Closed Bug 1577822 Opened 3 months ago Closed Last month

Upgrade Firefox 71 to use NSS 3.47

Categories

(Core :: Security: PSM, task, P1)

task

Tracking

()

RESOLVED FIXED
mozilla71
Tracking Status
firefox71 --- fixed

People

(Reporter: jcj, Assigned: jcj)

References

Details

(Whiteboard: [psm-assigned][nss])

Attachments

(12 files, 1 obsolete file)

47 bytes, text/x-phabricator-request
Details | Review
47 bytes, text/x-phabricator-request
Details | Review
47 bytes, text/x-phabricator-request
Details | Review
47 bytes, text/x-phabricator-request
Details | Review
47 bytes, text/x-phabricator-request
Details | Review
47 bytes, text/x-phabricator-request
Details | Review
47 bytes, text/x-phabricator-request
Details | Review
47 bytes, text/x-phabricator-request
Details | Review
47 bytes, text/x-phabricator-request
Details | Review
47 bytes, text/x-phabricator-request
Details | Review
47 bytes, text/x-phabricator-request
Details | Review
47 bytes, text/x-phabricator-request
Details | Review

Tracking NSS 3.47 for Firefox 71. Ultimate tag will be NSS_3_47_RTM.

2019-08-30 Alexander Scheel <ascheel@redhat.com>

* automation/taskcluster/scripts/build_softoken.sh,
cmd/lib/pk11table.c, gtests/pk11_gtest/pk11_aes_cmac_unittest.cc,
gtests/pk11_gtest/pk11_gtest.gyp, lib/pk11wrap/debug_module.c,
lib/pk11wrap/pk11mech.c, lib/softoken/pkcs11.c,
lib/softoken/pkcs11c.c, lib/util/pkcs11t.h:
Bug 1570501 - Expose AES-CMAC in PKCS #11 API, r=mt

[cf0df88aa807] [tip]

* cpputil/freebl_scoped_ptrs.h, gtests/freebl_gtest/cmac_unittests.cc,
gtests/freebl_gtest/freebl_gtest.gyp, lib/freebl/blapi.h,
lib/freebl/cmac.c, lib/freebl/cmac.h, lib/freebl/exports.gyp,
lib/freebl/freebl_base.gypi, lib/freebl/ldvector.c,
lib/freebl/loader.c, lib/freebl/loader.h, lib/freebl/manifest.mn:
Bug 1570501 - Add AES-CMAC implementation to freebl, r=mt

[a42c6882ba1b]

2019-09-05 David Cooper <dcooper16@gmail.com>

* lib/smime/cmssiginfo.c:
Bug 657379 - NSS uses the wrong OID for signatureAlgorithm field of
signerInfo in CMS for DSA and ECDSA. r=rrelyea
[7a83b248de30]

2019-09-05 Daiki Ueno <dueno@redhat.com>

* lib/freebl/drbg.c:
Backed out changeset 934c8d0e7aba

It turned out to cause some new errors in LSan; backing out for now.
[34a254dd1357]

* lib/freebl/drbg.c:
Bug 1560329, drbg: perform continuous test on entropy source,
r=rrelyea

Summary: FIPS 140-2 section 4.9.2 requires a conditional self test
to check that consecutive entropy blocks from the system are
different. As neither getentropy() nor /dev/urandom provides that
check on the output, this adds the self test at caller side.

Reviewers: rrelyea

Reviewed By: rrelyea

Bug #: 1560329

[934c8d0e7aba]

2019-08-30 Kevin Jacobs <kjacobs@mozilla.com>

* coreconf/WIN32.mk:
Bug 1576664 - Remove -mms-bitfields from win32 makefile r=jcj

[bf4de7985f3d]

2019-08-29 Dana Keeler <dkeeler@mozilla.com>

* automation/abi-check/expected-report-libnss3.so.txt,
gtests/pk11_gtest/pk11_find_certs_unittest.cc, lib/nss/nss.def,
lib/pk11wrap/pk11cert.c, lib/pk11wrap/pk11pub.h:
bug 1577038 - add PK11_GetCertsFromPrivateKey r=jcj,kjacobs

PK11_GetCertFromPrivateKey only returns one certificate with a
public key that matches the given private key. This change
introduces PK11_GetCertsFromPrivateKey, which returns a list of all
certificates with public keys that match the given private key.

[9befa8d296c0]

2019-08-30 J.C. Jones <jjones@mozilla.com>

* automation/abi-check/previous-nss-release, lib/nss/nss.h,
lib/softoken/softkver.h, lib/util/nssutil.h:
Set version numbers to 3.47 beta
[685cea0a7b48]

* lib/nss/nss.h, lib/softoken/softkver.h, lib/util/nssutil.h:
Set version numbers to 3.46 final
[decbf7bd40fd] [NSS_3_46_RTM]
Pushed by jjones@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/df53ccb59e06
land NSS cf0df88aa807 UPGRADE_NSS_RELEASE, r=kjacobs

2019-09-18 Kevin Jacobs <kjacobs@mozilla.com>

* cmd/lib/derprint.c:
Bug 1581024 - Check for pointer wrap in derprint.c. r=jcj

Check for pointer wrap on output-length check in the derdump
utility.

[a3ee4f26b4c1] [tip]

2019-09-18 Giulio Benetti <giulio.benetti@micronovasrl.com>

* lib/freebl/gcm-aarch64.c:
Bug 1580126 - Fix build failure on aarch64_be while building
freebl/gcm r=kjacobs

Build failure is caused by different #ifdef conditions in gcm.c and
gcm-aarch64.c that leads to double declaration of the same gcm_*
functions.

Fix #ifdef condition in gcm-aarch64.c making it the same as the one
in gcm.c.

Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
[fa0d958de0c3]

2019-09-17 Kai Engert <kaie@kuix.de>

* automation/taskcluster/graph/src/extend.js:
Bug 1385039 - Build NSPR tests as part of NSS continuous
integration. r=kjacobs
[cc97f1a93038]

2019-09-17 Landry Breuil <landry@openbsd.org>

* lib/freebl/Makefile:
Bug 1581391 - include gcm-aarch64 on all unices, not only linux
r=kjacobs
[e7b4f293fa4e]

2019-09-17 Martin Thomson <mt@lowentropy.net>

* mach:
Bug 1581041 - Rename mach-commands to mach-completion, r=jcj

This means that we can point our completion at the gecko one.

[bc91272fcbdc]

2019-09-16 Jenine <jenine_c@outlook.com>

* cmd/pk11importtest/pk11importtest.c, lib/softoken/pkcs11.c:
Bug 1558313 - Fix clang warnings in pk11importtest.c and pkcs11.c
r=marcusburghardt

[4569b745f74e]

2019-09-13 Daiki Ueno <dueno@redhat.com>

* lib/certhigh/certvfy.c:
Bug 1542207, fix policy check on signature algorithms, r=rrelyea

Reviewers: rrelyea

Reviewed By: rrelyea

Bug #: 1542207

[ed8a41d16c1c]

2019-09-05 Daiki Ueno <dueno@redhat.com>

* lib/freebl/drbg.c:
Bug 1560329, drbg: perform continuous test on entropy source,
r=rrelyea

Summary: FIPS 140-2 section 4.9.2 requires a conditional self test
to check that consecutive entropy blocks from the system are
different. As neither getentropy() nor /dev/urandom provides that
check on the output, this adds the self test at caller side.

Reviewers: rrelyea

Reviewed By: rrelyea

Bug #: 1560329

[c66dd879d16a]

2019-09-06 Martin Thomson <mt@lowentropy.net>

* automation/taskcluster/graph/src/queue.js:
Bug 1579290 - Disable LSAN during builds, r=ueno

Summary: See the bug description for details.

[f28f3d7b7cf0]

2019-09-13 Kai Engert <kaie@kuix.de>

* Makefile, build.sh, coreconf/nspr.sh, help.txt:
Bug 1385061 - Build NSPR tests with NSS make; Add gyp parameters to
build/run NSPR tests. r=jcj
[8b4a226f7d23]

2019-09-11 Kai Engert <kaie@kuix.de>

* nss.gyp:
Bug 1577359 - Build atob and btoa for Thunderbird. r=jcj
[1fe61aadaf57]

2019-09-10 Marcus Burghardt <mburghardt@mozilla.com>

* cmd/pk12util/pk12util.c:
Bug 1579036 - Define error when trying to export non-existent cert
with pk12util. r=jcj

[65ab97f03c89]

2019-09-04 Martin Thomson <mt@lowentropy.net>

* gtests/mozpkix_gtest/pkixder_input_tests.cpp:
Bug 1578626 - Remove undefined nullptr decrement, r=keeler

Summary: This uses uintptr_t to avoid the worst. It still looks
terrible and might trip static analysis warnings, but the
reinterpret_cast should hide that.

This assumes that sizeof(uintptr_t) == sizeof(void*), so I've added
an assertion so that we'll at least fail the test on those systems.
(We could use GTEST_SKIP instead, but we don't have that in the
version of gtest that we use.)

Reviewers: keeler

Tags: #secure-revision

Bug #: 1578626

[d2485b1c997e]

2019-09-05 Marcus Burghardt <mburghardt@mozilla.com>

* gtests/pk11_gtest/pk11_find_certs_unittest.cc:
Bug 1578751 - Ensure a consistent style for
pk11_find_certs_unittest.cc. r=jcj

Adjusted the style and clang-format after the changes in some var
names.

[e95fee7f59e5]
Pushed by jjones@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/2f369bea151c
land NSS a3ee4f26b4c1 UPGRADE_NSS_RELEASE, r=kjacobs

This busted Mac builds for Thunderbird, see bug 1577359 comment #5.

Depends on: 1583068

2019-09-23 Daiki Ueno <dueno@redhat.com>

* gtests/ssl_gtest/ssl_recordsize_unittest.cc, lib/ssl/ssl3con.c,
tests/tlsfuzzer/config.json.in, tests/tlsfuzzer/tlsfuzzer.sh:
Bug 1580286, account for IV size when checking TLS 1.2 records, r=mt

Summary: This increases the limit of record expansion by 16 so that
it doesn't reject maximum block padding when HMAC-SHA384 is used.

To test this, tlsfuzzer is updated to the latest version (commit
80d7932ead1d8dae6e555cfd2b1c4c5beb2847df).

Reviewers: mt

Reviewed By: mt

Bug #: 1580286

[03039d4fad57] [tip]

2019-09-20 Kai Engert <kaie@kuix.de>

* tests/smime/smime.sh:
Bug 1577448 - Create additional nested S/MIME test messages for
Thunderbird. r=jcj
[57977ceea00e]

2019-09-19 Kai Engert <kaie@kuix.de>

* automation/taskcluster/docker-gcc-4.4/Dockerfile,
automation/taskcluster/graph/src/try_syntax.js,
automation/taskcluster/scripts/build.sh,
automation/taskcluster/scripts/build_gyp.sh,
automation/taskcluster/scripts/build_nspr.sh,
automation/taskcluster/scripts/check_abi.sh,
automation/taskcluster/scripts/gen_coverage_report.sh,
automation/taskcluster/scripts/run_coverity.sh,
automation/taskcluster/scripts/run_scan_build.sh,
automation/taskcluster/windows/build.sh,
automation/taskcluster/windows/build_gyp.sh:
Bug 1399095 - Allow nss-try to be used to test NSPR changes.
r=kjacobs
[6e1a8a7cb469]

2019-09-16 Marcus Burghardt <mburghardt@mozilla.com>

* gtests/ssl_gtest/manifest.mn,
gtests/ssl_gtest/ssl_cipherorder_unittest.cc,
gtests/ssl_gtest/ssl_gtest.gyp, lib/ssl/ssl3con.c, lib/ssl/sslexp.h,
lib/ssl/sslsock.c:
Bug 1267894 - New functions for CipherSuites Ordering and gtests.
r=jcj,kjacobs,mt

Created two new experimental functions which permit the caller
change the default order of CipherSuites used during the handshake.

[2deb38fc1d68]

2019-09-18 Christian Weisgerber <naddy@mips.inka.de>

* tests/policy/policy.sh, tests/ssl/ssl.sh:
Bug 1581507 - Fix unportable grep expression in test scripts
r=marcusburghardt
[edc1e405afa4]

2019-09-18 Franziskus Kiefer <franziskuskiefer@gmail.com>

* lib/jar/jarfile.c:
Bug 1234830 - [CID 1242894][CID 1242852] unused values.
r=kaie,r=kjacobs
[b6d3f5c95aad]

2019-09-18 Kai Engert <kaie@kuix.de>

* cmd/symkeyutil/symkeyutil.c:
Bug 1581759 - fix incorrect if condition in symkeyutil. r=kjacobs
[306550105228]
Pushed by jjones@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/73f2bfcab947
land NSS 03039d4fad57 UPGRADE_NSS_RELEASE, r=kjacobs

2019-09-27 Daiki Ueno <dueno@redhat.com>

* cmd/lib/Makefile, cmd/lib/lib.gyp, cmd/lib/manifest.mn,
cmd/lib/secutil.c, cmd/lib/secutil.h, cmd/platlibs.mk,
cmd/selfserv/selfserv.c, cmd/tstclnt/tstclnt.c, tests/ssl/ssl.sh:
Bug 1494063, add -x option to tstclnt/selfserv to export keying
material, r=mt

Reviewers: rrelyea, mt

Reviewed By: mt

Subscribers: HubertKario

Bug #: 1494063

[be9c48ad76cb] [tip]

2019-02-25 Martin Thomson <martin.thomson@gmail.com>

* gtests/pk11_gtest/manifest.mn, gtests/pk11_gtest/pk11_gtest.gyp,
gtests/pk11_gtest/pk11_import_unittest.cc,
gtests/pk11_gtest/pk11_key_unittest.cc,
gtests/pk11_gtest/pk11_keygen.cc, gtests/pk11_gtest/pk11_keygen.h:
Bug 1515342 - Tests for invalid DH public keys, r=jcj

Summary: This prevents crashes on invalid, particularly NULL, keys
for DH and ECDH.

I factored out test code already landed for this.

[7e3476b7a912]

2019-09-27 Martin Thomson <martin.thomson@gmail.com>

* cpputil/nss_scoped_ptrs.h, cpputil/scoped_ptrs_util.h,
gtests/common/testvectors/curve25519-vectors.h,
gtests/der_gtest/der_quickder_unittest.cc, lib/util/quickder.c:
Bug 1515342 - Checks for invalid bit strings, r=jcj

[f4fe0da73446]

2019-09-27 Martin Thomson <mt@lowentropy.net>

* cmd/lib/derprint.c:
Bug 1581024 - Fix pointer comparisons, a=bustage
[062bc5e9859a]

2019-09-24 Kevin Jacobs <kjacobs@mozilla.com>

* cmd/lib/derprint.c:
Bug 1581024 - fixup pointer wrap check to prevent it from being
optimized out. r=jcj

[f7fef2487a60]

2019-09-26 Deian Stefan <deian@cs.ucsd.edu>

* lib/softoken/pkcs11c.c, lib/softoken/tlsprf.c:
Bug 1582343 - Use constant time memcmp in more places r=kjacobs,jcj
[86ef6ba1f1d7]

2019-09-26 Marcus Burghardt <mburghardt@mozilla.com>

* gtests/pk11_gtest/pk11_aes_gcm_unittest.cc, lib/freebl/gcm.c,
lib/freebl/intel-gcm-wrap.c:
Bug 1578238 - Validate tag size in AES_GCM. r=kjacobs,jcj

Validate tag size in AES_GCM.

[4e3971fd992c]

* gtests/pk11_gtest/manifest.mn, gtests/pk11_gtest/pk11_gtest.gyp,
gtests/pk11_gtest/pk11_seed_cbc_unittest.cc, lib/freebl/seed.c:
Bug 1576295 - SEED_CBC encryption check input arguments.
r=kjacobs,jcj,mt

Ensure the arguments passed to these functions are valid.

[7580a5a212c7]
Pushed by jjones@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/9b944cc72cdc
land NSS be9c48ad76cb UPGRADE_NSS_RELEASE, r=kjacobs

2019-09-27 J.C. Jones <jjones@mozilla.com>

* lib/softoken/pkcs11.c, lib/softoken/pkcs11i.h,
lib/softoken/pkcs11u.c:
Bug 1508776 - Remove unneeded refcounting from SFTKSession
r=mt,kjacobs

SFTKSession objects are only ever actually destroyed at PK11 session
closure, as the session is always the final holder -- and asserting
refCount == 1 shows that to be true. Because of that,
NSC_CloseSession can just call `sftk_DestroySession` directly and
leave `sftk_FreeSession` as a no-op to be removed in the future.

[5619cbbca3db] [tip]
Pushed by jjones@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/32eea6049fe7
land NSS 5619cbbca3db UPGRADE_NSS_RELEASE, r=kjacobs

2019-10-01 Kevin Jacobs <kjacobs@mozilla.com>

* lib/softoken/pkcs11c.c:
Bug 1577953 - Support longer (up to RFC maximum) HKDF outputs r=jcj

HKDF-Expand enforces a maximum output length much shorter than
stated in the RFC. This patch aligns the implementation with the RFC
by allocating more output space when necessary.

[c0913ad7a560] [tip]

2019-09-30 Kevin Jacobs <kjacobs@mozilla.com>

* gtests/common/testvectors/curve25519-vectors.h,
gtests/pk11_gtest/pk11_curve25519_unittest.cc,
gtests/pk11_gtest/pk11_ecdsa_unittest.cc,
gtests/pk11_gtest/pk11_ecdsa_vectors.h,
gtests/pk11_gtest/pk11_signature_test.h:
Bug 1558234 - Additional EC key tests, r=jcj

Adds additional EC key corner case testing.

[c20364849713]
Pushed by rgurzau@mozilla.com:
https://hg.mozilla.org/mozilla-central/rev/5ad3cfbe42f6
land NSS c0913ad7a560 UPGRADE_NSS_RELEASE, r=kjacobs

2019-10-03 Kevin Jacobs <kjacobs@mozilla.com>

* gtests/pk11_gtest/pk11_cbc_unittest.cc, lib/softoken/pkcs11c.c:
Bug 1576307 - Fixup for fips tests, permit NULL iv as necessary.
r=jcj

ECB mode should not require an IV.

[dc86215aea17] [tip]

2019-09-30 Kevin Jacobs <kjacobs@mozilla.com>

* gtests/pk11_gtest/pk11_cbc_unittest.cc, lib/softoken/pkcs11c.c:
Bug 1576307 - Check mechanism param and param length before casting
to mechanism-specific structs. r=jcj

This patch adds missing PKCS11 input parameter checks, which are
needed prior to casting to mechanism-specific structs.

[53d92a324080]
Pushed by jjones@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/cdeda4226ef5
land NSS dc86215aea17 UPGRADE_NSS_RELEASE, r=kjacobs

2019-10-11 Kai Engert <kaie@kuix.de>

* automation/release/nspr-version.txt:
Bug 1583068 - Require NSPR version 4.23 r=jcj
[93245f5733b3] [NSS_3_47_BETA1]

2019-10-11 Kevin Jacobs <kjacobs@mozilla.com>

* coreconf/config.gypi, lib/freebl/freebl.gyp:
Bug 1152625 - Add gyp flag for disabling ARM HW AES r=jcj

Adds an option to disable ARMv8 HW AES, if `-Ddisable_arm_hw_aes=1`
is passed to build.sh.

Depends on D34473

[9abcea09fdd4]

2019-10-11 Makoto Kato <m_kato@ga2.so-net.ne.jp>

* lib/freebl/aes-armv8.c:
Bug 1152625 - Part 2. Remove __builtin_assume to avoid crash on PGO.
r=kjacobs,mt

`AESContext->iv` doesn't align to 16 bytes on PGO build, so we
should remove __builtin_assume. Also, I guess that `expandedKey` has
same problem.

[1b0f5c5335ee]

* lib/freebl/Makefile, lib/freebl/aes-armv8.c, lib/freebl/aes-armv8.h,
lib/freebl/freebl.gyp, lib/freebl/intel-aes.h,
lib/freebl/rijndael.c:
Bug 1152625 - Support AES HW acceleration on ARMv8. r=kjacobs,jcj

[efb895a43899]

2019-09-06 Martin Thomson <mt@lowentropy.net>

* gtests/ssl_gtest/ssl_auth_unittest.cc,
gtests/ssl_gtest/ssl_ciphersuite_unittest.cc,
gtests/ssl_gtest/ssl_extension_unittest.cc,
gtests/ssl_gtest/ssl_fuzz_unittest.cc,
gtests/ssl_gtest/tls_esni_unittest.cc, lib/ssl/ssl3con.c,
lib/ssl/ssl3exthandle.c, lib/ssl/sslimpl.h, lib/ssl/tls13con.c:
Bug 1549225 - Up front Signature Scheme validation, r=ueno

Summary: This patch started as an attempt to ensure that a DSA
signature scheme would not be advertised if we weren't willing to
negotiate versions less than TLS 1.3. Then I realized that we didn't
do the same for PKCS#1 RSA.

Then I realized that we were still willing to try to establish
connections when we had a certificate that we couldn't use.

Then I realized that ssl3_config_match_init() wasn't being run
consistently. On resumption, we only ran it when we were PARANOID.
That's silly because we weren't checking policies.

Then I realized that we were allowing ECDSA certificates to be used
when the named group in the certificate was disabled. We weren't
enforcing that consistently either. However, I also discovered that
the check we have wouldn't work without a tweak because in TLS 1.3
the named group is part of the signature scheme; the configured
named groups are only used prior to TLS 1.3 when selecting
ECDSA/ECDH certificates.

So that sounds like a lot of changes but what it boils down to is
more robust checking of the configuration prior to starting a
connection. As a result, we should be offering fewer options that
we're unwilling or unable to follow through on. A good number of
tests needed tweaking as a result because we were relying on getting
past the checks in those tests. No real problems were found as a
result; this just moves failures that might arise from
misconfiguration a little earlier in the process.

[9b418f0a4912]

2019-10-08 Kevin Jacobs <kjacobs@mozilla.com>

* gtests/pk11_gtest/pk11_der_private_key_import_unittest.cc,
lib/pk11wrap/pk11pk12.c:
Bug 1586947 - Store nickname during EC key import. r=jcj

This patch stores the nickname (if specified) during EC key import.
This was already done for all other key types.

[c319019aee75]

2019-10-08 Marcus Burghardt <mburghardt@mozilla.com>

* lib/certdb/stanpcertdb.c, lib/pk11wrap/pk11load.c,
lib/pki/pki3hack.c:
Bug 1586456 - Unnecessary conditional in pki3hack, pk11load and
stanpcertdb. r=jcj

Some conditionals that are always true were removed.

[b34061c3a377]

2019-10-15 J.C. Jones <jjones@mozilla.com>

* cmd/addbuiltin/addbuiltin.c:
Bug 1465613 - Fixup clang format a=bustage
[f657d65428c6] [NSS_3_47_BETA2]

2019-10-11 Marcus Burghardt <mburghardt@mozilla.com>

* automation/abi-check/expected-report-libnss3.so.txt, automation/abi-
check/expected-report-libsmime3.so.txt, automation/abi-check
/expected-report-libssl3.so.txt, cmd/addbuiltin/addbuiltin.c,
cmd/lib/secutil.c, gtests/softoken_gtest/manifest.mn,
gtests/softoken_gtest/softoken_gtest.gyp,
gtests/softoken_gtest/softoken_nssckbi_testlib_gtest.cc,
lib/certdb/certdb.c, lib/certdb/certt.h, lib/ckfw/builtins/README,
lib/ckfw/builtins/certdata.txt, lib/ckfw/builtins/manifest.mn,
lib/ckfw/builtins/nssckbi.h, lib/ckfw/builtins/testlib/Makefile,
lib/ckfw/builtins/testlib/builtins-testlib.gyp,
lib/ckfw/builtins/testlib/certdata-testlib.txt,
lib/ckfw/builtins/testlib/config.mk,
lib/ckfw/builtins/testlib/manifest.mn, lib/ckfw/builtins/testlib
/nssckbi-testlib.rc,
lib/ckfw/builtins/testlib/testcert_err_distrust.txt,
lib/ckfw/builtins/testlib/testcert_no_distrust.txt,
lib/ckfw/builtins/testlib/testcert_ok_distrust.txt,
lib/ckfw/manifest.mn, lib/nss/nss.def, lib/pki/pki3hack.c,
lib/softoken/sdb.c, lib/util/pkcs11n.h, nss.gyp, tests/cert/cert.sh:
Bug 1465613 - Created two new fields for scheduled distrust from
builtins and updated support commands. r=jcj,kjacobs,mt

Added two new fields do scheduled distrust of CAs in
nssckbi/builtins. Also, created a testlib to validate these fields
with gtests.

[52024949df95]

2019-10-14 Martin Thomson <martin.thomson@gmail.com>

* lib/ssl/tls13con.c:
Bug 1588557 - Fix debug statement, r=jcj

[0f563a2571c3]

2019-10-15 Dana Keeler <dkeeler@mozilla.com>

* gtests/mozpkix_gtest/pkixder_universal_types_tests.cpp,
lib/mozpkix/include/pkix/pkixder.h, lib/mozpkix/lib/pkixcert.cpp:
bug 1579060 - fix handling of issuerUniqueID and subjectUniqueID in
mozilla::pkix::BackCert r=jcj

According to RFC 5280, the definitions of issuerUniqueID and
subjectUniqueID in TBSCertificate are as follows:

 issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL,
subjectUniqueID [2] IMPLICIT UniqueIdentifier OPTIONAL,

where UniqueIdentifier is a BIT STRING.

IMPLICIT tags replace the tag of the underlying type. For these
fields, there is no specified class (just a tag number within the
class), and the underlying type of BIT STRING is "primitive" (i.e.
not constructed). Thus, the tags should be of the form CONTEXT
SPECIFIC | [number in class], which comes out to 0x81 and 0x82,
respectively.

When originally implemented, mozilla::pkix incorrectly required that
the CONSTRUCTED bit also be set for these fields. Consequently, the
library would reject any certificate that actually contained these
fields. Evidently such certificates are rare.

[c50f933d37a5]

2019-10-14 Deian Stefan <deian@cs.ucsd.edu>

* lib/softoken/pkcs11c.c:
Bug 1459141 - Rewrite softoken CBC pad check to be constant time.
r=kjacobs,jcj
[474d62c9d0db]

2019-10-11 J.C. Jones <jjones@mozilla.com>

* .hgtags:
Added tag NSS_3_47_BETA1 for changeset 93245f5733b3
[f60dbafbc182]
Pushed by jjones@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/3eb63c112f5a
land NSS NSS_3_47_BETA2 UPGRADE_NSS_RELEASE, r=kjacobs
Attachment #9101457 - Attachment description: Backed out changeset 3eb63c112f5a (Bug 1577822) for breaking WebAuthn mochitests → Backed out changeset 3eb63c112f5a (Bug 1577822) for breaking WebAuthn mochitests UPGRADE_NSS_RELEASE
Backout by jjones@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/d82198f74526
Backed out changeset 3eb63c112f5a for breaking WebAuthn mochitests UPGRADE_NSS_RELEASE

2019-10-16 J.C. Jones <jjones@mozilla.com>

* lib/softoken/pkcs11c.c:
Bug 1459141 - Backed out changeset 474d62c9d0db for PK11_Wrap/Unwrap
issues r=me
[f10c3e0757b7] [NSS_3_47_BETA3]

2019-10-15 J.C. Jones <jjones@mozilla.com>

* .hgtags:
Added tag NSS_3_47_BETA2 for changeset f657d65428c6
[3ca8b20b24ee]

* cmd/addbuiltin/addbuiltin.c:
Bug 1465613 - Fixup clang format a=bustage
[f657d65428c6] [NSS_3_47_BETA2]

2019-10-11 Marcus Burghardt <mburghardt@mozilla.com>

* automation/abi-check/expected-report-libnss3.so.txt, automation/abi-
check/expected-report-libsmime3.so.txt, automation/abi-check
/expected-report-libssl3.so.txt, cmd/addbuiltin/addbuiltin.c,
cmd/lib/secutil.c, gtests/softoken_gtest/manifest.mn,
gtests/softoken_gtest/softoken_gtest.gyp,
gtests/softoken_gtest/softoken_nssckbi_testlib_gtest.cc,
lib/certdb/certdb.c, lib/certdb/certt.h, lib/ckfw/builtins/README,
lib/ckfw/builtins/certdata.txt, lib/ckfw/builtins/manifest.mn,
lib/ckfw/builtins/nssckbi.h, lib/ckfw/builtins/testlib/Makefile,
lib/ckfw/builtins/testlib/builtins-testlib.gyp,
lib/ckfw/builtins/testlib/certdata-testlib.txt,
lib/ckfw/builtins/testlib/config.mk,
lib/ckfw/builtins/testlib/manifest.mn, lib/ckfw/builtins/testlib
/nssckbi-testlib.rc,
lib/ckfw/builtins/testlib/testcert_err_distrust.txt,
lib/ckfw/builtins/testlib/testcert_no_distrust.txt,
lib/ckfw/builtins/testlib/testcert_ok_distrust.txt,
lib/ckfw/manifest.mn, lib/nss/nss.def, lib/pki/pki3hack.c,
lib/softoken/sdb.c, lib/util/pkcs11n.h, nss.gyp, tests/cert/cert.sh:
Bug 1465613 - Created two new fields for scheduled distrust from
builtins and updated support commands. r=jcj,kjacobs,mt

Added two new fields do scheduled distrust of CAs in
nssckbi/builtins. Also, created a testlib to validate these fields
with gtests.

[52024949df95]

2019-10-14 Martin Thomson <martin.thomson@gmail.com>

* lib/ssl/tls13con.c:
Bug 1588557 - Fix debug statement, r=jcj

[0f563a2571c3]

2019-10-15 Dana Keeler <dkeeler@mozilla.com>

* gtests/mozpkix_gtest/pkixder_universal_types_tests.cpp,
lib/mozpkix/include/pkix/pkixder.h, lib/mozpkix/lib/pkixcert.cpp:
bug 1579060 - fix handling of issuerUniqueID and subjectUniqueID in
mozilla::pkix::BackCert r=jcj

According to RFC 5280, the definitions of issuerUniqueID and
subjectUniqueID in TBSCertificate are as follows:

 issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL,
subjectUniqueID [2] IMPLICIT UniqueIdentifier OPTIONAL,

where UniqueIdentifier is a BIT STRING.

IMPLICIT tags replace the tag of the underlying type. For these
fields, there is no specified class (just a tag number within the
class), and the underlying type of BIT STRING is "primitive" (i.e.
not constructed). Thus, the tags should be of the form CONTEXT
SPECIFIC | [number in class], which comes out to 0x81 and 0x82,
respectively.

When originally implemented, mozilla::pkix incorrectly required that
the CONSTRUCTED bit also be set for these fields. Consequently, the
library would reject any certificate that actually contained these
fields. Evidently such certificates are rare.

[c50f933d37a5]

2019-10-14 Deian Stefan <deian@cs.ucsd.edu>

* lib/softoken/pkcs11c.c:
Bug 1459141 - Rewrite softoken CBC pad check to be constant time.
r=kjacobs,jcj
[474d62c9d0db]

2019-10-11 J.C. Jones <jjones@mozilla.com>

* .hgtags:
Added tag NSS_3_47_BETA1 for changeset 93245f5733b3
[f60dbafbc182]
Pushed by jjones@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/98e9a37281b0
land NSS NSS_3_47_BETA3 UPGRADE_NSS_RELEASE, r=kjacobs

2019-10-18 Deian Stefan <deian@cs.ucsd.edu>

* lib/softoken/pkcs11c.c:
Bug 1459141 - Rewrite softoken CBC pad check to be constant
r=jcj,kjacobs

[d3c8638f85cd] [NSS_3_47_BETA4]

2019-10-17 Kevin Jacobs <kjacobs@mozilla.com>

* gtests/pk11_gtest/pk11_cbc_unittest.cc:
Bug 1589120 - Additional test vectors for CBC padding. r=jcj

This patch adds more test vectors for AES-CBC and 3DES-CBC padding.

[7f17b911ac99]

* gtests/pk11_gtest/manifest.mn,
gtests/pk11_gtest/pk11_aeskeywrappad_unittest.cc,
gtests/pk11_gtest/pk11_gtest.gyp:
Bug 1589120 - Tests for padded AES key wrap r=jcj

This patch adds test vectors for padded AES Key Wrap. AES-CBC and
3DES-CBC ports of the same vectors will be included in a separate
revision.

[fb4d9b6ea2c4]

2019-10-16 Kevin Jacobs <kjacobs@mozilla.com>

* gtests/ssl_gtest/tls_agent.cc, gtests/ssl_gtest/tls_agent.h,
gtests/ssl_gtest/tls_subcerts_unittest.cc, lib/ssl/ssl3con.c,
lib/ssl/sslimpl.h, lib/ssl/tls13subcerts.c,
tests/common/certsetup.sh, tests/ssl_gtests/ssl_gtests.sh:
Bug 1588244 - SSLExp_DelegateCredential to support 'rsaEncryption'
end-entity certs with default scheme override r=mt

If an end-entity cert has an SPKI type of 'rsaEncryption', override
the DC alg to be `ssl_sig_rsa_pss_rsae_sha256`.

[93383e0fb833]

2019-10-16 J.C. Jones <jjones@mozilla.com>

* .hgtags:
Added tag NSS_3_47_BETA3 for changeset f10c3e0757b7
[fa8a67bee2dc]
Pushed by jjones@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/27bbc1fba015
land NSS NSS_3_47_BETA4 UPGRADE_NSS_RELEASE, r=kjacobs

2019-10-18 J.C. Jones <jjones@mozilla.com>

* lib/nss/nss.h, lib/softoken/softkver.h, lib/util/nssutil.h:
Set version numbers to 3.47 final
[7ccb4ade5577] [NSS_3_47_RTM] <NSS_3_47_BRANCH>

* .hgtags:
Added tag NSS_3_47_BETA4 for changeset d3c8638f85cd
[d5bd7be1bf2a]
Keywords: leave-open
Attachment #9101434 - Attachment is obsolete: true
Pushed by jjones@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/55441e5aee45
land NSS NSS_3_47_RTM UPGRADE_NSS_RELEASE, r=kjacobs
Status: ASSIGNED → RESOLVED
Closed: Last month
Resolution: --- → FIXED
Target Milestone: --- → mozilla71
You need to log in before you can comment on or make changes to this bug.