326,40 @@ RSA_NewKey(int keySizeInBits, SECItem *p
+@@ -318,11 +335,40 @@ RSA_NewKey(int keySizeInBits, SECItem *p
          PORT_SetError(SEC_ERROR_INVALID_ARGS);
          goto cleanup;
      }
@@ -151,7 +151,7 @@
      }
  #endif
  
-@@ -331,12 +377,7 @@ RSA_NewKey(int keySizeInBits, SECItem *p
+@@ -340,12 +386,7 @@ RSA_NewKey(int keySizeInBits, SECItem *p
      key->arena = arena;
      /* length of primes p and q (in bytes) */
      primeLen = keySizeInBits / (2 * PR_BITS_PER_BYTE);
@@ -165,7 +165,7 @@
      /* 3.  Set the version number (PKCS1 v1.5 says it should be zero) */
      SECITEM_AllocItem(arena, &key->version, 1);
      key->version.data[0] = 0;
-@@ -347,13 +388,64 @@ RSA_NewKey(int keySizeInBits, SECItem *p
+@@ -356,13 +397,64 @@ RSA_NewKey(int keySizeInBits, SECItem *p
          PORT_SetError(0);
          CHECK_SEC_OK(generate_prime(&p, primeLen));
          CHECK_SEC_OK(generate_prime(&q, primeLen));
@@ -231,7 +231,7 @@
          /* Attempt to use these primes to generate a key */
          rv = rsa_build_from_primes(&p, &q,
                                     &e, PR_FALSE, /* needPublicExponent=false 
*/
-@@ -376,7 +468,9 @@ cleanup:
+@@ -385,7 +477,9 @@ cleanup:
      mp_clear(&q);
      mp_clear(&e);
      mp_clear(&d);

++++++ nss-fips-zeroization.patch ++++++
--- /var/tmp/diff_new_pack.6pdqnI/_old  2025-09-03 21:06:32.886397266 +0200
+++ /var/tmp/diff_new_pack.6pdqnI/_new  2025-09-03 21:06:32.894397604 +0200
@@ -92,7 +92,7 @@
 ===================================================================
 --- nss.orig/lib/freebl/dh.c
 +++ nss/lib/freebl/dh.c
-@@ -192,6 +192,10 @@ cleanup:
+@@ -194,6 +194,10 @@ cleanup:
          rv = SECFailure;
      }
      if (rv) {

commit mozilla-nss for openSUSE:Factory

Reply via email to