bug 1182742 - allow users to override small key size errors r=rbarnes
authorDavid Keeler <dkeeler@mozilla.com>
Mon, 11 Apr 2016 13:45:47 -0700
changeset 332225 280b570936bb
parent 332224 fc8b1d87af43
child 332226 e91f473726bc
push id6048
push userkmoir@mozilla.com
push dateMon, 06 Jun 2016 19:02:08 +0000
treeherdermozilla-beta@46d72a56c57d [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersrbarnes
bugs1182742
milestone48.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
bug 1182742 - allow users to override small key size errors r=rbarnes Key size enforcement for TLS certificates happens at two levels: PSM and NSS. PSM enforces a minimum of 1024 bits. NSS enforces a minimum of 1023 bits by default. The NSS error is not overridable, but the PSM error is. This change allows users to connect to devices with small RSA keys (as little as 512 bits) using the certificate error override functionality. MozReview-Commit-ID: 2TZ8c4I3hXC
config/external/nss/nss.symbols
security/manager/ssl/nsNSSComponent.cpp
security/manager/ssl/tests/unit/test_cert_overrides.js
--- a/config/external/nss/nss.symbols
+++ b/config/external/nss/nss.symbols
@@ -263,16 +263,17 @@ NSS_Get_SECOID_AlgorithmIDTemplate_Util
 NSS_Get_SEC_SignedCertificateTemplate
 NSS_Get_SEC_UTF8StringTemplate
 NSS_Get_SEC_UTF8StringTemplate_Util
 NSS_GetVersion
 NSS_Init
 NSS_Initialize
 NSS_InitWithMerge
 NSS_IsInitialized
+NSS_OptionSet
 NSS_NoDB_Init
 NSS_SecureMemcmp
 NSS_SetAlgorithmPolicy
 NSS_SetDomesticPolicy
 NSS_Shutdown
 NSSSMIME_GetVersion
 NSS_SMIMESignerInfo_SaveSMIMEProfile
 NSS_SMIMEUtil_FindBulkAlgForRecipients
--- a/security/manager/ssl/nsNSSComponent.cpp
+++ b/security/manager/ssl/nsNSSComponent.cpp
@@ -2132,14 +2132,21 @@ InitializeCipherSuite()
   SEC_PKCS12EnableCipher(PKCS12_RC4_128, 1);
   SEC_PKCS12EnableCipher(PKCS12_RC2_CBC_40, 1);
   SEC_PKCS12EnableCipher(PKCS12_RC2_CBC_128, 1);
   SEC_PKCS12EnableCipher(PKCS12_DES_56, 1);
   SEC_PKCS12EnableCipher(PKCS12_DES_EDE3_168, 1);
   SEC_PKCS12SetPreferredCipher(PKCS12_DES_EDE3_168, 1);
   PORT_SetUCS2_ASCIIConversionFunction(pip_ucs2_ascii_conversion_fn);
 
+  // PSM enforces a minimum RSA key size of 1024 bits, which is overridable.
+  // NSS has its own minimum, which is not overridable (the default is 1023
+  // bits). This sets the NSS minimum to 512 bits so users can still connect to
+  // devices like wifi routers with woefully small keys (they would have to add
+  // an override to do so, but they already do for such devices).
+  NSS_OptionSet(NSS_RSA_MIN_KEY_SIZE, 512);
+
   // Observe preference change around cipher suite setting.
   return CipherSuiteChangeObserver::StartObserve();
 }
 
 } // namespace psm
 } // namespace mozilla
--- a/security/manager/ssl/tests/unit/test_cert_overrides.js
+++ b/security/manager/ssl/tests/unit/test_cert_overrides.js
@@ -36,17 +36,17 @@ function check_telemetry() {
   equal(histogram.counts[9], 10,
         "Actual and expected SSL_ERROR_BAD_CERT_DOMAIN counts should match");
   equal(histogram.counts[10], 5,
         "Actual and expected SEC_ERROR_EXPIRED_CERTIFICATE counts should match");
   equal(histogram.counts[11], 2,
         "Actual and expected MOZILLA_PKIX_ERROR_CA_CERT_USED_AS_END_ENTITY counts should match");
   equal(histogram.counts[12], 1,
         "Actual and expected MOZILLA_PKIX_ERROR_V1_CERT_USED_AS_CA counts should match");
-  equal(histogram.counts[13], 0,
+  equal(histogram.counts[13], 1,
         "Actual and expected MOZILLA_PKIX_ERROR_INADEQUATE_KEY_SIZE counts should match");
   equal(histogram.counts[14], 2,
         "Actual and expected MOZILLA_PKIX_ERROR_NOT_YET_VALID_CERTIFICATE counts should match");
   equal(histogram.counts[15], 1,
         "Actual and expected MOZILLA_PKIX_ERROR_NOT_YET_VALID_ISSUER_CERTIFICATE counts should match");
   equal(histogram.counts[16], 2,
         "Actual and expected SEC_ERROR_INVALID_TIME counts should match");
 
@@ -227,21 +227,20 @@ function add_simple_tests() {
   });
 
   // Due to compatibility issues, we allow overrides for certificates issued by
   // certificates that are not valid CAs.
   add_cert_override_test("end-entity-issued-by-non-CA.example.com",
                          Ci.nsICertOverrideService.ERROR_UNTRUSTED,
                          SEC_ERROR_CA_CERT_INVALID);
 
-  // This host presents a 1016-bit RSA key. NSS determines this key is too
-  // small and terminates the connection. The error is not overridable.
-  add_prevented_cert_override_test("inadequate-key-size-ee.example.com",
-                                   Ci.nsICertOverrideService.ERROR_UNTRUSTED,
-                                   SSL_ERROR_WEAK_SERVER_CERT_KEY);
+  // This host presents a 1016-bit RSA key.
+  add_cert_override_test("inadequate-key-size-ee.example.com",
+                         Ci.nsICertOverrideService.ERROR_UNTRUSTED,
+                         MOZILLA_PKIX_ERROR_INADEQUATE_KEY_SIZE);
 
   add_cert_override_test("ipAddressAsDNSNameInSAN.example.com",
                          Ci.nsICertOverrideService.ERROR_MISMATCH,
                          SSL_ERROR_BAD_CERT_DOMAIN);
   add_cert_override_test("noValidNames.example.com",
                          Ci.nsICertOverrideService.ERROR_MISMATCH,
                          SSL_ERROR_BAD_CERT_DOMAIN,
                          /The certificate is not valid for the name noValidNames\.example\.com/);