gecko-dev/security/nss/lib/ckfw
Kevin Jacobs e4e3559e1b Bug 1629594 - land NSS aae226c20dfd UPGRADE_NSS_RELEASE, r=jcj
2020-04-24  Kevin Jacobs  <kjacobs@mozilla.com>

	* automation/abi-check/expected-report-libnss3.so.txt,
	gtests/softoken_gtest/softoken_gtest.cc, lib/nss/nss.def,
	lib/pk11wrap/pk11obj.c, lib/pk11wrap/pk11pub.h, lib/softoken/sdb.c:
	Bug 1612881 - Maintain PKCS11 C_GetAttributeValue semantics on
	attributes that lack NSS database columns r=keeler,rrelyea

	`sdb_GetAttributeValueNoLock` builds a query string from a list of
	attributes in the input template. Unfortunately,
	`sqlite3_prepare_v2` will fail the entire query if one of the
	attributes is missing from the underlying table. The PKCS #11 spec
	[[ https://www.cryptsoft.com/pkcs11doc/v220/pkcs11__all_8h.html#aC_G
	etAttributeValue | requires ]] setting the output `ulValueLen` field
	to -1 for such invalid attributes.

	This patch reads and stores the columns of nssPublic/nssPrivate when
	opened, then filters an input template in
	`sdb_GetAttributeValueNoLock` for unbacked/invalid attributes,
	removing them from the query and setting their template output
	lengths to -1.

	[aae226c20dfd] [tip]

2020-04-23  Kevin Jacobs  <kjacobs@mozilla.com>

	* lib/ssl/sslnonce.c:
	Bug 1531906 - Relax ssl3_SetSIDSessionTicket assertions to permit
	valid, evicted or externally-cached sids. r=mt

	This patch relaxes an overzealous assertion for the case where: 1)
	Two sockets start connections with a shared SID. 2) One receives an
	empty session ticket in the SH, and evicts the SID from cache. 3)
	The second socket receives a new session ticket, and attempts to set
	it in the SID.

	We currently assert that the sid is `in_client_cache` at 3), but
	clearly it cannot be. The outstanding reference remains valid
	despite the eviction.

	This also solves a related assertion failure after
	https://hg.mozilla.org/mozilla-central/rev/c5a8b641d905 where the
	same scenario occurs, but instead of being `in_client_cache` or
	evicted, the SID is `in_external_cache`.

	[a68de0859582]

2020-04-16  Robert Relyea  <rrelyea@redhat.com>

	* gtests/common/testvectors/kwp-vectors.h,
	gtests/pk11_gtest/manifest.mn,
	gtests/pk11_gtest/pk11_aeskeywrapkwp_unittest.cc,
	gtests/pk11_gtest/pk11_gtest.gyp, lib/freebl/aeskeywrap.c,
	lib/freebl/blapi.h, lib/freebl/blapit.h, lib/freebl/hmacct.c,
	lib/freebl/ldvector.c, lib/freebl/loader.c, lib/freebl/loader.h,
	lib/pk11wrap/pk11mech.c, lib/softoken/lowpbe.c,
	lib/softoken/pkcs11.c, lib/softoken/pkcs11c.c,
	lib/softoken/pkcs11i.h, lib/softoken/pkcs11u.c, lib/ssl/ssl3con.c,
	lib/util/secport.h:
	Bug 1630721 Softoken Functions for FIPS missing r=mt

	For FIPS we need the following:

	 1. NIST official Key padding for AES Key Wrap. 2. Combined
	Hash/Sign mechanisms for DSA and ECDSA.

	In the first case our AES_KEY_WRAP_PAD function addes pkcs8 padding
	to the normal AES_KEY_WRAP, which is a different algorithm then the
	padded key wrap specified by NIST. PKCS #11 recognized this and
	created a special mechanism to handle NIST padding. That is why we
	don't have industry test vectors for CKM_NSS_AES_KEY_WRAP_PAD. This
	patch implements that NIST version (while maintaining our own). Also
	PKCS #11 v3.0 specified PKCS #11 mechanism for AES_KEY_WRAP which
	are compatible (semantically) with the NSS vendor specific versions,
	but with non-vendor specific numbers. Softoken now accepts both
	numbers.

	This patch also updates softoken to handle DSA and ECDSA combined
	hash algorithms other than just SHA1 (which is no longer validated).

	Finally this patch uses the NIST KWP test vectors in new gtests for
	the AES_KEY_WRAP_KWP wrapping algorithm.

	As part of the AES_KEY_WRAP_KWP code, the Constant time macros have
	been generalized and moved to secport. Old macros scattered
	throughout the code have been deleted and existing contant time code
	has been updated to use the new macros.

	[3682d5ef3db5]

2020-04-21  Lauri Kasanen  <cand@gmx.com>

	* lib/freebl/Makefile, lib/freebl/freebl.gyp,
	lib/freebl/freebl_base.gypi, lib/freebl/gcm.h, lib/freebl/ppc-
	crypto.h, lib/freebl/scripts/LICENSE, lib/freebl/scripts/gen.sh,
	lib/freebl/scripts/ppc-xlate.pl, lib/freebl/scripts/sha512p8-ppc.pl,
	lib/freebl/sha512-p8.s, lib/freebl/sha512.c:
	Bug 1613238 - POWER SHA-2 digest vector acceleration. r=jcj,kjacobs

	[2d66bd9dcad4]

2020-04-18  Robert Relyea  <rrelyea@redhat.com>

	* coreconf/Linux.mk, coreconf/config.gypi, lib/softoken/sdb.c:
	Bug 1603801 [patch] Avoid dcache pollution from sdb_measureAccess()
	r=mt

	As implemented, when sdb_measureAccess() runs it creates up to
	10,000 negative dcache entries (cached nonexistent filenames).

	There is no advantage to leaving these particular filenames in the
	cache; they will never be searched again. Subsequent runs will run a
	new test with an intentionally different set of filenames. This can
	have detrimental effects on some systems; a massive negative dcache
	can lead to memory or performance problems.

	Since not all platforms have a problem with negative dcache entries,
	this patch is limitted to those platforms that request it at
	compilie time (Linux is current the only patch that does.)

	[928721f70164]

2020-04-16  Kevin Jacobs  <kjacobs@mozilla.com>

	* coreconf/config.gypi:
	Bug 1630458 - Produce debug symbols in GYP/MSVC debug builds. r=mt

	[25006e23a777]

2020-04-13  Robert Relyea  <rrelyea@redhat.com>

	* lib/ckfw/object.c, lib/ckfw/session.c:
	Bug 1629655 ckfw needs to support temporary session objects.
	r=kjacobs

	libckfw needs to create temporary objects whose space will to be
	freed after use (rather than at token shutdown). Currently only
	token objects are supported and they are allocated out of a global
	arena owned by the slot, so the objects only go away when the slot
	is closed.

	This patch sets the arena to NULL in nssCKFWObject_Create() if the
	object is a session object. This tells nssCKFWObject_Create() to
	create a new arena specifically for this object. That arena is
	stored in localArena. When the object is destroyed, any localArena's
	will be freed.

	[808ec0e6fd77]

2020-04-14  Robert Relyea  <rrelyea@redhat.com>

	* cmd/selfserv/selfserv.c, lib/ssl/sslsnce.c, tests/ssl/ssl.sh:
	Bug 1629661 MPConfig calls in SSL initializes policy before NSS is
	initialized. r=mt

	NSS has several config functions that multiprocess servers must call
	before NSS is initialized to set up shared memory caches between the
	processes. These functions call ssl_init(), which initializes the
	ssl policy. The ssl policy initialization, however needs to happen
	after NSS itself is initialized. Doing so before hand causes (in the
	best case) policy to be ignored by these servers, and crashes (in
	the worst case).

	Instead, these cache functions should just initialize those things
	it needs (that is the NSPR ssl error codes).

	This patch does: 1) fixes the cache init code to only initialize
	error codes. 2) fixes the selfserv MP code to 1) be compatible with
	ssl.sh's selfserv management (at least on Unix), and 2) mimic the
	way real servers handle the MP_Cache init code (calling NSS_Init
	after the cache set up). 3) update ssl.sh server policy test to test
	policy usage on an MP server. This is only done for non-windows like
	OS's because they can't catch the kill signal to force their
	children to shutdown.

	I've verified that the test fails if 2 and 3 are included but 1 is
	not (and succeeds if all three are included).

	[a252957a3805]

Differential Revision: https://phabricator.services.mozilla.com/D72409
2020-04-27 16:56:13 +00:00
..
builtins Bug 1629594 - land NSS 50dcc34d470d UPGRADE_NSS_RELEASE, r=jcj 2020-04-14 17:53:38 +00:00
capi
dbm Bug 1629594 - land NSS 50dcc34d470d UPGRADE_NSS_RELEASE, r=jcj 2020-04-14 17:53:38 +00:00
Makefile
ck.api
ck.h
ckapi.perl
ckfw.gyp
ckfw.h
ckfwm.h
ckfwtm.h
ckmd.h
ckt.h
config.mk
crypto.c
exports.gyp
find.c
hash.c
instance.c
manifest.mn
mechanism.c
mutex.c
nssck.api
nssckepv.h
nssckft.h
nssckfw.h
nssckfwc.h
nssckfwt.h
nssckg.h
nssckmdt.h
nssckt.h
object.c Bug 1629594 - land NSS aae226c20dfd UPGRADE_NSS_RELEASE, r=jcj 2020-04-27 16:56:13 +00:00
session.c Bug 1629594 - land NSS aae226c20dfd UPGRADE_NSS_RELEASE, r=jcj 2020-04-27 16:56:13 +00:00
sessobj.c
slot.c
token.c
wrap.c