mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Bug 1720464 - land NSS e9236397be13 UPGRADE_NSS_RELEASE, r=beurdouche 

```
2021-07-24  Benjamin Beurdouche  <bbeurdouche@mozilla.com>

	* doc/rst/build_artifacts.rst, doc/rst/community.rst,
	doc/rst/getting_started.rst, doc/rst/index.rst, doc/rst/more.rst,
	doc/rst/releases/index.rst, doc/rst/releases/nss_3_64.rst,
	doc/rst/releases/nss_3_65.rst, doc/rst/releases/nss_3_66.rst,
	doc/rst/releases/nss_3_67.rst, doc/rst/releases/nss_3_68.rst:
	Documentation: update and release notes for NSS 3.64 to 3.68
	[e9236397be13] [tip]

2021-07-20  Robert Relyea  <rrelyea@redhat.com>

	* gtests/ssl_gtest/nss_policy.h,
	gtests/ssl_gtest/ssl_auth_unittest.cc,
	gtests/ssl_gtest/ssl_extension_unittest.cc,
	gtests/ssl_gtest/tls_agent.cc, gtests/ssl_gtest/tls_agent.h,
	gtests/ssl_gtest/tls_connect.cc, lib/ssl/ssl3con.c,
	lib/ssl/sslimpl.h:
	Bug 1720235 SSL handling of signature algorithms ignores
	environmental invalid algorithms.

	Our QA is quite extensive on handling of alert corner cases. Our
	code that checks if a signature algorithm is supported ignores the
	role of policy. If SHA1 is turned off by policy, for instance, we
	only detect that late in the game. This shows up in our test cases
	as decrypt_alerts rather than illegal_parameter or handshake_error
	alerts. It also shows up in us apparently accepting a client auth
	request which only has invalid alerts.

	We also don't handle filtering out signature algorithms that are
	illegal in tls 13 mode.

	This patch not only fixes these issues, but also issues where we
	proposing signature algorithms in server mode that we don't support
	by policy.

	This patch includes:

	In gtests: 1) adding support for policy in ssl_gtests. Currently
	both the server an client will run with the same policy. The patch
	allows us to set policy on one and keeping the old policy on the
	other.

	2) Update extension tests which failed in tls 1.3 because the patch
	now correctly rejects illegal tls 1.3 auth values. The test was
	updated to use a legal auth value in tls 1.3 (so we are correctly
	testing the format issue.

	3) Update extension tests to handle the case where we try to use an
	illegal value for tls 1.3.

	4) add tests to ssl_auth_unittests.cc to make sure we can properly
	connect even when several auth methods are turned off by policy
	(make sure we don't advertize them on the client side, and that the
	server doesn't select them when the client doesn't advertize them).

	5) add tests to ssl_auth_unittests.cc to make sure we don't send
	empty client auth requests when the requester only sends invalid
	auth requests.

	patch itself: 1) The handling of policy checks for ssl schemes were
	scattered in various locations. I've consolidated them into a single
	function. That function now checks for NSS_ALG_USE_IN_ANY_SIGNATURE
	as if this is off by policy, we will fail if we try to use the
	algorithm in a signature in any case. NSS now supports policy on all
	signature algorithms, not just DSA, so we need to check the policy
	of all the algorithms.

	2) to support the policy check on the signature algorithms, I added
	a new ssl_AuthTypeToOID, which also replaces our switch in checking
	if the SPKI matches our auth type.

	 3) ssl_SignatureSchemeValid now accepts an spkiOid of
	SEC_OID_UNKNOWN. To allow us to filter signature schemes based on
	version and policy restrictions before we try to select a
	certificate. This prevents us from sending empty client auth
	messages when we are presented with only invalid signature schemes.

	4) We filter supported algorithms against policy early, preventing
	us from sending, or even setting invalid algorithms if they are
	turned off by policy.

	5) ssl ConsumeSignatureScheme was handling alerts inconsistently.
	The Consume could send an allert in it's failure case, but the check
	of scheme validity wouldn't sent an alert. The collers were
	inconstent as well. Now ssl_ConsumeSignatureScheme always sends and
	alert on failure, and the callers do not.

	[c71bb1bedf7d]
```

Differential Revision: https://phabricator.services.mozilla.com/D120787
This commit is contained in:
Benjamin Beurdouche 2021-07-24 17:26:14 +00:00
Родитель 9f65d4a846
Коммит a1a5fc3aa9
21 изменённых файлов: 1223 добавлений и 244 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

2
security/nss/TAG-INFO
Просмотреть файл

@ -1 +1 @@
8f41147c2192
e9236397be13

1
security/nss/coreconf/coreconf.dep
Просмотреть файл

@ -10,4 +10,3 @@
*/
#error "Do not include this header file."

177
security/nss/doc/rst/build_artifacts.rst Normal file
Просмотреть файл

@ -0,0 +1,177 @@
.. _mozilla_projects_nss_build_artifacts:
.. warning::
This NSS documentation was just imported from our legacy MDN repository. It currently is very deprecated and likely incorrect or broken in many places.
Build artifacts
===============
.. container::
**Network Security Services (NSS)** is a set of libraries designed to support cross-platform
development of communications applications that support TLS, S/MIME, and other Internet security
standards. For a general overview of NSS and the standards it supports, see
:ref:`mozilla_projects_nss_overview`.
.. _shared_libraries:
`Shared libraries <#shared_libraries>`__
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.. container::
Network Security Services provides both static libraries and shared libraries. Applications that
use the shared libraries must use only the APIs that they export. Three shared libraries export
public functions:
- The SSL/TLS library supports core TLS operations.
- The S/MIME library supports core S/MIME operations.
- The freebl library supports core crypto operations.
.. note::
We guarantee that applications using the exported APIs will remain compatible with future
versions of those libraries until deprecated.
.. container::
..
For a complete list of public functions exported by these shared
libraries in NSS 3.2, see :ref:`mozilla_projects_nss_reference_nss_functions`.
..
For information on which static libraries in NSS 3.1.1 are replaced by each of the above shared
libraries in NSS 3.2 , see `Migration from NSS
3.1.1 <https://www-archive.mozilla.org/projects/security/pki/nss/release_notes_32.html#migration>`__.
..
Figure 1, below, shows a simplified view of the relationships among the three shared libraries
listed above and NSPR, which provides low-level cross platform support for operations such as
threading and I/O. (Note that NSPR is a separate Mozilla project; see `Netscape Portable
Runtime <https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSPR>`__ for details.)
.. image:: /en-US/docs/Mozilla/Projects/NSS/Introduction_to_Network_Security_Services/nss.gif
:alt: Diagram showing the relationships among core NSS libraries and NSPR.
:width: 429px
:height: 196px
.. _naming_conventions_and_special_libraries:
`Naming conventions <#naming_conventions_and_special_libraries>`__
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.. container::
Windows and Unix use different naming conventions for static and dynamic libraries:
======= ======== ===============================
  Windows Unix
static ``.lib`` ``.a``
dynamic ``.dll`` ``.so`` or ``.dylib`` or ``.sl``
======= ======== ===============================
In addition, Windows has "import" libraries that bind to dynamic libraries. So the NSS library
has the following forms:
- ``libnss3.so`` - Linux shared library
- ``libnss3.dylib`` - MacOS shared library
- ``libnss3.sl`` - HP-UX shared library
- ``libnss.a`` - Unix static library
- ``nss3.dll`` - Windows shared library
- ``nss3.lib`` - Windows import library binding to ``nss3.dll``
- ``nss.lib`` - Windows static library
NSS, SSL, and S/MIME have all of the above forms.
The following static libraries aren't included in any shared libraries
- ``libcrmf.a``/``crmf.lib`` provides an API for CRMF operations.
- ``libjar.a``/``jar.lib`` provides an API for creating JAR files.
The following static libraries are included only in external loadable PKCS #11 modules:
- ``libnssckfw.a``/``nssckfw.lib`` provides an API for writing PKCS #11 modules.
- ``libswfci.a``/``swfci.lib`` provides support for software FORTEZZA.
The following shared libraries are standalone loadable modules, not meant to be linked with
directly:
- ``libfort.so``/``libfort.sl``/``fort32.dll`` provides support for hardware FORTEZZA.
- ``libswft.so``/``libswft.sl``/``swft32.dll`` provides support for software FORTEZZA.
- ``libnssckbi.so``/``libnssckbi.sl``/``nssckbi.dll`` defines the default set of trusted root
certificates.
..
.. _support_for_ilp32:
`Support for ILP32 <#support_for_ilp32>`__
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.. container::
In NSS 3.2 and later versions, there are two new shared libraries for the platforms HP-UX for
PARisc CPUs and Solaris for (Ultra)Sparc (not x86) CPUs. These HP and Solaris platforms allow
programs that use the ILP32 program model to run on both 32-bit CPUs and 64-bit CPUs. The two
libraries exist to provide optimal performance on each of the two types of CPUs.
These two extra shared libraries are not supplied on any other platforms. The names of these
libraries are platform-dependent, as shown in the following table.
================================== ============================ ============================
Platform for 32-bit CPUs for 64-bit CPUs
Solaris/Sparc ``libfreebl_pure32_3.so`` ``libfreebl_hybrid_3.so``
HPUX/PARisc ``libfreebl_pure32_3.sl`` ``libfreebl_hybrid_3.sl``
AIX (planned for a future release) ``libfreebl_pure32_3_shr.a`` ``libfreebl_hybrid_3_shr.a``
================================== ============================ ============================
An application should not link against these libraries, because they are dynamically loaded by
NSS at run time. Linking the application against one or the other of these libraries may produce
an application program that can only run on one type of CPU (e.g. only on 64-bit CPUs, not on
32-bit CPUs) or that doesn't use the more efficient 64-bit code on 64-bit CPUs, which defeats the
purpose of having these shared libraries.
On platforms for which these shared libraries exist, NSS 3.2 will fail if these shared libs are
not present. So, an application must include these files in its distribution of NSS shared
libraries. These shared libraries should be installed in the same directory where the other NSS
shared libraries (such as ``libnss3.so``) are installed. Both shared libs should always be
installed whether the target system has a 32-bit CPU or a 64-bit CPU. NSS will pick the right one
for the local system at run time.
Note that NSS 3.x is also available in the LP64 model for these platforms, but the LP64 model of
NSS 3.x does not have these two extra shared libraries.
..
.. _what_you_should_already_know:
`What you should already know <#what_you_should_already_know>`__
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.. container::
Before using NSS, you should be familiar with the following topics:
- Concepts and techniques of public-key cryptography
- The Secure Sockets Layer (SSL) protocol
- The PKCS #11 standard for cryptographic token interfaces
- Cross-platform development issues and techniques
.. _where_to_find_more_information:
`Where to find more information <#where_to_find_more_information>`__
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.. container::
For information about PKI and SSL that you should understand before using NSS, see the following:
- `Introduction to Public-Key
Cryptography <https://developer.mozilla.org/en-US/docs/Archive/Security/Introduction_to_Public-Key_Cryptography>`__
- `Introduction to
SSL <https://developer.mozilla.org/en-US/docs/Archive/Security/Introduction_to_SSL>`__
For links to API documentation, build instructions, and other useful information, see the
:ref:`mozilla_projects_nss`.
As mentioned above, NSS is built on top of NSPR. The API documentation for NSPR is available at
`NSPR API
Reference <https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSPR/Reference>`__.

70
security/nss/doc/rst/community.rst Normal file
Просмотреть файл

@ -0,0 +1,70 @@
.. _Community:
Community
---------
Network Security Services (NSS) is maintained by a group of engineers and researchers,
mainly RedHat and Mozilla.
.. warning::
While the NSS team focuses mainly on supporting platforms and features needded by
Firefox and RHEL, we are happy to take contributions.
Contributors can reach out the the core team and follow NSS related news through the
following mailing list, Google group and Element/Matrix channel:
.. note::
Mailing list: `https://groups.google.com/a/mozilla.org/g/dev-tech-crypto <https://groups.google.com/a/mozilla.org/g/dev-tech-crypto>`__
Matrix/Element: `https://app.element.io/#/room/#nss:mozilla.org <https://app.element.io/#/room/#nss:mozilla.org>`__
..
- View Mozilla Security forums...
- `Mailing list <https://lists.mozilla.org/listinfo/dev-security>`__
- `Newsgroup <http://groups.google.com/group/mozilla.dev.security>`__
- `RSS feed <http://groups.google.com/group/mozilla.dev.security/feeds>`__
.. _how_to_contribute:
`How to Contribute <#how_to_contribute>`__
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.. container::
Start by opening a **Bugzilla** account at `bugzilla.mozilla.org <https://bugzilla.mozilla.org/>`__ if you don't have one.
``NSS :: Libraries`` is the component for issues you'd like to work on.
We maintain a list of `NSS bugs marked with a keyword "good-first-bug" <https://bugzilla.mozilla.org/buglist.cgi?keywords=good-first-bug%2C%20&keywords_type=allwords&classification=Components&query_format=advanced&bug_status=UNCONFIRMED&bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&component=Libraries&product=NSS>`__.
.. _creating_your_patch:
`Creating your Patch <#creating_your_patch>`__
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.. container::
See our section on :ref:`mozilla_projects_nss_nss_sources_building_testing` to get started
making your patch. When you're satisfied with it, you'll need code review.
.. _code_review:
`Code Review <#code_review>`__
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.. container::
`http://phabricator.services.mozilla.com/ <https://phabricator.services.mozilla.com>`__ is our
code review tool, which uses your Bugzilla account.
Use our `Phabricator user instructions <https://moz-conduit.readthedocs.io/en/latest/phabricator-user.html>`__ to upload patches for review.
Some items that will be evaluated during code review are `listed in checklist form on
Github. <https://github.com/mozilla/nss-tools/blob/master/nss-code-review-checklist.yaml>`__
After passing review, your patch can be landed by a member of the NSS team. Note that we don't land code that isn't both reviewed and tested.
.. warning::
Please reach out to the team before engaging in a lot of work to make ensure we are willing to accept your contributions.

62
security/nss/doc/rst/getting_started.rst Normal file
Просмотреть файл

@ -0,0 +1,62 @@
.. _mozilla_projects_nss_getting_started:
.. warning::
This NSS documentation was just imported from our legacy MDN repository. It currently is very deprecated and likely incorrect or broken in many places.
Getting Started
===============
.. _how_to_get_involved_with_nss:
`How to get involved with NSS <#how_to_get_involved_with_nss>`__
----------------------------------------------------------------
.. container::
| Network Security Services (NSS) is a base library for cryptographic algorithms and secure
network protocols used by Mozilla software.
| Would you like to get involved and help us to improve the core security of Mozilla Firefox and
other applications that make use of NSS? We are looking forward to your contributions!
..
| We have a large list of tasks waiting for attention, and we are happy to assist you in
identifying areas that match your interest or skills. You can find us on `Mozilla
IRC <https://developer.mozilla.org/en-US/docs/Mozilla/QA/Getting_Started_with_IRC>`__ in
channel `#nss <irc://irc.mozilla.org/#nss>`__ or you could ask your questions on the
`mozilla.dev.tech.crypto <https://lists.mozilla.org/listinfo/dev-tech-crypto/>`__ newsgroup.
The NSS library and its supporting command line tools are written in the C programming language.
Its build system and the automated tests are based on makefiles and bash scripts.
Over time, many documents have been produced that describe various aspects of NSS. You can start
with:
..
- the current `primary NSS documentation page <https://developer.mozilla.org/en-US/docs/NSS>`__
from which we link to other documentation.
- a `General Overview <https://developer.mozilla.org/en-US/docs/Overview_of_NSS>`__ of the
applications that use NSS and the features it provides.
- a high level :ref:`mozilla_projects_nss_an_overview_of_nss_internals`.
- learn about getting the :ref:`mozilla_projects_nss_nss_sources_building_testing`
- `Old documentation <https://www-archive.mozilla.org/projects/security/pki/nss/>`__ that is on
the archived mozilla.org website.
..
.. _nss_sample_code:
`NSS Sample Code <#nss_sample_code>`__
--------------------------------------
.. container::
A good place to start learning how to write NSS applications are the command line tools that are
maintained by the NSS developers. You can find them in subdirectory mozilla/security/nss/cmd
Or have a look at some basic :ref:`mozilla_projects_nss_nss_sample_code`.
A new set of samples is currently under development and review, see `Create new NSS
samples <https://bugzilla.mozilla.org/show_bug.cgi?id=490238>`__.
You are welcome to download the samples via: hg clone https://hg.mozilla.org/projects/nss; cd
nss; hg update SAMPLES_BRANCH

175
security/nss/doc/rst/index.rst
Просмотреть файл

@ -1,182 +1,21 @@
.. _mozilla_projects_nss:
Network Security Services
=========================
Network Security Services (NSS)
===============================
.. toctree::
:maxdepth: 2
:glob:
:hidden:
getting_started_with_nss/index.rst
introduction_to_network_security_services/index.rst
getting_started.rst
build_artifacts.rst
releases/index.rst
community.rst
more.rst
More documentation <more_docs>
.. warning::
This NSS documentation was just imported from our legacy MDN repository. It currently is very deprecated and likely incorrect or broken in many places.
`Documentation <#documentation>`__
----------------------------------
.. container::
**Network Security Services** (**NSS**) is a set of libraries designed to support cross-platform
development of security-enabled client and server applications. Applications built with NSS can
support SSL v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and
other security standards.
For detailed information on standards supported, see :ref:`mozilla_projects_nss_overview`. For a
list of frequently asked questions, see the :ref:`mozilla_projects_nss_faq`.
NSS is available under the Mozilla Public License. For information on downloading NSS releases as
tar files, see :ref:`mozilla_projects_nss_nss_sources_building_testing`.
If you're a developer and would like to contribute to NSS, you might want to read the documents
:ref:`mozilla_projects_nss_an_overview_of_nss_internals` and
:ref:`mozilla_projects_nss_getting_started_with_nss`.
.. rubric:: Background Information
:name: Background_Information
:ref:`mozilla_projects_nss_overview`
Provides a brief summary of NSS and its capabilities.
:ref:`mozilla_projects_nss_faq`
Answers basic questions about NSS.
`Introduction to Public-Key Cryptography <https://developer.mozilla.org/en-US/docs/Archive/Security/Introduction_to_Public-Key_Cryptography>`__
Explains the basic concepts of public-key cryptography that underlie NSS.
`Introduction to SSL <https://developer.mozilla.org/en-US/docs/Archive/Security/Introduction_to_SSL>`__
Introduces the SSL protocol, including information about cryptographic ciphers supported by
SSL and the steps involved in the SSL handshake.
.. rubric:: Getting Started
:name: Getting_Started
:ref:`mozilla_projects_nss_nss_releases`
This page contains information about the current and past releases of NSS.
:ref:`mozilla_projects_nss_nss_sources_building_testing`
Instructions on how to build NSS on the different supported platforms.
`Get Mozilla Source Code Using Mercurial <https://developer.mozilla.org/en-US/docs/Mozilla/Developer_guide/Source_Code/Mercurial>`__
Information about with working with Mercurial.
`Get Mozilla Source Code Using CVS (deprecated) <https://developer.mozilla.org/en-US/docs/Mozilla/Developer_guide/Source_Code/CVS>`__
Old deprecated CVS documentation.
.. rubric:: NSS APIs
:name: NSS_APIs
:ref:`mozilla_projects_nss_introduction_to_network_security_services`
Provides an overview of the NSS libraries and what you need to know to use them.
:ref:`mozilla_projects_nss_ssl_functions`
Summarizes the SSL APIs exported by the NSS shared libraries.
:ref:`mozilla_projects_nss_reference`
API used to invoke SSL operations.
:ref:`mozilla_projects_nss_nss_api_guidelines`
Explains how the libraries and code are organized, and guidelines for developing code (naming
conventions, error handling, thread safety, etc.)
:ref:`mozilla_projects_nss_nss_tech_notes`
Links to NSS technical notes, which provide latest information about new NSS features and
supplementary documentation for advanced topics in programming with NSS.
.. rubric:: Tools, testing, and other technical details
:name: Tools_testing_and_other_technical_details
:ref:`mozilla_projects_nss_building`
Describe how to check out and build NSS releases.
:ref:`mozilla_projects_nss_nss_developer_tutorial`
How to make changes in NSS. Coding style, maintaining ABI compatibility.
:ref:`mozilla_projects_nss_tools`
Tools for developing, debugging, and managing applications that use NSS.
:ref:`mozilla_projects_nss_nss_sample_code`
Demonstrates how NSS can be used for cryptographic operations, certificate handling, SSL, etc.
:ref:`mozilla_projects_nss_nss_third-party_code`
A list of third-party code included in the NSS library.
`NSS 3.2 Test Suite <https://www-archive.mozilla.org/projects/security/pki/nss/testnss_32.html>`__
**Archived version.** Describes how to run the standard NSS tests.
`NSS Performance Reports <https://www-archive.mozilla.org/projects/security/pki/nss/performance_reports.html>`__
**Archived version.** Links to performance reports for NSS 3.2 and later releases.
`Encryption Technologies Available in NSS 3.11 <https://www-archive.mozilla.org/projects/security/pki/nss/nss-3.11/nss-3.11-algorithms.html>`__
**Archived version.** Lists the cryptographic algorithms used by NSS 3.11.
`NSS 3.1 Loadable Root Certificates <https://www-archive.mozilla.org/projects/security/pki/nss/loadable_certs.html>`__
**Archived version.** Describes the scheme for loading root CA certificates.
`cert7.db <https://www-archive.mozilla.org/projects/security/pki/nss/db_formats.html>`__
**Archived version.** General format of the cert7.db database.
.. rubric:: PKCS #11 information
:name: PKCS_11_information
- :ref:`mozilla_projects_nss_pkcs11`
- :ref:`mozilla_projects_nss_pkcs11_implement`
- :ref:`mozilla_projects_nss_pkcs11_module_specs`
- :ref:`mozilla_projects_nss_pkcs11_faq`
- `Using the JAR Installation Manager to Install a PKCS #11 Cryptographic
Module <https://developer.mozilla.org/en-US/docs/PKCS11_Jar_Install>`__
- `PKCS #11 Conformance Testing - Archived
version <https://www-archive.mozilla.org/projects/security/pki/pkcs11/>`__
.. rubric:: CA certificates pre-loaded into NSS
:name: CA_certificates_pre-loaded_into_NSS
- `Mozilla CA certificate policy <https://www.mozilla.org/projects/security/certs/policy/>`__
- `List of pre-loaded CA certificates <https://wiki.mozilla.org/CA/Included_Certificates>`__
- Consumers of this list must consider the trust bit setting for each included root
certificate. `More
Information <https://www.imperialviolet.org/2012/01/30/mozillaroots.html>`__, `Extracting
roots and their trust bits <https://github.com/agl/extract-nss-root-certs>`__
.. rubric:: NSS is built on top of Netscape Portable Runtime (NSPR)
:name: NSS_is_built_on_top_of_Netscape_Portable_Runtime_NSPR
`Netscape Portable Runtime <NSPR>`__
NSPR project page.
`NSPR Reference <https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSPR/Reference>`__
NSPR API documentation.
.. rubric:: Additional Information
:name: Additional_Information
- `Using the window.crypto object from
JavaScript <https://developer.mozilla.org/en-US/docs/JavaScript_crypto>`__
- :ref:`mozilla_projects_nss_http_delegation`
- :ref:`mozilla_projects_nss_tls_cipher_suite_discovery`
- :ref:`mozilla_projects_nss_certificate_download_specification`
- :ref:`mozilla_projects_nss_fips_mode_-_an_explanation`
- :ref:`mozilla_projects_nss_key_log_format`
.. rubric:: Planning
:name: Planning
Information on NSS planning can be found at `wiki.mozilla.org <https://wiki.mozilla.org/NSS>`__,
including:
- `FIPS Validation <https://wiki.mozilla.org/FIPS_Validation>`__
- `NSS Roadmap page <https://wiki.mozilla.org/NSS:Roadmap>`__
- `NSS Improvement
Project <https://fedoraproject.org/wiki/User:Mitr/NSS:DeveloperFriendliness>`__
.. _Community:
Community
~~~~~~~~~
- View Mozilla Security forums...
- `Mailing list <https://lists.mozilla.org/listinfo/dev-security>`__
- `Newsgroup <http://groups.google.com/group/mozilla.dev.security>`__
- `RSS feed <http://groups.google.com/group/mozilla.dev.security/feeds>`__
- View Mozilla Cryptography forums...
- `Mailing list <https://lists.mozilla.org/listinfo/dev-tech-crypto>`__
- `Newsgroup <http://groups.google.com/group/mozilla.dev.tech.crypto>`__
- `RSS feed <http://groups.google.com/group/mozilla.dev.tech.crypto/feeds>`__
.. _Related_Topics:
Related Topics
~~~~~~~~~~~~~~
- `Security <https://developer.mozilla.org/en-US/docs/Security>`__

153
security/nss/doc/rst/more.rst Normal file
Просмотреть файл

@ -0,0 +1,153 @@
.. _more_documentation:
.. warning::
This NSS documentation was just imported from our legacy MDN repository.
It currently is very deprecated and likely incorrect or broken in many places.
More Documentation
------------------
.. container::
**Network Security Services** (**NSS**) is a set of libraries designed to support cross-platform
development of security-enabled client and server applications. Applications built with NSS can
support SSL v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and
other security standards.
For detailed information on standards supported, see :ref:`mozilla_projects_nss_overview`. For a
list of frequently asked questions, see the :ref:`mozilla_projects_nss_faq`.
NSS is available under the Mozilla Public License. For information on downloading NSS releases as
tar files, see :ref:`mozilla_projects_nss_nss_sources_building_testing`.
If you're a developer and would like to contribute to NSS, you might want to read the documents
:ref:`mozilla_projects_nss_an_overview_of_nss_internals` and
:ref:`mozilla_projects_nss_getting_started_with_nss`.
.. rubric:: Background Information
:name: Background_Information
:ref:`mozilla_projects_nss_overview`
Provides a brief summary of NSS and its capabilities.
:ref:`mozilla_projects_nss_faq`
Answers basic questions about NSS.
`Introduction to Public-Key Cryptography <https://developer.mozilla.org/en-US/docs/Archive/Security/Introduction_to_Public-Key_Cryptography>`__
Explains the basic concepts of public-key cryptography that underlie NSS.
`Introduction to SSL <https://developer.mozilla.org/en-US/docs/Archive/Security/Introduction_to_SSL>`__
Introduces the SSL protocol, including information about cryptographic ciphers supported by
SSL and the steps involved in the SSL handshake.
.. rubric:: Getting Started
:name: Getting_Started
:ref:`mozilla_projects_nss_nss_releases`
This page contains information about the current and past releases of NSS.
:ref:`mozilla_projects_nss_nss_sources_building_testing`
Instructions on how to build NSS on the different supported platforms.
`Get Mozilla Source Code Using Mercurial <https://developer.mozilla.org/en-US/docs/Mozilla/Developer_guide/Source_Code/Mercurial>`__
Information about with working with Mercurial.
`Get Mozilla Source Code Using CVS (deprecated) <https://developer.mozilla.org/en-US/docs/Mozilla/Developer_guide/Source_Code/CVS>`__
Old deprecated CVS documentation.
.. rubric:: NSS APIs
:name: NSS_APIs
:ref:`mozilla_projects_nss_introduction_to_network_security_services`
Provides an overview of the NSS libraries and what you need to know to use them.
:ref:`mozilla_projects_nss_ssl_functions`
Summarizes the SSL APIs exported by the NSS shared libraries.
:ref:`mozilla_projects_nss_reference`
API used to invoke SSL operations.
:ref:`mozilla_projects_nss_nss_api_guidelines`
Explains how the libraries and code are organized, and guidelines for developing code (naming
conventions, error handling, thread safety, etc.)
:ref:`mozilla_projects_nss_nss_tech_notes`
Links to NSS technical notes, which provide latest information about new NSS features and
supplementary documentation for advanced topics in programming with NSS.
.. rubric:: Tools, testing, and other technical details
:name: Tools_testing_and_other_technical_details
:ref:`mozilla_projects_nss_building`
Describe how to check out and build NSS releases.
:ref:`mozilla_projects_nss_nss_developer_tutorial`
How to make changes in NSS. Coding style, maintaining ABI compatibility.
:ref:`mozilla_projects_nss_tools`
Tools for developing, debugging, and managing applications that use NSS.
:ref:`mozilla_projects_nss_nss_sample_code`
Demonstrates how NSS can be used for cryptographic operations, certificate handling, SSL, etc.
:ref:`mozilla_projects_nss_nss_third-party_code`
A list of third-party code included in the NSS library.
`NSS 3.2 Test Suite <https://www-archive.mozilla.org/projects/security/pki/nss/testnss_32.html>`__
**Archived version.** Describes how to run the standard NSS tests.
`NSS Performance Reports <https://www-archive.mozilla.org/projects/security/pki/nss/performance_reports.html>`__
**Archived version.** Links to performance reports for NSS 3.2 and later releases.
`Encryption Technologies Available in NSS 3.11 <https://www-archive.mozilla.org/projects/security/pki/nss/nss-3.11/nss-3.11-algorithms.html>`__
**Archived version.** Lists the cryptographic algorithms used by NSS 3.11.
`NSS 3.1 Loadable Root Certificates <https://www-archive.mozilla.org/projects/security/pki/nss/loadable_certs.html>`__
**Archived version.** Describes the scheme for loading root CA certificates.
`cert7.db <https://www-archive.mozilla.org/projects/security/pki/nss/db_formats.html>`__
**Archived version.** General format of the cert7.db database.
.. rubric:: PKCS #11 information
:name: PKCS_11_information
- :ref:`mozilla_projects_nss_pkcs11`
- :ref:`mozilla_projects_nss_pkcs11_implement`
- :ref:`mozilla_projects_nss_pkcs11_module_specs`
- :ref:`mozilla_projects_nss_pkcs11_faq`
- `Using the JAR Installation Manager to Install a PKCS #11 Cryptographic
Module <https://developer.mozilla.org/en-US/docs/PKCS11_Jar_Install>`__
- `PKCS #11 Conformance Testing - Archived
version <https://www-archive.mozilla.org/projects/security/pki/pkcs11/>`__
.. rubric:: CA certificates pre-loaded into NSS
:name: CA_certificates_pre-loaded_into_NSS
- `Mozilla CA certificate policy <https://www.mozilla.org/projects/security/certs/policy/>`__
- `List of pre-loaded CA certificates <https://wiki.mozilla.org/CA/Included_Certificates>`__
- Consumers of this list must consider the trust bit setting for each included root
certificate. `More
Information <https://www.imperialviolet.org/2012/01/30/mozillaroots.html>`__, `Extracting
roots and their trust bits <https://github.com/agl/extract-nss-root-certs>`__
.. rubric:: NSS is built on top of Netscape Portable Runtime (NSPR)
:name: NSS_is_built_on_top_of_Netscape_Portable_Runtime_NSPR
`Netscape Portable Runtime <NSPR>`__
NSPR project page.
`NSPR Reference <https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSPR/Reference>`__
NSPR API documentation.
.. rubric:: Additional Information
:name: Additional_Information
- `Using the window.crypto object from
JavaScript <https://developer.mozilla.org/en-US/docs/JavaScript_crypto>`__
- :ref:`mozilla_projects_nss_http_delegation`
- :ref:`mozilla_projects_nss_tls_cipher_suite_discovery`
- :ref:`mozilla_projects_nss_certificate_download_specification`
- :ref:`mozilla_projects_nss_fips_mode_-_an_explanation`
- :ref:`mozilla_projects_nss_key_log_format`
.. rubric:: Planning
:name: Planning
Information on NSS planning can be found at `wiki.mozilla.org <https://wiki.mozilla.org/NSS>`__,
including:
- `FIPS Validation <https://wiki.mozilla.org/FIPS_Validation>`__
- `NSS Roadmap page <https://wiki.mozilla.org/NSS:Roadmap>`__
- `NSS Improvement
Project <https://fedoraproject.org/wiki/User:Mitr/NSS:DeveloperFriendliness>`__
.. _Related_Topics:
Related Topics
~~~~~~~~~~~~~~
- `Security <https://developer.mozilla.org/en-US/docs/Security>`__

37
security/nss/doc/rst/releases/index.rst Normal file
Просмотреть файл

@ -0,0 +1,37 @@
.. _mozilla_projects_nss_releases:
Releases
========
.. toctree::
:maxdepth: 0
:glob:
:hidden:
nss_3_68.rst
nss_3_67.rst
nss_3_66.rst
nss_3_65.rst
nss_3_64.rst
.. note::
**NSS 3.68** is the latest version of NSS.
Complete release notes are available here: :ref:`mozilla_projects_nss_nss_3_68_release_notes`
.. container::
Changes included in this release:
- Bug 1709654 - Update for NetBSD configuration.
- Bug 1709750 - Disable HPKE test when fuzzing.
- Bug 1566124 - Optimize AES-GCM for ppc64le.
- Bug 1699021 - Add AES-256-GCM to HPKE.
- Bug 1698419 - ECH -10 updates.
- Bug 1692930 - Update HPKE to final version.
- Bug 1707130 - NSS should use modern algorithms in PKCS#12 files by default.
- Bug 1703936 - New coverity/cpp scanner errors.
- Bug 1697303 - NSS needs to update it's csp clearing to FIPS 180-3 standards.
- Bug 1702663 - Need to support RSA PSS with Hashing PKCS #11 Mechanisms.
- Bug 1705119 - Deadlock when using GCM and non-thread safe tokens.

69
security/nss/doc/rst/releases/nss_3_64.rst Normal file
Просмотреть файл

@ -0,0 +1,69 @@
.. _mozilla_projects_nss_nss_3_64_release_notes:
NSS 3.64 release notes
======================
`Introduction <#introduction>`__
--------------------------------
.. container::
Network Security Services (NSS) 3.64 was released on **15 April 2021**.
.. _distribution_information:
`Distribution Information <#distribution_information>`__
--------------------------------------------------------
.. container::
The HG tag is NSS_3_64_RTM. NSS 3.64 requires NSPR 4.30 or newer.
NSS 3.64 source distributions are available on ftp.mozilla.org for secure HTTPS download:
- Source tarballs:
https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_64_RTM/src/
Other releases are available :ref:`mozilla_projects_nss_nss_releases`.
.. _bugs_fixed_in_nss_3.64:
`Bugs fixed in NSS 3.64 <#bugs_fixed_in_nss_3.64>`__
----------------------------------------------------
.. container::
- Bug 1705286 - Properly detect mips64.
- Bug 1687164 - Introduce NSS_DISABLE_CRYPTO_VSX and disable_crypto_vsx.
- Bug 1698320 - replace \__builtin_cpu_supports("vsx") with ppc_crypto_support() for clang.
- Bug 1613235 - Add POWER ChaCha20 stream cipher vector acceleration.
`Compatibility <#compatibility>`__
----------------------------------
.. container::
NSS 3.64 shared libraries are backwards-compatible with all older NSS 3.x shared libraries. A
program linked with older NSS 3.x shared libraries will work with NSS 3.64 shared libraries
without recompiling or relinking. Furthermore, applications that restrict their use of NSS APIs
to the functions listed in NSS Public Functions will remain compatible with future versions of
the NSS shared libraries.
`Feedback <#feedback>`__
------------------------
.. container::
Bugs discovered should be reported by filing a bug report on
`bugzilla.mozilla.org <https://bugzilla.mozilla.org/enter_bug.cgi?product=NSS>`__ (product NSS).
`Notes <#notes>`__
------------------
.. container::
This version of NSS contains a number of contributions for "unsupported platforms". We would like
to thank the authors and the reviewers for their contributions to NSS.
Discussions about moving the documentation are still ongoing. (See discussion in the 3.62 release
notes.)

77
security/nss/doc/rst/releases/nss_3_65.rst Normal file
Просмотреть файл

@ -0,0 +1,77 @@
.. _mozilla_projects_nss_nss_3_65_release_notes:
NSS 3.65 release notes
======================
`Introduction <#introduction>`__
--------------------------------
.. container::
Network Security Services (NSS) 3.65 was released on **13 May 2021**.
.. _distribution_information:
`Distribution Information <#distribution_information>`__
--------------------------------------------------------
.. container::
The HG tag is NSS_3_65_RTM. NSS 3.65 requires NSPR 4.30 or newer.
NSS 3.65 source distributions are available on ftp.mozilla.org for secure HTTPS download:
- Source tarballs:
https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_65_RTM/src/
Other releases are available :ref:`mozilla_projects_nss_releases`.
.. _bugs_fixed_in_nss_3.65:
`Bugs fixed in NSS 3.65 <#bugs_fixed_in_nss_3.65>`__
----------------------------------------------------
.. container::
- Bug 1709654 - Update for NetBSD configuration.
- Bug 1709750 - Disable HPKE test when fuzzing.
- Bug 1566124 - Optimize AES-GCM for ppc64le.
- Bug 1699021 - Add AES-256-GCM to HPKE.
- Bug 1698419 - ECH -10 updates.
- Bug 1692930 - Update HPKE to final version.
- Bug 1707130 - NSS should use modern algorithms in PKCS#12 files by default.
- Bug 1703936 - New coverity/cpp scanner errors.
- Bug 1697303 - NSS needs to update it's csp clearing to FIPS 180-3 standards.
- Bug 1702663 - Need to support RSA PSS with Hashing PKCS #11 Mechanisms.
- Bug 1705119 - Deadlock when using GCM and non-thread safe tokens.
`Compatibility <#compatibility>`__
----------------------------------
.. container::
NSS 3.65 shared libraries are backwards-compatible with all older NSS 3.x shared libraries. A
program linked with older NSS 3.x shared libraries will work with NSS 3.65 shared libraries
without recompiling or relinking. Furthermore, applications that restrict their use of NSS APIs
to the functions listed in NSS Public Functions will remain compatible with future versions of
the NSS shared libraries.
`Feedback <#feedback>`__
------------------------
.. container::
Bugs discovered should be reported by filing a bug report on
`bugzilla.mozilla.org <https://bugzilla.mozilla.org/enter_bug.cgi?product=NSS>`__ (product NSS).
`Notes <#notes>`__
------------------
.. container::
Due to some changes in the Firefox release cycle, NSS 3.67 has yet to be added
to the NSS release schedule (3.66 is not affected). I will announce the date to
this list once defined.
Best,
Benjamin

79
security/nss/doc/rst/releases/nss_3_66.rst Normal file
Просмотреть файл

@ -0,0 +1,79 @@
.. _mozilla_projects_nss_nss_3_66_release_notes:
NSS 3.66 release notes
======================
`Introduction <#introduction>`__
--------------------------------
.. container::
Network Security Services (NSS) 3.66 was released on **27 May 2021**.
.. _distribution_information:
`Distribution Information <#distribution_information>`__
--------------------------------------------------------
.. container::
The HG tag is NSS_3_66_RTM. NSS 3.66 requires NSPR 4.30 or newer.
NSS 3.66 source distributions are available on ftp.mozilla.org for secure HTTPS download:
- Source tarballs:
https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_66_RTM/src/
Other releases are available :ref:`mozilla_projects_nss_releases`.
.. _bugs_fixed_in_nss_3.66:
`Bugs fixed in NSS 3.66 <#bugs_fixed_in_nss_3.66>`__
----------------------------------------------------
.. container::
- Bug 1710716 - Remove Expired Sonera Class2 CA from NSS.
- Bug 1710716 - Remove Expired Root Certificates from NSS - QuoVadis Root Certification Authority.
- Bug 1708307 - Remove Trustis FPS Root CA from NSS.
- Bug 1707097 - Add Certum Trusted Root CA to NSS.
- Bug 1707097 - Add Certum EC-384 CA to NSS.
- Bug 1703942 - Add ANF Secure Server Root CA to NSS.
- Bug 1697071 - Add GLOBALTRUST 2020 root cert to NSS.
- Bug 1712184 - NSS tools manpages need to be updated to reflect that sqlite is the default database.
- Bug 1712230 - Don't build ppc-gcm.s with clang integrated assembler.
- Bug 1712211 - Strict prototype error when trying to compile nss code that includes blapi.h.
- Bug 1710773 - NSS needs FIPS 180-3 FIPS indicators.
- Bug 1709291 - Add VerifyCodeSigningCertificateChain.
- Use GNU tar for the release helper script.
`Compatibility <#compatibility>`__
----------------------------------
.. container::
NSS 3.66 shared libraries are backwards-compatible with all older NSS 3.x shared libraries. A
program linked with older NSS 3.x shared libraries will work with NSS 3.66 shared libraries
without recompiling or relinking. Furthermore, applications that restrict their use of NSS APIs
to the functions listed in NSS Public Functions will remain compatible with future versions of
the NSS shared libraries.
`Feedback <#feedback>`__
------------------------
.. container::
Bugs discovered should be reported by filing a bug report on
`bugzilla.mozilla.org <https://bugzilla.mozilla.org/enter_bug.cgi?product=NSS>`__ (product NSS).
`Notes <#notes>`__
------------------
.. container::
To realign the NSS and Firefox release schedules, the next cycle for
NSS 3.67 will be very short and the release happen on June 10th.
https://wiki.mozilla.org/NSS:Release_Versions
Bug 1712230 introduced a correctness issue for GCM on ppcle64, the fix will
be part of NSS 3.67.

70
security/nss/doc/rst/releases/nss_3_67.rst Normal file
Просмотреть файл

@ -0,0 +1,70 @@
.. _mozilla_projects_nss_nss_3_67_release_notes:
NSS 3.67 release notes
======================
`Introduction <#introduction>`__
--------------------------------
.. container::
Network Security Services (NSS) 3.67 was released on **10 June 2021**.
.. _distribution_information:
`Distribution Information <#distribution_information>`__
--------------------------------------------------------
.. container::
The HG tag is NSS_3_67_RTM. NSS 3.67 requires NSPR 4.30 or newer.
NSS 3.67 source distributions are available on ftp.mozilla.org for secure HTTPS download:
- Source tarballs:
https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_67_RTM/src/
Other releases are available :ref:`mozilla_projects_nss_releases`.
.. _bugs_fixed_in_nss_3.67:
`Bugs fixed in NSS 3.67 <#bugs_fixed_in_nss_3.67>`__
----------------------------------------------------
.. container::
- Bug 1683710 - Add a means to disable ALPN.
- Bug 1715720 - Fix nssckbi version number in NSS 3.67 (was supposed to be incremented in 3.66).
- Bug 1714719 - Set NSS_USE_64 on riscv64 target when using GYP/Ninja.
- Bug 1566124 - Fix counter increase in ppc-gcm-wrap.c
- Bug 1566124 - Fix AES_GCM mode on ppc64le for messages of length more than 255-byte.
`Compatibility <#compatibility>`__
----------------------------------
.. container::
NSS 3.67 shared libraries are backwards-compatible with all older NSS 3.x shared libraries. A
program linked with older NSS 3.x shared libraries will work with NSS 3.67 shared libraries
without recompiling or relinking. Furthermore, applications that restrict their use of NSS APIs
to the functions listed in NSS Public Functions will remain compatible with future versions of
the NSS shared libraries.
`Feedback <#feedback>`__
------------------------
.. container::
Bugs discovered should be reported by filing a bug report on
`bugzilla.mozilla.org <https://bugzilla.mozilla.org/enter_bug.cgi?product=NSS>`__ (product NSS).
`Notes <#notes>`__
------------------
.. container::
This version of NSS contains a number of contributions for "unsupported platforms". We would like
to thank the authors and the reviewers for their contributions to NSS.
Discussions about moving the documentation are still ongoing. (See discussion in the 3.62 release
notes.)

61
security/nss/doc/rst/releases/nss_3_68.rst Normal file
Просмотреть файл

@ -0,0 +1,61 @@
.. _mozilla_projects_nss_nss_3_68_release_notes:
NSS 3.68 release notes
======================
`Introduction <#introduction>`__
--------------------------------
.. container::
Network Security Services (NSS) 3.68 was released on **8 July 2021**.
.. _distribution_information:
`Distribution Information <#distribution_information>`__
--------------------------------------------------------
.. container::
The HG tag is NSS_3_68_RTM. NSS 3.68 requires NSPR 4.32 or newer.
NSS 3.68 source distributions are available on ftp.mozilla.org for secure HTTPS download:
- Source tarballs:
https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_68_RTM/src/
Other releases are available :ref:`mozilla_projects_nss_releases`.
.. _bugs_fixed_in_nss_3.68:
`Bugs fixed in NSS 3.68 <#bugs_fixed_in_nss_3.68>`__
----------------------------------------------------
.. container::
- Bug 1713562 - Fix test leak.
- Bug 1717452 - NSS 3.68 should depend on NSPR 4.32.
- Bug 1693206 - Implement PKCS8 export of ECDSA keys.
- Bug 1712883 - DTLS 1.3 draft-43.
- Bug 1655493 - Support SHA2 HW acceleration using Intel SHA Extension.
- Bug 1713562 - Validate ECH public names.
- Bug 1717610 - Add function to get seconds from epoch from pkix::Time.
`Compatibility <#compatibility>`__
----------------------------------
.. container::
NSS 3.68 shared libraries are backwards-compatible with all older NSS 3.x shared libraries. A
program linked with older NSS 3.x shared libraries will work with NSS 3.68 shared libraries
without recompiling or relinking. Furthermore, applications that restrict their use of NSS APIs
to the functions listed in NSS Public Functions will remain compatible with future versions of
the NSS shared libraries.
`Feedback <#feedback>`__
------------------------
.. container::
Bugs discovered should be reported by filing a bug report on
`bugzilla.mozilla.org <https://bugzilla.mozilla.org/enter_bug.cgi?product=NSS>`__ (product NSS).

78
security/nss/gtests/ssl_gtest/nss_policy.h Normal file
Просмотреть файл

@ -0,0 +1,78 @@
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* vim: set ts=2 et sw=2 tw=80: */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this file,
* You can obtain one at http://mozilla.org/MPL/2.0/. */
#ifndef nss_policy_h_
#define nss_policy_h_
#include "prtypes.h"
#include "secoid.h"
namespace nss_test {
// container class to hold all a temp policy
class NssPolicy {
public:
NssPolicy() : oid_(SEC_OID_UNKNOWN), set_(0), clear_(0) {}
NssPolicy(SECOidTag _oid, PRUint32 _set, PRUint32 _clear)
: oid_(_oid), set_(_set), clear_(_clear) {}
NssPolicy(const NssPolicy &p)
: oid_(p.oid_), set_(p.set_), clear_(p.clear_) {}
// clone the current policy for this oid
NssPolicy(SECOidTag _oid) : oid_(_oid), set_(0), clear_(0) {
NSS_GetAlgorithmPolicy(_oid, &set_);
clear_ = ~set_;
}
SECOidTag oid(void) const { return oid_; }
PRUint32 set(void) const { return set_; }
PRUint32 clear(void) const { return clear_; }
operator bool() const { return oid_ != SEC_OID_UNKNOWN; }
private:
SECOidTag oid_;
PRUint32 set_;
PRUint32 clear_;
};
// set the policy indicated in NssPolicy and restor the old policy
// when we go out of scope
class NssManagePolicy {
public:
NssManagePolicy(const NssPolicy &p) : policy_(p), current_(~(PRUint32)0) {
if (p) {
(void)NSS_GetAlgorithmPolicy(p.oid(), &current_);
(void)NSS_SetAlgorithmPolicy(p.oid(), p.set(), p.clear());
}
}
~NssManagePolicy() {
if (policy_) {
(void)NSS_SetAlgorithmPolicy(policy_.oid(), current_, ~current_);
}
}
private:
NssPolicy policy_;
PRUint32 current_;
};
// wrapping PRFileDesc this way ensures that tests that attempt to access
// PRFileDesc always correctly apply
// the policy that was bound to that socket with TlsAgent::SetPolicy().
class NssManagedFileDesc {
public:
NssManagedFileDesc(PRFileDesc *fd, const NssPolicy &policy)
: fd_(fd), managed_policy_(policy) {}
PRFileDesc *get(void) const { return fd_; }
operator PRFileDesc *() const { return fd_; }
bool operator==(PRFileDesc *fd) const { return fd_ == fd; }
private:
PRFileDesc *fd_;
NssManagePolicy managed_policy_;
};
} // namespace nss_test
#endif

159
security/nss/gtests/ssl_gtest/ssl_auth_unittest.cc
Просмотреть файл

@ -1798,6 +1798,165 @@ TEST_P(TlsSignatureSchemeConfiguration, SignatureSchemeConfigBoth) {
CheckKeys(ssl_kea_ecdh, ssl_grp_ec_curve25519, auth_type_, signature_scheme_);
}
class Tls12CertificateRequestReplacer : public TlsHandshakeFilter {
public:
Tls12CertificateRequestReplacer(const std::shared_ptr<TlsAgent>& a,
SSLSignatureScheme scheme)
: TlsHandshakeFilter(a, {kTlsHandshakeCertificateRequest}),
scheme_(scheme) {}
virtual PacketFilter::Action FilterHandshake(const HandshakeHeader& header,
const DataBuffer& input,
DataBuffer* output) {
uint32_t offset = 0;
if (header.handshake_type() != ssl_hs_certificate_request) {
return KEEP;
}
*output = input;
uint32_t types_len = 0;
if (!output->Read(offset, 1, &types_len)) {
ADD_FAILURE();
return KEEP;
}
offset += 1 + types_len;
uint32_t scheme_len = 0;
if (!output->Read(offset, 2, &scheme_len)) {
ADD_FAILURE();
return KEEP;
}
DataBuffer schemes;
schemes.Write(0, 2, 2);
schemes.Write(2, scheme_, 2);
output->Write(offset, 2, schemes.len());
output->Splice(schemes, offset + 2, scheme_len);
return CHANGE;
}
private:
SSLSignatureScheme scheme_;
};
//
// Test how policy interacts with client auth connections
//
// TLS/DTLS version algorithm policy
typedef std::tuple<SSLProtocolVariant, uint16_t, SECOidTag, PRUint32>
PolicySignatureSchemeProfile;
// Only TLS 1.2 handles client auth schemes inside
// the certificate request packet, so our failure tests for
// those kinds of connections only occur here.
class TlsConnectAuthWithPolicyTls12
: public TlsConnectTestBase,
public ::testing::WithParamInterface<PolicySignatureSchemeProfile> {
public:
TlsConnectAuthWithPolicyTls12()
: TlsConnectTestBase(std::get<0>(GetParam()), std::get<1>(GetParam())) {
alg_ = std::get<2>(GetParam());
policy_ = std::get<3>(GetParam());
// use the algorithm to select which single scheme to deploy
// We use these schemes to force servers sending schemes the client
// didn't advertise to make sure the client will still filter these
// by policy and detect that no valid schemes were presented, rather
// than sending an empty client auth message.
switch (alg_) {
case SEC_OID_SHA256:
case SEC_OID_PKCS1_RSA_PSS_SIGNATURE:
scheme_ = ssl_sig_rsa_pss_pss_sha256;
break;
case SEC_OID_PKCS1_RSA_ENCRYPTION:
scheme_ = ssl_sig_rsa_pkcs1_sha256;
break;
case SEC_OID_ANSIX962_EC_PUBLIC_KEY:
scheme_ = ssl_sig_ecdsa_secp256r1_sha256;
break;
default:
ADD_FAILURE() << "need to update algorithm table in "
"TlsConnectAuthWithPolicyTls12";
scheme_ = ssl_sig_none;
break;
}
}
protected:
SECOidTag alg_;
PRUint32 policy_;
SSLSignatureScheme scheme_;
};
// Only TLS 1.2 and greater looks at schemes extensions on client auth
class TlsConnectAuthWithPolicyTls12Plus
: public TlsConnectTestBase,
public ::testing::WithParamInterface<PolicySignatureSchemeProfile> {
public:
TlsConnectAuthWithPolicyTls12Plus()
: TlsConnectTestBase(std::get<0>(GetParam()), std::get<1>(GetParam())) {
alg_ = std::get<2>(GetParam());
policy_ = std::get<3>(GetParam());
}
protected:
SECOidTag alg_;
PRUint32 policy_;
};
// make sure we can turn single algorithms off by policy an still connect
// this is basically testing that we are properly filtering our schemes
// by policy before communicating them to the server, and that the
// server is respecting our choices
TEST_P(TlsConnectAuthWithPolicyTls12Plus, PolicySuccessTest) {
// in TLS 1.3, RSA PKCS1 is restricted. If we are also
// restricting RSA PSS by policy, we can't use the default
// RSA certificate as the server cert, switch to ECDSA
if ((version_ >= SSL_LIBRARY_VERSION_TLS_1_3) &&
(alg_ == SEC_OID_PKCS1_RSA_PSS_SIGNATURE)) {
Reset(TlsAgent::kServerEcdsa256);
}
client_->SetPolicy(alg_, 0, policy_); // Disable policy for client
client_->SetupClientAuth();
server_->RequestClientAuth(false);
Connect();
}
// make sure we fail if the server ignores our policy preference and
// requests client auth with a scheme we don't support
TEST_P(TlsConnectAuthWithPolicyTls12, PolicyFailureTest) {
client_->SetPolicy(alg_, 0, policy_);
client_->SetupClientAuth();
server_->RequestClientAuth(false);
MakeTlsFilter<Tls12CertificateRequestReplacer>(server_, scheme_);
ConnectExpectAlert(client_, kTlsAlertHandshakeFailure);
client_->CheckErrorCode(SSL_ERROR_UNSUPPORTED_SIGNATURE_ALGORITHM);
server_->CheckErrorCode(SSL_ERROR_HANDSHAKE_FAILURE_ALERT);
}
INSTANTIATE_TEST_SUITE_P(
SignaturesWithPolicyFail, TlsConnectAuthWithPolicyTls12,
::testing::Combine(TlsConnectTestBase::kTlsVariantsAll,
TlsConnectTestBase::kTlsV12,
::testing::Values(SEC_OID_SHA256,
SEC_OID_PKCS1_RSA_PSS_SIGNATURE,
SEC_OID_PKCS1_RSA_ENCRYPTION,
SEC_OID_ANSIX962_EC_PUBLIC_KEY),
::testing::Values(NSS_USE_ALG_IN_SSL_KX,
NSS_USE_ALG_IN_ANY_SIGNATURE)));
INSTANTIATE_TEST_SUITE_P(
SignaturesWithPolicySuccess, TlsConnectAuthWithPolicyTls12Plus,
::testing::Combine(TlsConnectTestBase::kTlsVariantsAll,
TlsConnectTestBase::kTlsV12Plus,
::testing::Values(SEC_OID_SHA256,
SEC_OID_PKCS1_RSA_PSS_SIGNATURE,
SEC_OID_PKCS1_RSA_ENCRYPTION,
SEC_OID_ANSIX962_EC_PUBLIC_KEY),
::testing::Values(NSS_USE_ALG_IN_SSL_KX,
NSS_USE_ALG_IN_ANY_SIGNATURE)));
INSTANTIATE_TEST_SUITE_P(
SignatureSchemeRsa, TlsSignatureSchemeConfiguration,
::testing::Combine(

14
security/nss/gtests/ssl_gtest/ssl_extension_unittest.cc
Просмотреть файл

@ -430,7 +430,10 @@ TEST_P(TlsExtensionTest12Plus, SignatureAlgorithmsBadLength) {
}
TEST_P(TlsExtensionTest12Plus, SignatureAlgorithmsTrailingData) {
const uint8_t val[] = {0x00, 0x02, 0x04, 0x01, 0x00}; // sha-256, rsa
// make sure the test uses an algorithm that is legal for
// tls 1.3 (or tls 1.3 will throw a handshake failure alert
// instead of a decode error alert)
const uint8_t val[] = {0x00, 0x02, 0x08, 0x09, 0x00}; // sha-256, rsa-pss-pss
DataBuffer extension(val, sizeof(val));
ClientHelloErrorTest(std::make_shared<TlsExtensionReplacer>(
client_, ssl_signature_algorithms_xtn, extension));
@ -1131,6 +1134,15 @@ TEST_P(TlsExtensionTest13, OddVersionList) {
ConnectWithBogusVersionList(kExt, sizeof(kExt));
}
TEST_P(TlsExtensionTest13, SignatureAlgorithmsInvalidTls13) {
// testing the case where we ask for a invalid parameter for tls13
const uint8_t val[] = {0x00, 0x02, 0x04, 0x01}; // sha-256, rsa-pkcs1
DataBuffer extension(val, sizeof(val));
ClientHelloErrorTest(std::make_shared<TlsExtensionReplacer>(
client_, ssl_signature_algorithms_xtn, extension),
kTlsAlertHandshakeFailure);
}
// Use the stream version number for TLS 1.3 (0x0304) in DTLS.
TEST_F(TlsConnectDatagram13, TlsVersionInDtls) {
static const uint8_t kExt[] = {0x02, 0x03, 0x04};

10
security/nss/gtests/ssl_gtest/tls_agent.cc
Просмотреть файл

@ -93,7 +93,8 @@ TlsAgent::TlsAgent(const std::string& nm, Role rl, SSLProtocolVariant var)
auth_certificate_callback_(),
sni_callback_(),
skip_version_checks_(false),
resumption_token_() {
resumption_token_(),
policy_() {
memset(&info_, 0, sizeof(info_));
memset(&csinfo_, 0, sizeof(csinfo_));
SECStatus rv = SSL_VersionRangeGetDefault(variant_, &vrange_);
@ -227,6 +228,7 @@ bool TlsAgent::ConfigServerCert(const std::string& id, bool updateKeyBits,
bool TlsAgent::EnsureTlsSetup(PRFileDesc* modelSocket) {
// Don't set up twice
if (ssl_fd_) return true;
NssManagePolicy policyManage(policy_);
ScopedPRFileDesc dummy_fd(adapter_->CreateFD());
EXPECT_NE(nullptr, dummy_fd);
@ -319,7 +321,7 @@ bool TlsAgent::MaybeSetResumptionToken() {
}
void TlsAgent::SetAntiReplayContext(ScopedSSLAntiReplayContext& ctx) {
EXPECT_EQ(SECSuccess, SSL_SetAntiReplayContext(ssl_fd_.get(), ctx.get()));
EXPECT_EQ(SECSuccess, SSL_SetAntiReplayContext(ssl_fd(), ctx.get()));
}
void TlsAgent::SetupClientAuth() {
@ -869,8 +871,8 @@ void TlsAgent::ResetPreliminaryInfo() {
}
void TlsAgent::UpdatePreliminaryChannelInfo() {
SECStatus rv = SSL_GetPreliminaryChannelInfo(ssl_fd_.get(), &pre_info_,
sizeof(pre_info_));
SECStatus rv =
SSL_GetPreliminaryChannelInfo(ssl_fd(), &pre_info_, sizeof(pre_info_));
EXPECT_EQ(SECSuccess, rv);
EXPECT_EQ(sizeof(pre_info_), pre_info_.length);
}

10
security/nss/gtests/ssl_gtest/tls_agent.h
Просмотреть файл

@ -14,6 +14,7 @@
#include <functional>
#include <iostream>
#include "nss_policy.h"
#include "test_io.h"
#define GTEST_HAS_RTTI 0
@ -231,7 +232,9 @@ class TlsAgent : public PollTarget {
static const char* state_str(State state) { return states[state]; }
PRFileDesc* ssl_fd() const { return ssl_fd_.get(); }
NssManagedFileDesc ssl_fd() const {
return NssManagedFileDesc(ssl_fd_.get(), policy_);
}
std::shared_ptr<DummyPrSocket>& adapter() { return adapter_; }
const SSLChannelInfo& info() const {
@ -307,6 +310,10 @@ class TlsAgent : public PollTarget {
void ExpectSendAlert(uint8_t alert, uint8_t level = 0);
std::string alpn_value_to_use_ = "";
// set the given policy before this agent runs
void SetPolicy(SECOidTag oid, PRUint32 set, PRUint32 clear) {
policy_ = NssPolicy(oid, set, clear);
}
private:
const static char* states[];
@ -453,6 +460,7 @@ class TlsAgent : public PollTarget {
SniCallbackFunction sni_callback_;
bool skip_version_checks_;
std::vector<uint8_t> resumption_token_;
NssPolicy policy_;
};
inline std::ostream& operator<<(std::ostream& stream,

8
security/nss/gtests/ssl_gtest/tls_connect.cc
Просмотреть файл

@ -379,10 +379,10 @@ void TlsConnectTestBase::ExpectResumption(SessionResumptionMode expected,
}
void TlsConnectTestBase::EnsureTlsSetup() {
EXPECT_TRUE(server_->EnsureTlsSetup(server_model_ ? server_model_->ssl_fd()
: nullptr));
EXPECT_TRUE(client_->EnsureTlsSetup(client_model_ ? client_model_->ssl_fd()
: nullptr));
EXPECT_TRUE(server_->EnsureTlsSetup(
server_model_ ? server_model_->ssl_fd().get() : nullptr));
EXPECT_TRUE(client_->EnsureTlsSetup(
client_model_ ? client_model_->ssl_fd().get() : nullptr));
server_->SetAntiReplayContext(anti_replay_);
EXPECT_EQ(SECSuccess, SSL_SetTimeFunc(client_->ssl_fd(),
TlsConnectTestBase::TimeFunc, &now_));

154
security/nss/lib/ssl/ssl3con.c
Просмотреть файл

@ -73,6 +73,8 @@ PRBool ssl_IsDsaSignatureScheme(SSLSignatureScheme scheme);
static SECStatus ssl3_UpdateDefaultHandshakeHashes(sslSocket *ss,
const unsigned char *b,
unsigned int l);
const PRUint32 kSSLSigSchemePolicy =
NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_ANY_SIGNATURE;
const PRUint8 ssl_hello_retry_random[] = {
0xCF, 0x21, 0xAD, 0x74, 0xE5, 0x9A, 0x61, 0x11,
@ -784,6 +786,41 @@ ssl_HasCert(const sslSocket *ss, PRUint16 maxVersion, SSLAuthType authType)
return PR_FALSE;
}
/* return true if the scheme is allowed by policy, This prevents
* failures later when our actual signatures are rejected by
* policy by either ssl code, or lower level NSS code */
static PRBool
ssl_SchemePolicyOK(SSLSignatureScheme scheme, PRUint32 require)
{
/* Hash policy. */
PRUint32 policy;
SECOidTag hashOID = ssl3_HashTypeToOID(ssl_SignatureSchemeToHashType(scheme));
SECOidTag sigOID;
/* policy bits needed to enable a SignatureScheme */
SECStatus rv = NSS_GetAlgorithmPolicy(hashOID, &policy);
if (rv == SECSuccess &&
(policy & require) != require) {
return PR_FALSE;
}
/* ssl_SignatureSchemeToAuthType reports rsa for rsa_pss_rsae, but we
* actually implement pss signatures when we sign, so just use RSA_PSS
* for all RSA PSS Siganture schemes */
if (ssl_IsRsaPssSignatureScheme(scheme)) {
sigOID = SEC_OID_PKCS1_RSA_PSS_SIGNATURE;
} else {
sigOID = ssl3_AuthTypeToOID(ssl_SignatureSchemeToAuthType(scheme));
}
/* Signature Policy. */
rv = NSS_GetAlgorithmPolicy(sigOID, &policy);
if (rv == SECSuccess &&
(policy & require) != require) {
return PR_FALSE;
}
return PR_TRUE;
}
/* Check that a signature scheme is accepted.
* Both by policy and by having a token that supports it. */
static PRBool
@ -809,23 +846,9 @@ ssl_SignatureSchemeAccepted(PRUint16 minVersion,
if (minVersion >= SSL_LIBRARY_VERSION_TLS_1_3) {
return PR_FALSE;
}
PRUint32 dsaPolicy;
SECStatus rv = NSS_GetAlgorithmPolicy(SEC_OID_ANSIX9_DSA_SIGNATURE,
&dsaPolicy);
if (rv == SECSuccess && (dsaPolicy & NSS_USE_ALG_IN_SSL_KX) == 0) {
return PR_FALSE;
}
}
/* Hash policy. */
PRUint32 hashPolicy;
SSLHashType hashType = ssl_SignatureSchemeToHashType(scheme);
SECOidTag hashOID = ssl3_HashTypeToOID(hashType);
SECStatus rv = NSS_GetAlgorithmPolicy(hashOID, &hashPolicy);
if (rv == SECSuccess && (hashPolicy & NSS_USE_ALG_IN_SSL_KX) == 0) {
return PR_FALSE;
}
return PR_TRUE;
return ssl_SchemePolicyOK(scheme, kSSLSigSchemePolicy);
}
static SECStatus
@ -4237,6 +4260,26 @@ ssl3_HashTypeToOID(SSLHashType hashType)
return SEC_OID_UNKNOWN;
}
SECOidTag
ssl3_AuthTypeToOID(SSLAuthType authType)
{
switch (authType) {
case ssl_auth_rsa_sign:
return SEC_OID_PKCS1_RSA_ENCRYPTION;
case ssl_auth_rsa_pss:
return SEC_OID_PKCS1_RSA_PSS_SIGNATURE;
case ssl_auth_ecdsa:
return SEC_OID_ANSIX962_EC_PUBLIC_KEY;
case ssl_auth_dsa:
return SEC_OID_ANSIX9_DSA_SIGNATURE;
default:
break;
}
/* shouldn't ever get there */
PORT_Assert(0);
return SEC_OID_UNKNOWN;
}
SSLHashType
ssl_SignatureSchemeToHashType(SSLSignatureScheme scheme)
{
@ -4277,37 +4320,15 @@ ssl_SignatureSchemeToHashType(SSLSignatureScheme scheme)
static PRBool
ssl_SignatureSchemeMatchesSpkiOid(SSLSignatureScheme scheme, SECOidTag spkiOid)
{
switch (scheme) {
case ssl_sig_rsa_pkcs1_sha256:
case ssl_sig_rsa_pkcs1_sha384:
case ssl_sig_rsa_pkcs1_sha512:
case ssl_sig_rsa_pkcs1_sha1:
case ssl_sig_rsa_pss_rsae_sha256:
case ssl_sig_rsa_pss_rsae_sha384:
case ssl_sig_rsa_pss_rsae_sha512:
case ssl_sig_rsa_pkcs1_sha1md5:
return (spkiOid == SEC_OID_X500_RSA_ENCRYPTION) ||
(spkiOid == SEC_OID_PKCS1_RSA_ENCRYPTION);
case ssl_sig_rsa_pss_pss_sha256:
case ssl_sig_rsa_pss_pss_sha384:
case ssl_sig_rsa_pss_pss_sha512:
return spkiOid == SEC_OID_PKCS1_RSA_PSS_SIGNATURE;
case ssl_sig_ecdsa_secp256r1_sha256:
case ssl_sig_ecdsa_secp384r1_sha384:
case ssl_sig_ecdsa_secp521r1_sha512:
case ssl_sig_ecdsa_sha1:
return spkiOid == SEC_OID_ANSIX962_EC_PUBLIC_KEY;
case ssl_sig_dsa_sha256:
case ssl_sig_dsa_sha384:
case ssl_sig_dsa_sha512:
case ssl_sig_dsa_sha1:
return spkiOid == SEC_OID_ANSIX9_DSA_SIGNATURE;
case ssl_sig_none:
case ssl_sig_ed25519:
case ssl_sig_ed448:
break;
SECOidTag authOid = ssl3_AuthTypeToOID(ssl_SignatureSchemeToAuthType(scheme));
if (spkiOid == authOid) {
return PR_TRUE;
}
if ((authOid == SEC_OID_PKCS1_RSA_ENCRYPTION) &&
(spkiOid == SEC_OID_X500_RSA_ENCRYPTION)) {
return PR_TRUE;
}
PORT_Assert(0);
return PR_FALSE;
}
@ -4319,7 +4340,11 @@ ssl_SignatureSchemeValid(SSLSignatureScheme scheme, SECOidTag spkiOid,
if (!ssl_IsSupportedSignatureScheme(scheme)) {
return PR_FALSE;
}
if (!ssl_SignatureSchemeMatchesSpkiOid(scheme, spkiOid)) {
/* if we are purposefully passed SEC_OID_UNKNOWN, it means
* we not checking the scheme against a potential key, so skip
* the call */
if ((spkiOid != SEC_OID_UNKNOWN) &&
!ssl_SignatureSchemeMatchesSpkiOid(scheme, spkiOid)) {
return PR_FALSE;
}
if (isTls13) {
@ -4517,7 +4542,8 @@ ssl_CheckSignatureSchemeConsistency(sslSocket *ss, SSLSignatureScheme scheme,
}
/* Verify that the signature scheme matches the signing key. */
if (!ssl_SignatureSchemeValid(scheme, spkiOid, isTLS13)) {
if ((spkiOid == SEC_OID_UNKNOWN) ||
!ssl_SignatureSchemeValid(scheme, spkiOid, isTLS13)) {
PORT_SetError(SSL_ERROR_INCORRECT_SIGNATURE_ALGORITHM);
return SECFailure;
}
@ -4552,7 +4578,8 @@ ssl_IsSupportedSignatureScheme(SSLSignatureScheme scheme)
case ssl_sig_dsa_sha384:
case ssl_sig_dsa_sha512:
case ssl_sig_ecdsa_sha1:
return PR_TRUE;
return ssl_SchemePolicyOK(scheme, kSSLSigSchemePolicy);
break;
case ssl_sig_rsa_pkcs1_sha1md5:
case ssl_sig_none:
@ -4677,9 +4704,10 @@ ssl_ConsumeSignatureScheme(sslSocket *ss, PRUint8 **b,
rv = ssl3_ConsumeHandshakeNumber(ss, &tmp, 2, b, length);
if (rv != SECSuccess) {
return SECFailure; /* Error code set already. */
return SECFailure; /* Alert sent, Error code set already. */
}
if (!ssl_IsSupportedSignatureScheme((SSLSignatureScheme)tmp)) {
SSL3_SendAlert(ss, alert_fatal, illegal_parameter);
PORT_SetError(SSL_ERROR_UNSUPPORTED_SIGNATURE_ALGORITHM);
return SECFailure;
}
@ -6436,8 +6464,6 @@ ssl_CanUseSignatureScheme(SSLSignatureScheme scheme,
PRBool slotDoesPss)
{
SSLHashType hashType;
SECOidTag hashOID;
PRUint32 policy;
unsigned int i;
/* Skip RSA-PSS schemes when the certificate's private key slot does
@ -6446,20 +6472,12 @@ ssl_CanUseSignatureScheme(SSLSignatureScheme scheme,
return PR_FALSE;
}
if (ssl_IsDsaSignatureScheme(scheme) &&
(NSS_GetAlgorithmPolicy(SEC_OID_ANSIX9_DSA_SIGNATURE, &policy) ==
SECSuccess) &&
!(policy & NSS_USE_ALG_IN_SSL_KX)) {
return PR_FALSE;
}
hashType = ssl_SignatureSchemeToHashType(scheme);
if (requireSha1 && (hashType != ssl_hash_sha1)) {
return PR_FALSE;
}
hashOID = ssl3_HashTypeToOID(hashType);
if ((NSS_GetAlgorithmPolicy(hashOID, &policy) == SECSuccess) &&
!(policy & NSS_USE_ALG_IN_SSL_KX)) {
if (!ssl_SchemePolicyOK(scheme, kSSLSigSchemePolicy)) {
return PR_FALSE;
}
@ -6533,6 +6551,9 @@ ssl_PickSignatureScheme(sslSocket *ss,
}
spkiOid = SECOID_GetAlgorithmTag(&cert->subjectPublicKeyInfo.algorithm);
if (spkiOid == SEC_OID_UNKNOWN) {
return SECFailure;
}
/* Now we have to search based on the key type. Go through our preferred
* schemes in order and find the first that can be used. */
@ -7430,7 +7451,7 @@ ssl_HandleDHServerKeyExchange(sslSocket *ss, PRUint8 *b, PRUint32 length)
if (ss->version >= SSL_LIBRARY_VERSION_TLS_1_2) {
rv = ssl_ConsumeSignatureScheme(ss, &b, &length, &sigScheme);
if (rv != SECSuccess) {
goto alert_loser; /* malformed or unsupported. */
goto loser; /* alert already sent */
}
rv = ssl_CheckSignatureSchemeConsistency(
ss, sigScheme, &ss->sec.peerCert->subjectPublicKeyInfo);
@ -7700,7 +7721,9 @@ ssl_ParseSignatureSchemes(const sslSocket *ss, PLArenaPool *arena,
PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
return SECFailure;
}
if (ssl_IsSupportedSignatureScheme((SSLSignatureScheme)tmp)) {
if (ssl_SignatureSchemeValid((SSLSignatureScheme)tmp, SEC_OID_UNKNOWN,
(PRBool)ss->version >= SSL_LIBRARY_VERSION_TLS_1_3)) {
;
schemes[numSupported++] = (SSLSignatureScheme)tmp;
}
}
@ -10286,7 +10309,10 @@ ssl3_HandleCertificateVerify(sslSocket *ss, PRUint8 *b, PRUint32 length)
PORT_Assert(ss->ssl3.hs.hashType == handshake_hash_record);
rv = ssl_ConsumeSignatureScheme(ss, &b, &length, &sigScheme);
if (rv != SECSuccess) {
goto loser; /* malformed or unsupported. */
if (PORT_GetError() == SSL_ERROR_UNSUPPORTED_SIGNATURE_ALGORITHM) {
errCode = SSL_ERROR_UNSUPPORTED_SIGNATURE_ALGORITHM;
}
goto loser; /* alert already sent */
}
rv = ssl_CheckSignatureSchemeConsistency(
ss, sigScheme, &ss->sec.peerCert->subjectPublicKeyInfo);

1
security/nss/lib/ssl/sslimpl.h
Просмотреть файл

@ -1783,6 +1783,7 @@ SECStatus ssl_PickSignatureScheme(sslSocket *ss,
unsigned int peerSchemeCount,
PRBool requireSha1);
SECOidTag ssl3_HashTypeToOID(SSLHashType hashType);
SECOidTag ssl3_AuthTypeToOID(SSLAuthType hashType);
SSLHashType ssl_SignatureSchemeToHashType(SSLSignatureScheme scheme);
SSLAuthType ssl_SignatureSchemeToAuthType(SSLSignatureScheme scheme);