Issue #1693 - Update NSS to 3.79.4

7 files changed, 61 insertions, 18 deletions

diff --git a/security/nss/lib/freebl/mpi/mpi.c b/security/nss/lib/freebl/mpi/mpi.c
index 1b7b171e7d..1d306696fb 100644
--- a/security/nss/lib/freebl/mpi/mpi.c
+++ b/security/nss/lib/freebl/mpi/mpi.c
@@ -2693,7 +2693,7 @@ mp_radix_size(mp_int *mp, int radix)
 
     bits = USED(mp) * DIGIT_BIT - 1;
 
-    return s_mp_outlen(bits, radix);
+    return SIGN(mp) + s_mp_outlen(bits, radix);
 
 } /* end mp_radix_size() */
 
diff --git a/security/nss/lib/freebl/mpi/mpi_amd64_gas.s b/security/nss/lib/freebl/mpi/mpi_amd64_common.S
index ad6e2b9d7e..4000f2066a 100644
--- a/security/nss/lib/freebl/mpi/mpi_amd64_gas.s
+++ b/security/nss/lib/freebl/mpi/mpi_amd64_common.S
@@ -18,7 +18,15 @@
 # s_mpv_mul_set_vec64(uint64_t *r, uint64_t *a, int len, uint64_t digit)
 #
 
-.text; .align 16; .globl s_mpv_mul_set_vec64; .type s_mpv_mul_set_vec64, @function; s_mpv_mul_set_vec64:
+.text; .align 16; .globl s_mpv_mul_set_vec64;
+
+#ifdef DARWIN
+#define s_mpv_mul_set_vec64		_s_mpv_mul_set_vec64
+.private_extern s_mpv_mul_set_vec64
+s_mpv_mul_set_vec64:
+#else
+.type s_mpv_mul_set_vec64, @function; s_mpv_mul_set_vec64:
+#endif
 
 	xorq	%rax, %rax		# if (len == 0) return (0)
 	testq	%rdx, %rdx
@@ -169,7 +177,9 @@
 	movq	%r9, %rax
 	ret
 
+#ifndef DARWIN
 .size s_mpv_mul_set_vec64, .-s_mpv_mul_set_vec64
+#endif
 
 # ------------------------------------------------------------------------
 #
@@ -186,7 +196,15 @@
 # s_mpv_mul_add_vec64(uint64_t *r, uint64_t *a, int len, uint64_t digit)
 #
 
-.text; .align 16; .globl s_mpv_mul_add_vec64; .type s_mpv_mul_add_vec64, @function; s_mpv_mul_add_vec64:
+.text; .align 16; .globl s_mpv_mul_add_vec64;
+
+#ifdef DARWIN
+#define s_mpv_mul_add_vec64      _s_mpv_mul_add_vec64
+.private_extern s_mpv_mul_add_vec64
+s_mpv_mul_add_vec64:
+#else
+.type s_mpv_mul_add_vec64, @function; s_mpv_mul_add_vec64:
+#endif
 
 	xorq	%rax, %rax		# if (len == 0) return (0)
 	testq	%rdx, %rdx
@@ -381,9 +399,11 @@
 .L27:
 	movq	%r9, %rax
 	ret
-        
+
+#ifndef DARWIN
 .size s_mpv_mul_add_vec64, .-s_mpv_mul_add_vec64
 
 # Magic indicating no need for an executable stack
 .section .note.GNU-stack, "", @progbits
 .previous
+#endif
diff --git a/security/nss/lib/freebl/mpi/mplogic.c b/security/nss/lib/freebl/mpi/mplogic.c
index 23ddfec1aa..db19cff138 100644
--- a/security/nss/lib/freebl/mpi/mplogic.c
+++ b/security/nss/lib/freebl/mpi/mplogic.c
@@ -222,10 +222,9 @@ mpl_lsh(const mp_int *a, mp_int *b, mp_digit d)
 /* {{{ mpl_num_set(a, num) */
 
 mp_err
-mpl_num_set(mp_int *a, int *num)
+mpl_num_set(mp_int *a, unsigned int *num)
 {
-    unsigned int ix;
-    int db, nset = 0;
+    unsigned int ix, db, nset = 0;
     mp_digit cur;
     unsigned char reg;
 
@@ -253,10 +252,9 @@ mpl_num_set(mp_int *a, int *num)
 /* {{{ mpl_num_clear(a, num) */
 
 mp_err
-mpl_num_clear(mp_int *a, int *num)
+mpl_num_clear(mp_int *a, unsigned int *num)
 {
-    unsigned int ix;
-    int db, nset = 0;
+    unsigned int ix, db, nset = 0;
     mp_digit cur;
     unsigned char reg;
 
diff --git a/security/nss/lib/freebl/mpi/mplogic.h b/security/nss/lib/freebl/mpi/mplogic.h
index 6a0f67c503..71b7551392 100644
--- a/security/nss/lib/freebl/mpi/mplogic.h
+++ b/security/nss/lib/freebl/mpi/mplogic.h
@@ -39,9 +39,9 @@ mp_err mpl_lsh(const mp_int *a, mp_int *b, mp_digit d); /* left shift     */
 
 /* Bit count and parity              */
 
-mp_err mpl_num_set(mp_int *a, int *num);   /* count set bits    */
-mp_err mpl_num_clear(mp_int *a, int *num); /* count clear bits  */
-mp_err mpl_parity(mp_int *a);              /* determine parity  */
+mp_err mpl_num_set(mp_int *a, unsigned int *num);   /* count set bits    */
+mp_err mpl_num_clear(mp_int *a, unsigned int *num); /* count clear bits  */
+mp_err mpl_parity(mp_int *a);                       /* determine parity  */
 
 /* Get & Set the value of a bit */
 
diff --git a/security/nss/lib/freebl/mpi/mpmontg.c b/security/nss/lib/freebl/mpi/mpmontg.c
index 3acdc9fef1..79104f7b95 100644
--- a/security/nss/lib/freebl/mpi/mpmontg.c
+++ b/security/nss/lib/freebl/mpi/mpmontg.c
@@ -1006,7 +1006,11 @@ CLEANUP:
     mp_clear(&accum[2]);
     mp_clear(&accum[3]);
     mp_clear(&tmp);
-    /* PORT_Memset(powers,0,num_powers*nLen*sizeof(mp_digit)); */
+    /* zero required by FIPS here, can't use PORT_ZFree
+     * because mpi doesn't link with util */
+    if (powers) {
+        PORT_Memset(powers, 0, num_powers * sizeof(mp_digit));
+    }
     free(powersArray);
     return res;
 }
diff --git a/security/nss/lib/freebl/mpi/mpprime.c b/security/nss/lib/freebl/mpi/mpprime.c
index 9d6232c29c..b757150e79 100644
--- a/security/nss/lib/freebl/mpi/mpprime.c
+++ b/security/nss/lib/freebl/mpi/mpprime.c
@@ -126,6 +126,8 @@ mpp_random(mp_int *a)
 
 /* }}} */
 
+static mpp_random_fn mpp_random_insecure = &mpp_random;
+
 /* {{{ mpp_random_size(a, prec) */
 
 mp_err
@@ -138,7 +140,7 @@ mpp_random_size(mp_int *a, mp_size prec)
     if ((res = s_mp_pad(a, prec)) != MP_OKAY)
         return res;
 
-    return mpp_random(a);
+    return (*mpp_random_insecure)(a);
 
 } /* end mpp_random_size() */
 
@@ -272,6 +274,12 @@ mpp_fermat_list(mp_int *a, const mp_digit *primes, mp_size nPrimes)
 mp_err
 mpp_pprime(mp_int *a, int nt)
 {
+    return mpp_pprime_ext_random(a, nt, mpp_random_insecure);
+}
+
+mp_err
+mpp_pprime_ext_random(mp_int *a, int nt, mpp_random_fn random)
+{
     mp_err res;
     mp_int x, amo, m, z; /* "amo" = "a minus one" */
     int iter;
@@ -306,7 +314,7 @@ mpp_pprime(mp_int *a, int nt)
 
         /* Choose a random value for 1 < x < a      */
         MP_CHECKOK(s_mp_pad(&x, USED(a)));
-        mpp_random(&x);
+        MP_CHECKOK((*random)(&x));
         MP_CHECKOK(mp_mod(&x, a, &x));
         if (mp_cmp_d(&x, 1) <= 0) {
             iter--;   /* don't count this iteration */
@@ -404,6 +412,12 @@ mpp_sieve(mp_int *trial, const mp_digit *primes, mp_size nPrimes,
 mp_err
 mpp_make_prime(mp_int *start, mp_size nBits, mp_size strong)
 {
+    return mpp_make_prime_ext_random(start, nBits, strong, mpp_random_insecure);
+}
+
+mp_err
+mpp_make_prime_ext_random(mp_int *start, mp_size nBits, mp_size strong, mpp_random_fn random)
+{
     mp_digit np;
     mp_err res;
     unsigned int i = 0;
@@ -490,7 +504,7 @@ mpp_make_prime(mp_int *start, mp_size nBits, mp_size strong)
 
         FPUTC('+', stderr);
         /* If that passed, run some Miller-Rabin tests  */
-        res = mpp_pprime(&trial, num_tests);
+        res = mpp_pprime_ext_random(&trial, num_tests, random);
         if (res != MP_OKAY) {
             if (res == MP_NO)
                 continue; /* was composite */
@@ -528,7 +542,7 @@ mpp_make_prime(mp_int *start, mp_size nBits, mp_size strong)
         }
 
         /* And test with Miller-Rabin, as with its parent ... */
-        res = mpp_pprime(&q, num_tests);
+        res = mpp_pprime_ext_random(&q, num_tests, random);
         if (res != MP_YES) {
             mp_clear(&q);
             if (res == MP_NO)
diff --git a/security/nss/lib/freebl/mpi/mpprime.h b/security/nss/lib/freebl/mpi/mpprime.h
index acd888d4ac..0bdc6598ce 100644
--- a/security/nss/lib/freebl/mpi/mpprime.h
+++ b/security/nss/lib/freebl/mpi/mpprime.h
@@ -26,6 +26,9 @@ mp_err mpp_divis_d(mp_int *a, mp_digit d);
 mp_err mpp_random(mp_int *a);
 mp_err mpp_random_size(mp_int *a, mp_size prec);
 
+/* Type for a pointer to a user-provided mpp_random implementation */
+typedef mp_err (*mpp_random_fn)(mp_int *);
+
 /* Pseudo-primality testing  */
 mp_err mpp_divis_vector(mp_int *a, const mp_digit *vec, int size, int *which);
 mp_err mpp_divis_primes(mp_int *a, mp_digit *np);
@@ -36,6 +39,10 @@ mp_err mpp_sieve(mp_int *trial, const mp_digit *primes, mp_size nPrimes,
                  unsigned char *sieve, mp_size nSieve);
 mp_err mpp_make_prime(mp_int *start, mp_size nBits, mp_size strong);
 
+/* Pseudo-primality tests using a user-provided mpp_random implementation */
+mp_err mpp_pprime_ext_random(mp_int *a, int nt, mpp_random_fn random);
+mp_err mpp_make_prime_ext_random(mp_int *start, mp_size nBits, mp_size strong, mpp_random_fn random);
+
 SEC_END_PROTOS
 
 #endif /* end _H_MP_PRIME_ */