Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-59577

Incorrect indicators for ECDH

XMLWordPrintable

    • No
    • Low
    • ZStream
    • 1
    • rhel-sst-security-crypto
    • ssg_security
    • 21
    • 23
    • 1
    • False
    • Hide

      None

      Show
      None
    • No
    • Crypto24Q4
    • Approved Blocker
    • Hide

      AC1) Patch review - indicators are present

      AC2) (Optional) Lab runs their testing for indicators and confirms there are no issues found.

      Show
      AC1) Patch review - indicators are present AC2) (Optional) Lab runs their testing for indicators and confirms there are no issues found.
    • None
    • Not Needed
    • RegressionOnly
    • Unspecified Release Note Type - Unknown
    • All
    • None

      With the addition of ECCurve_Ed25519 in version 3.101.0-7 of the code I can now see an incorrect indicator set for CKM_ECDH1_*_DERIVE services using this curve. NSS is currently setting an approved indicator for it and the use of this curve is currently non-approved.

      I believe that the reason lies in the fact that the sftk_getKeyLength() function, which is the one supposed to filter only approved curves, is only checking curves of type CKK_EC:

      nss/lib/softoken/pkcs11u.c:sftk_getKeyLength():

      if (keyType == CKK_EC) {
        SECOidTag curve = sftk_quickGetECCCurveOid(source);
        switch (curve) {
            case SEC_OID_CURVE25519:
                /* change when we start algorithm testing on curve25519 */
                return 0;

      Keys for curve ECCurve_Ed25519 are not of type CKK_EC and I believe are escaping this check.

              fkrenzel František Krenželok
              omoris Ondrej Moris
              Robert Relyea Robert Relyea
              Alexander Sosedkin Alexander Sosedkin
              Votes:
              0 Vote for this issue
              Watchers:
              9 Start watching this issue

                Created:
                Updated: