Closed Bug 1748386 Opened 3 years ago Closed 3 years ago

CKM_CHACHA20 cannot be used

Categories

(NSS :: Libraries, defect)

Product:
NSS
Component:
Libraries
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: mt, Assigned: mt)

Details

Attachments

(2 files, 1 obsolete file)

Bug 1748386 - Enable CKM_CHACHA20, r=rrelyea,#nss-reviewers
48 bytes, text/x-phabricator-request
Details | Review
Bug 1748386 - Remove redundant key type check, r?rrelyea
48 bytes, text/x-phabricator-request
Details | Review

This is for two reasons:

  1. Keys constructed for use with CKM_CHACHA20_* are incorrectly assigned a type of CKK_NSS_CHACHA20 by PK11_GetKeyType. CKM_CHACHA20_POLY1305 doesn't check this (it should), so it works fine. CKM_CHACHA20 does and this check prevents the cipher from being initialized.

  2. CKM_CHACHA20 is not listed in the mechanism table in softoken/pk11mech.c, so it cannot be used for any purpose.

This change makes a few tiny changes to the code to re-enable the use of
Chacha20 ciphers and align their key type.

There are a lot more changes in tests, mostly just to factor existing tests and
determine that the legacy and final PKCS#11 mechanisms work as expected.

This change makes a few tiny changes to the code to re-enable the use of
Chacha20 ciphers and align their key type.

There are a lot more changes in tests, mostly just to factor existing tests and
determine that the legacy and final PKCS#11 mechanisms work as expected.

Attachment #9258256 - Attachment is obsolete: true

Landed https://hg.mozilla.org/projects/nss/rev/44e6341be5e829c33bdd72d8f9b22ad6f308f227

Keeping open until D135808 lands (a small follow-up from coverity).

Target Milestone: --- → 3.75

https://hg.mozilla.org/projects/nss/rev/f9708b22f2f6cdafd2b1ecda572d31828c21b991 is the follow-up.

Status: NEW → RESOLVED
Closed: 3 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: