diff options
author | Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com> | 2021-11-12 11:02:36 +0530 |
---|---|---|
committer | Armin Kuster <akuster808@gmail.com> | 2021-11-17 12:26:32 -0800 |
commit | bcf93614a0f89585360e534b4751220afe052013 (patch) | |
tree | 38c9f996fc6cac1b72c8a29406bb59a849b7b944 | |
parent | 59bff77ad0b3a66417194670de25f60183a4f6bb (diff) | |
download | meta-openembedded-bcf93614a0f89585360e534b4751220afe052013.tar.gz |
nss: Fix CVE-2020-12403
Add patch for CVE-2020-12403
Link:
https://github.com/nss-dev/nss/commit/9ff9d3925d31ab265a965ab1d16d76c496ddb5c8
https://github.com/nss-dev/nss/commit/06b2b1c50bd4eaa7f65d858e5e3f44f678cb3c45
Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com>
Signed-off-by: Ranjitsinh Rathod <ranjitsinhrathod1991@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
-rw-r--r-- | meta-oe/recipes-support/nss/nss/CVE-2020-12403_1.patch | 65 | ||||
-rw-r--r-- | meta-oe/recipes-support/nss/nss/CVE-2020-12403_2.patch | 80 | ||||
-rw-r--r-- | meta-oe/recipes-support/nss/nss_3.51.1.bb | 2 |
3 files changed, 147 insertions, 0 deletions
diff --git a/meta-oe/recipes-support/nss/nss/CVE-2020-12403_1.patch b/meta-oe/recipes-support/nss/nss/CVE-2020-12403_1.patch new file mode 100644 index 000000000..a229a2d20 --- /dev/null +++ b/meta-oe/recipes-support/nss/nss/CVE-2020-12403_1.patch | |||
@@ -0,0 +1,65 @@ | |||
1 | From 9ff9d3925d31ab265a965ab1d16d76c496ddb5c8 Mon Sep 17 00:00:00 2001 | ||
2 | From: Benjamin Beurdouche <bbeurdouche@mozilla.com> | ||
3 | Date: Sat, 18 Jul 2020 00:13:38 +0000 | ||
4 | Subject: [PATCH] Bug 1636771 - Fix incorrect call to Chacha20Poly1305 by | ||
5 | PKCS11. r=jcj,kjacobs,rrelyea | ||
6 | |||
7 | Differential Revision: https://phabricator.services.mozilla.com/D74801 | ||
8 | |||
9 | --HG-- | ||
10 | extra : moz-landing-system : lando | ||
11 | --- | ||
12 | nss/gtests/pk11_gtest/pk11_chacha20poly1305_unittest.cc | 11 +++++++++-- | ||
13 | nss/lib/freebl/chacha20poly1305.c | 2 +- | ||
14 | 2 files changed, 10 insertions(+), 3 deletions(-) | ||
15 | |||
16 | CVE: CVE-2020-12403 | ||
17 | Upstream-Status: Backport [https://github.com/nss-dev/nss/commit/9ff9d3925d31ab265a965ab1d16d76c496ddb5c8] | ||
18 | Comment: Refreshed path for whole patchset | ||
19 | Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com> | ||
20 | |||
21 | diff --git a/nss/gtests/pk11_gtest/pk11_chacha20poly1305_unittest.cc b/nss/gtests/pk11_gtest/pk11_chacha20poly1305_unittest.cc | ||
22 | index 41f9da71d6..3ea17678d9 100644 | ||
23 | --- a/nss/gtests/pk11_gtest/pk11_chacha20poly1305_unittest.cc | ||
24 | +++ b/nss/gtests/pk11_gtest/pk11_chacha20poly1305_unittest.cc | ||
25 | @@ -45,7 +45,7 @@ class Pkcs11ChaCha20Poly1305Test | ||
26 | SECItem params = {siBuffer, reinterpret_cast<unsigned char*>(&aead_params), | ||
27 | sizeof(aead_params)}; | ||
28 | |||
29 | - // Encrypt with bad parameters. | ||
30 | + // Encrypt with bad parameters (TagLen is too long). | ||
31 | unsigned int encrypted_len = 0; | ||
32 | std::vector<uint8_t> encrypted(data_len + aead_params.ulTagLen); | ||
33 | aead_params.ulTagLen = 158072; | ||
34 | @@ -54,9 +54,16 @@ class Pkcs11ChaCha20Poly1305Test | ||
35 | &encrypted_len, encrypted.size(), data, data_len); | ||
36 | EXPECT_EQ(SECFailure, rv); | ||
37 | EXPECT_EQ(0U, encrypted_len); | ||
38 | - aead_params.ulTagLen = 16; | ||
39 | + | ||
40 | + // Encrypt with bad parameters (TagLen is too short). | ||
41 | + aead_params.ulTagLen = 2; | ||
42 | + rv = PK11_Encrypt(key.get(), kMech, ¶ms, encrypted.data(), | ||
43 | + &encrypted_len, encrypted.size(), data, data_len); | ||
44 | + EXPECT_EQ(SECFailure, rv); | ||
45 | + EXPECT_EQ(0U, encrypted_len); | ||
46 | |||
47 | // Encrypt. | ||
48 | + aead_params.ulTagLen = 16; | ||
49 | rv = PK11_Encrypt(key.get(), kMech, ¶ms, encrypted.data(), | ||
50 | &encrypted_len, encrypted.size(), data, data_len); | ||
51 | |||
52 | diff --git a/nss/lib/freebl/chacha20poly1305.c b/nss/lib/freebl/chacha20poly1305.c | ||
53 | index 970c6436da..5c294a9eaf 100644 | ||
54 | --- a/nss/lib/freebl/chacha20poly1305.c | ||
55 | +++ b/nss/lib/freebl/chacha20poly1305.c | ||
56 | @@ -81,7 +81,7 @@ ChaCha20Poly1305_InitContext(ChaCha20Poly1305Context *ctx, | ||
57 | PORT_SetError(SEC_ERROR_BAD_KEY); | ||
58 | return SECFailure; | ||
59 | } | ||
60 | - if (tagLen == 0 || tagLen > 16) { | ||
61 | + if (tagLen != 16) { | ||
62 | PORT_SetError(SEC_ERROR_INPUT_LEN); | ||
63 | return SECFailure; | ||
64 | } | ||
65 | |||
diff --git a/meta-oe/recipes-support/nss/nss/CVE-2020-12403_2.patch b/meta-oe/recipes-support/nss/nss/CVE-2020-12403_2.patch new file mode 100644 index 000000000..7b093d0cd --- /dev/null +++ b/meta-oe/recipes-support/nss/nss/CVE-2020-12403_2.patch | |||
@@ -0,0 +1,80 @@ | |||
1 | From 06b2b1c50bd4eaa7f65d858e5e3f44f678cb3c45 Mon Sep 17 00:00:00 2001 | ||
2 | From: Benjamin Beurdouche <bbeurdouche@mozilla.com> | ||
3 | Date: Sat, 18 Jul 2020 00:13:14 +0000 | ||
4 | Subject: [PATCH] Bug 1636771 - Disable PKCS11 incremental mode for ChaCha20. | ||
5 | r=kjacobs,rrelyea | ||
6 | |||
7 | Depends on D74801 | ||
8 | |||
9 | Differential Revision: https://phabricator.services.mozilla.com/D83994 | ||
10 | |||
11 | --HG-- | ||
12 | extra : moz-landing-system : lando | ||
13 | --- | ||
14 | nss/gtests/pk11_gtest/pk11_cipherop_unittest.cc | 49 +++++++++++++++++++++ | ||
15 | nss/lib/softoken/pkcs11c.c | 1 + | ||
16 | 2 files changed, 50 insertions(+) | ||
17 | |||
18 | CVE: CVE-2020-12403 | ||
19 | Upstream-Status: Backport [https://github.com/nss-dev/nss/commit/06b2b1c50bd4eaa7f65d858e5e3f44f678cb3c45] | ||
20 | Comment: Refreshed path for whole patchset and removed change for pkcs11c.c | ||
21 | Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com> | ||
22 | |||
23 | diff --git a/nss/gtests/pk11_gtest/pk11_cipherop_unittest.cc b/nss/gtests/pk11_gtest/pk11_cipherop_unittest.cc | ||
24 | index 38982fd885..700750cc90 100644 | ||
25 | --- a/nss/gtests/pk11_gtest/pk11_cipherop_unittest.cc | ||
26 | +++ b/nss/gtests/pk11_gtest/pk11_cipherop_unittest.cc | ||
27 | @@ -77,4 +77,53 @@ TEST(Pkcs11CipherOp, SingleCtxMultipleUnalignedCipherOps) { | ||
28 | NSS_ShutdownContext(globalctx); | ||
29 | } | ||
30 | |||
31 | +TEST(Pkcs11CipherOp, SingleCtxMultipleUnalignedCipherOpsChaCha20) { | ||
32 | + PK11SlotInfo* slot; | ||
33 | + PK11SymKey* key; | ||
34 | + PK11Context* ctx; | ||
35 | + | ||
36 | + NSSInitContext* globalctx = | ||
37 | + NSS_InitContext("", "", "", "", NULL, | ||
38 | + NSS_INIT_READONLY | NSS_INIT_NOCERTDB | NSS_INIT_NOMODDB | | ||
39 | + NSS_INIT_FORCEOPEN | NSS_INIT_NOROOTINIT); | ||
40 | + | ||
41 | + const CK_MECHANISM_TYPE cipher = CKM_NSS_CHACHA20_CTR; | ||
42 | + | ||
43 | + slot = PK11_GetInternalSlot(); | ||
44 | + ASSERT_TRUE(slot); | ||
45 | + | ||
46 | + // Use arbitrary bytes for the ChaCha20 key and IV | ||
47 | + uint8_t key_bytes[32]; | ||
48 | + for (size_t i = 0; i < 32; i++) { | ||
49 | + key_bytes[i] = i; | ||
50 | + } | ||
51 | + SECItem keyItem = {siBuffer, key_bytes, 32}; | ||
52 | + | ||
53 | + uint8_t iv_bytes[16]; | ||
54 | + for (size_t i = 0; i < 16; i++) { | ||
55 | + key_bytes[i] = i; | ||
56 | + } | ||
57 | + SECItem ivItem = {siBuffer, iv_bytes, 16}; | ||
58 | + | ||
59 | + SECItem* param = PK11_ParamFromIV(cipher, &ivItem); | ||
60 | + | ||
61 | + key = PK11_ImportSymKey(slot, cipher, PK11_OriginUnwrap, CKA_ENCRYPT, | ||
62 | + &keyItem, NULL); | ||
63 | + ctx = PK11_CreateContextBySymKey(cipher, CKA_ENCRYPT, key, param); | ||
64 | + ASSERT_TRUE(key); | ||
65 | + ASSERT_TRUE(ctx); | ||
66 | + | ||
67 | + uint8_t outbuf[128]; | ||
68 | + // This is supposed to fail for Chacha20. This is because the underlying | ||
69 | + // PK11_CipherOp operation is calling the C_EncryptUpdate function for | ||
70 | + // which multi-part is disabled for ChaCha20 in counter mode. | ||
71 | + ASSERT_EQ(GetBytes(ctx, outbuf, 7), SECFailure); | ||
72 | + | ||
73 | + PK11_FreeSymKey(key); | ||
74 | + PK11_FreeSlot(slot); | ||
75 | + SECITEM_FreeItem(param, PR_TRUE); | ||
76 | + PK11_DestroyContext(ctx, PR_TRUE); | ||
77 | + NSS_ShutdownContext(globalctx); | ||
78 | +} | ||
79 | + | ||
80 | } // namespace nss_test | ||
diff --git a/meta-oe/recipes-support/nss/nss_3.51.1.bb b/meta-oe/recipes-support/nss/nss_3.51.1.bb index ac046ed0f..14f670c32 100644 --- a/meta-oe/recipes-support/nss/nss_3.51.1.bb +++ b/meta-oe/recipes-support/nss/nss_3.51.1.bb | |||
@@ -37,6 +37,8 @@ SRC_URI = "http://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/${VERSIO | |||
37 | file://0001-Bug-1631576-Force-a-fixed-length-for-DSA-exponentiat.patch \ | 37 | file://0001-Bug-1631576-Force-a-fixed-length-for-DSA-exponentiat.patch \ |
38 | file://CVE-2020-12401.patch \ | 38 | file://CVE-2020-12401.patch \ |
39 | file://CVE-2020-6829_12400.patch \ | 39 | file://CVE-2020-6829_12400.patch \ |
40 | file://CVE-2020-12403_1.patch \ | ||
41 | file://CVE-2020-12403_2.patch \ | ||
40 | " | 42 | " |
41 | 43 | ||
42 | SRC_URI[md5sum] = "6acaf1ddff69306ae30a908881c6f233" | 44 | SRC_URI[md5sum] = "6acaf1ddff69306ae30a908881c6f233" |