From 9ff9d3925d31ab265a965ab1d16d76c496ddb5c8 Mon Sep 17 00:00:00 2001 From: Benjamin Beurdouche Date: Sat, 18 Jul 2020 00:13:38 +0000 Subject: [PATCH] Bug 1636771 - Fix incorrect call to Chacha20Poly1305 by PKCS11. r=jcj,kjacobs,rrelyea Differential Revision: https://phabricator.services.mozilla.com/D74801 --HG-- extra : moz-landing-system : lando --- nss/gtests/pk11_gtest/pk11_chacha20poly1305_unittest.cc | 11 +++++++++-- nss/lib/freebl/chacha20poly1305.c | 2 +- 2 files changed, 10 insertions(+), 3 deletions(-) CVE: CVE-2020-12403 Upstream-Status: Backport [https://github.com/nss-dev/nss/commit/9ff9d3925d31ab265a965ab1d16d76c496ddb5c8] Comment: Refreshed path for whole patchset Signed-off-by: Ranjitsinh Rathod diff --git a/nss/gtests/pk11_gtest/pk11_chacha20poly1305_unittest.cc b/nss/gtests/pk11_gtest/pk11_chacha20poly1305_unittest.cc index 41f9da71d6..3ea17678d9 100644 --- a/nss/gtests/pk11_gtest/pk11_chacha20poly1305_unittest.cc +++ b/nss/gtests/pk11_gtest/pk11_chacha20poly1305_unittest.cc @@ -45,7 +45,7 @@ class Pkcs11ChaCha20Poly1305Test SECItem params = {siBuffer, reinterpret_cast(&aead_params), sizeof(aead_params)}; - // Encrypt with bad parameters. + // Encrypt with bad parameters (TagLen is too long). unsigned int encrypted_len = 0; std::vector encrypted(data_len + aead_params.ulTagLen); aead_params.ulTagLen = 158072; @@ -54,9 +54,16 @@ class Pkcs11ChaCha20Poly1305Test &encrypted_len, encrypted.size(), data, data_len); EXPECT_EQ(SECFailure, rv); EXPECT_EQ(0U, encrypted_len); - aead_params.ulTagLen = 16; + + // Encrypt with bad parameters (TagLen is too short). + aead_params.ulTagLen = 2; + rv = PK11_Encrypt(key.get(), kMech, ¶ms, encrypted.data(), + &encrypted_len, encrypted.size(), data, data_len); + EXPECT_EQ(SECFailure, rv); + EXPECT_EQ(0U, encrypted_len); // Encrypt. + aead_params.ulTagLen = 16; rv = PK11_Encrypt(key.get(), kMech, ¶ms, encrypted.data(), &encrypted_len, encrypted.size(), data, data_len); diff --git a/nss/lib/freebl/chacha20poly1305.c b/nss/lib/freebl/chacha20poly1305.c index 970c6436da..5c294a9eaf 100644 --- a/nss/lib/freebl/chacha20poly1305.c +++ b/nss/lib/freebl/chacha20poly1305.c @@ -81,7 +81,7 @@ ChaCha20Poly1305_InitContext(ChaCha20Poly1305Context *ctx, PORT_SetError(SEC_ERROR_BAD_KEY); return SECFailure; } - if (tagLen == 0 || tagLen > 16) { + if (tagLen != 16) { PORT_SetError(SEC_ERROR_INPUT_LEN); return SECFailure; }