Bug 1576307 - Fixup for fips tests, permit NULL iv as necessary. r=jcj
authorKevin Jacobs <kjacobs@mozilla.com>
Thu, 03 Oct 2019 00:23:47 +0000
changeset 15326 dc86215aea17672228b28cf3516da89a751cc24d
parent 15317 53d92a32408049038f450aa747b0030607988230
child 15327 b34061c3a377061f9508615551c09c5f5b66d144
push id3525
push userjjones@mozilla.com
push dateThu, 03 Oct 2019 00:24:37 +0000
reviewersjcj
bugs1576307
Bug 1576307 - Fixup for fips tests, permit NULL iv as necessary. r=jcj ECB mode should not require an IV. Differential Revision: https://phabricator.services.mozilla.com/D47990
gtests/pk11_gtest/pk11_cbc_unittest.cc
lib/softoken/pkcs11c.c
--- a/gtests/pk11_gtest/pk11_cbc_unittest.cc
+++ b/gtests/pk11_gtest/pk11_cbc_unittest.cc
@@ -278,41 +278,30 @@ TEST_F(Pkcs11CbcPadTest, FailEncryptShor
   reinterpret_cast<CK_GCM_PARAMS*>(param.data)->ulIvLen = 12;
   reinterpret_cast<CK_GCM_PARAMS*>(param.data)->pAAD = nullptr;
   reinterpret_cast<CK_GCM_PARAMS*>(param.data)->ulAADLen = 0;
   reinterpret_cast<CK_GCM_PARAMS*>(param.data)->ulTagBits = 128;
   rv = PK11_Encrypt(key.get(), CKM_AES_GCM, &param, encrypted, &encrypted_len,
                     sizeof(encrypted), kInput, input_len);
   EXPECT_EQ(SECSuccess, rv);
 
-  // CBC (and the below modes) should have a 16B IV
+  // CBC should have a 16B IV
   param.len = AES_BLOCK_SIZE - 1;
   rv = PK11_Encrypt(key.get(), CKM_AES_CBC, &param, encrypted, &encrypted_len,
                     sizeof(encrypted), kInput, input_len);
   EXPECT_EQ(SECFailure, rv);
 
   param.len++;
   rv = PK11_Encrypt(key.get(), CKM_AES_CBC, &param, encrypted, &encrypted_len,
                     sizeof(encrypted), kInput, input_len);
   EXPECT_EQ(SECSuccess, rv);
 
-  // ECB
-  param.len = AES_BLOCK_SIZE - 1;
-  rv = PK11_Encrypt(key.get(), CKM_AES_CBC, &param, encrypted, &encrypted_len,
-                    sizeof(encrypted), kInput, input_len);
-  EXPECT_EQ(SECFailure, rv);
-
-  param.len++;
-  rv = PK11_Encrypt(key.get(), CKM_AES_ECB, &param, encrypted, &encrypted_len,
-                    sizeof(encrypted), kInput, input_len);
-  EXPECT_EQ(SECSuccess, rv);
-
   // CTS
   param.len = AES_BLOCK_SIZE - 1;
-  rv = PK11_Encrypt(key.get(), CKM_AES_CBC, &param, encrypted, &encrypted_len,
+  rv = PK11_Encrypt(key.get(), CKM_AES_CTS, &param, encrypted, &encrypted_len,
                     sizeof(encrypted), kInput, input_len);
   EXPECT_EQ(SECFailure, rv);
 
   param.len++;
   rv = PK11_Encrypt(key.get(), CKM_AES_CTS, &param, encrypted, &encrypted_len,
                     sizeof(encrypted), kInput, input_len);
   EXPECT_EQ(SECSuccess, rv);
 }
--- a/lib/softoken/pkcs11c.c
+++ b/lib/softoken/pkcs11c.c
@@ -1131,20 +1131,19 @@ sftk_CryptInit(CK_SESSION_HANDLE hSessio
             context->doPad = PR_TRUE;
         /* fall thru */
         case CKM_AES_ECB:
         case CKM_AES_CBC:
             context->blockSize = 16;
         case CKM_AES_CTS:
         case CKM_AES_CTR:
         case CKM_AES_GCM:
-            /* Note the catch-all only applies to the above cases */
             if ((pMechanism->mechanism == CKM_AES_GCM && BAD_PARAM_CAST(pMechanism, sizeof(CK_GCM_PARAMS))) ||
                 (pMechanism->mechanism == CKM_AES_CTR && BAD_PARAM_CAST(pMechanism, sizeof(CK_AES_CTR_PARAMS))) ||
-                BAD_PARAM_CAST(pMechanism, AES_BLOCK_SIZE) /* Cast target is an IV */) {
+                ((pMechanism->mechanism == CKM_AES_CBC || pMechanism->mechanism == CKM_AES_CTS) && BAD_PARAM_CAST(pMechanism, AES_BLOCK_SIZE))) {
                 crv = CKR_MECHANISM_PARAM_INVALID;
                 break;
             }
 
             if (pMechanism->mechanism == CKM_AES_GCM) {
                 context->multi = PR_FALSE;
             }
             if (key_type != CKK_AES) {