summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRanjitsinh Rathod <ranjitsinh.rathod@kpit.com>2021-11-12 11:02:36 +0530
committerArmin Kuster <akuster808@gmail.com>2021-11-17 12:26:32 -0800
commitbcf93614a0f89585360e534b4751220afe052013 (patch)
tree38c9f996fc6cac1b72c8a29406bb59a849b7b944
parent59bff77ad0b3a66417194670de25f60183a4f6bb (diff)
downloadmeta-openembedded-bcf93614a0f89585360e534b4751220afe052013.tar.gz
nss: Fix CVE-2020-12403
Add patch for CVE-2020-12403 Link: https://github.com/nss-dev/nss/commit/9ff9d3925d31ab265a965ab1d16d76c496ddb5c8 https://github.com/nss-dev/nss/commit/06b2b1c50bd4eaa7f65d858e5e3f44f678cb3c45 Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com> Signed-off-by: Ranjitsinh Rathod <ranjitsinhrathod1991@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
-rw-r--r--meta-oe/recipes-support/nss/nss/CVE-2020-12403_1.patch65
-rw-r--r--meta-oe/recipes-support/nss/nss/CVE-2020-12403_2.patch80
-rw-r--r--meta-oe/recipes-support/nss/nss_3.51.1.bb2
3 files changed, 147 insertions, 0 deletions
diff --git a/meta-oe/recipes-support/nss/nss/CVE-2020-12403_1.patch b/meta-oe/recipes-support/nss/nss/CVE-2020-12403_1.patch
new file mode 100644
index 000000000..a229a2d20
--- /dev/null
+++ b/meta-oe/recipes-support/nss/nss/CVE-2020-12403_1.patch
@@ -0,0 +1,65 @@
1From 9ff9d3925d31ab265a965ab1d16d76c496ddb5c8 Mon Sep 17 00:00:00 2001
2From: Benjamin Beurdouche <bbeurdouche@mozilla.com>
3Date: Sat, 18 Jul 2020 00:13:38 +0000
4Subject: [PATCH] Bug 1636771 - Fix incorrect call to Chacha20Poly1305 by
5 PKCS11. r=jcj,kjacobs,rrelyea
6
7Differential Revision: https://phabricator.services.mozilla.com/D74801
8
9--HG--
10extra : moz-landing-system : lando
11---
12 nss/gtests/pk11_gtest/pk11_chacha20poly1305_unittest.cc | 11 +++++++++--
13 nss/lib/freebl/chacha20poly1305.c | 2 +-
14 2 files changed, 10 insertions(+), 3 deletions(-)
15
16CVE: CVE-2020-12403
17Upstream-Status: Backport [https://github.com/nss-dev/nss/commit/9ff9d3925d31ab265a965ab1d16d76c496ddb5c8]
18Comment: Refreshed path for whole patchset
19Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com>
20
21diff --git a/nss/gtests/pk11_gtest/pk11_chacha20poly1305_unittest.cc b/nss/gtests/pk11_gtest/pk11_chacha20poly1305_unittest.cc
22index 41f9da71d6..3ea17678d9 100644
23--- a/nss/gtests/pk11_gtest/pk11_chacha20poly1305_unittest.cc
24+++ b/nss/gtests/pk11_gtest/pk11_chacha20poly1305_unittest.cc
25@@ -45,7 +45,7 @@ class Pkcs11ChaCha20Poly1305Test
26 SECItem params = {siBuffer, reinterpret_cast<unsigned char*>(&aead_params),
27 sizeof(aead_params)};
28
29- // Encrypt with bad parameters.
30+ // Encrypt with bad parameters (TagLen is too long).
31 unsigned int encrypted_len = 0;
32 std::vector<uint8_t> encrypted(data_len + aead_params.ulTagLen);
33 aead_params.ulTagLen = 158072;
34@@ -54,9 +54,16 @@ class Pkcs11ChaCha20Poly1305Test
35 &encrypted_len, encrypted.size(), data, data_len);
36 EXPECT_EQ(SECFailure, rv);
37 EXPECT_EQ(0U, encrypted_len);
38- aead_params.ulTagLen = 16;
39+
40+ // Encrypt with bad parameters (TagLen is too short).
41+ aead_params.ulTagLen = 2;
42+ rv = PK11_Encrypt(key.get(), kMech, &params, encrypted.data(),
43+ &encrypted_len, encrypted.size(), data, data_len);
44+ EXPECT_EQ(SECFailure, rv);
45+ EXPECT_EQ(0U, encrypted_len);
46
47 // Encrypt.
48+ aead_params.ulTagLen = 16;
49 rv = PK11_Encrypt(key.get(), kMech, &params, encrypted.data(),
50 &encrypted_len, encrypted.size(), data, data_len);
51
52diff --git a/nss/lib/freebl/chacha20poly1305.c b/nss/lib/freebl/chacha20poly1305.c
53index 970c6436da..5c294a9eaf 100644
54--- a/nss/lib/freebl/chacha20poly1305.c
55+++ b/nss/lib/freebl/chacha20poly1305.c
56@@ -81,7 +81,7 @@ ChaCha20Poly1305_InitContext(ChaCha20Poly1305Context *ctx,
57 PORT_SetError(SEC_ERROR_BAD_KEY);
58 return SECFailure;
59 }
60- if (tagLen == 0 || tagLen > 16) {
61+ if (tagLen != 16) {
62 PORT_SetError(SEC_ERROR_INPUT_LEN);
63 return SECFailure;
64 }
65
diff --git a/meta-oe/recipes-support/nss/nss/CVE-2020-12403_2.patch b/meta-oe/recipes-support/nss/nss/CVE-2020-12403_2.patch
new file mode 100644
index 000000000..7b093d0cd
--- /dev/null
+++ b/meta-oe/recipes-support/nss/nss/CVE-2020-12403_2.patch
@@ -0,0 +1,80 @@
1From 06b2b1c50bd4eaa7f65d858e5e3f44f678cb3c45 Mon Sep 17 00:00:00 2001
2From: Benjamin Beurdouche <bbeurdouche@mozilla.com>
3Date: Sat, 18 Jul 2020 00:13:14 +0000
4Subject: [PATCH] Bug 1636771 - Disable PKCS11 incremental mode for ChaCha20.
5 r=kjacobs,rrelyea
6
7Depends on D74801
8
9Differential Revision: https://phabricator.services.mozilla.com/D83994
10
11--HG--
12extra : moz-landing-system : lando
13---
14 nss/gtests/pk11_gtest/pk11_cipherop_unittest.cc | 49 +++++++++++++++++++++
15 nss/lib/softoken/pkcs11c.c | 1 +
16 2 files changed, 50 insertions(+)
17
18CVE: CVE-2020-12403
19Upstream-Status: Backport [https://github.com/nss-dev/nss/commit/06b2b1c50bd4eaa7f65d858e5e3f44f678cb3c45]
20Comment: Refreshed path for whole patchset and removed change for pkcs11c.c
21Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com>
22
23diff --git a/nss/gtests/pk11_gtest/pk11_cipherop_unittest.cc b/nss/gtests/pk11_gtest/pk11_cipherop_unittest.cc
24index 38982fd885..700750cc90 100644
25--- a/nss/gtests/pk11_gtest/pk11_cipherop_unittest.cc
26+++ b/nss/gtests/pk11_gtest/pk11_cipherop_unittest.cc
27@@ -77,4 +77,53 @@ TEST(Pkcs11CipherOp, SingleCtxMultipleUnalignedCipherOps) {
28 NSS_ShutdownContext(globalctx);
29 }
30
31+TEST(Pkcs11CipherOp, SingleCtxMultipleUnalignedCipherOpsChaCha20) {
32+ PK11SlotInfo* slot;
33+ PK11SymKey* key;
34+ PK11Context* ctx;
35+
36+ NSSInitContext* globalctx =
37+ NSS_InitContext("", "", "", "", NULL,
38+ NSS_INIT_READONLY | NSS_INIT_NOCERTDB | NSS_INIT_NOMODDB |
39+ NSS_INIT_FORCEOPEN | NSS_INIT_NOROOTINIT);
40+
41+ const CK_MECHANISM_TYPE cipher = CKM_NSS_CHACHA20_CTR;
42+
43+ slot = PK11_GetInternalSlot();
44+ ASSERT_TRUE(slot);
45+
46+ // Use arbitrary bytes for the ChaCha20 key and IV
47+ uint8_t key_bytes[32];
48+ for (size_t i = 0; i < 32; i++) {
49+ key_bytes[i] = i;
50+ }
51+ SECItem keyItem = {siBuffer, key_bytes, 32};
52+
53+ uint8_t iv_bytes[16];
54+ for (size_t i = 0; i < 16; i++) {
55+ key_bytes[i] = i;
56+ }
57+ SECItem ivItem = {siBuffer, iv_bytes, 16};
58+
59+ SECItem* param = PK11_ParamFromIV(cipher, &ivItem);
60+
61+ key = PK11_ImportSymKey(slot, cipher, PK11_OriginUnwrap, CKA_ENCRYPT,
62+ &keyItem, NULL);
63+ ctx = PK11_CreateContextBySymKey(cipher, CKA_ENCRYPT, key, param);
64+ ASSERT_TRUE(key);
65+ ASSERT_TRUE(ctx);
66+
67+ uint8_t outbuf[128];
68+ // This is supposed to fail for Chacha20. This is because the underlying
69+ // PK11_CipherOp operation is calling the C_EncryptUpdate function for
70+ // which multi-part is disabled for ChaCha20 in counter mode.
71+ ASSERT_EQ(GetBytes(ctx, outbuf, 7), SECFailure);
72+
73+ PK11_FreeSymKey(key);
74+ PK11_FreeSlot(slot);
75+ SECITEM_FreeItem(param, PR_TRUE);
76+ PK11_DestroyContext(ctx, PR_TRUE);
77+ NSS_ShutdownContext(globalctx);
78+}
79+
80 } // namespace nss_test
diff --git a/meta-oe/recipes-support/nss/nss_3.51.1.bb b/meta-oe/recipes-support/nss/nss_3.51.1.bb
index ac046ed0f..14f670c32 100644
--- a/meta-oe/recipes-support/nss/nss_3.51.1.bb
+++ b/meta-oe/recipes-support/nss/nss_3.51.1.bb
@@ -37,6 +37,8 @@ SRC_URI = "http://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/${VERSIO
37 file://0001-Bug-1631576-Force-a-fixed-length-for-DSA-exponentiat.patch \ 37 file://0001-Bug-1631576-Force-a-fixed-length-for-DSA-exponentiat.patch \
38 file://CVE-2020-12401.patch \ 38 file://CVE-2020-12401.patch \
39 file://CVE-2020-6829_12400.patch \ 39 file://CVE-2020-6829_12400.patch \
40 file://CVE-2020-12403_1.patch \
41 file://CVE-2020-12403_2.patch \
40 " 42 "
41 43
42SRC_URI[md5sum] = "6acaf1ddff69306ae30a908881c6f233" 44SRC_URI[md5sum] = "6acaf1ddff69306ae30a908881c6f233"