When FIPS is enabled, do verification of detached signatures on a separate thread

to prevent dead-locking the front end thread.
2024-10-11 04:15:43 +00:00 · 2000-06-27 21:55:59 +00:00 · 2000-06-27 21:55:59 +00:00 · 53ce1bbd54
commit 53ce1bbd54
parent 6f36e68677
2 changed files with 72 additions and 47 deletions
--- a/security/psm/server/ctrlconn.c
+++ b/security/psm/server/ctrlconn.c
@ -61,6 +61,7 @@
 #include "profile.h"
 #include "prefs.h"
 #include "ocsp.h"
+#include "msgthread.h"

 #ifdef XP_MAC
 #include "macshell.h"
@ -2018,6 +2019,56 @@ SSMControlConnection_ProcessResourceRequest(SSMControlConnection * ctrl,
    return rv;
 }

+static SSMStatus ssm_verifydetachedthread(SSMControlConnection *ctrl,
+                                          SECItem *msg)
+{
+    VerifyDetachedSigRequest request;
+    SingleNumMessage reply;
+	SSMP7ContentInfo *ci;
+    SSMStatus rv;
+    
+    SSM_DEBUG("Processing Verify Detached Signature request.\n");
+    if (CMT_DecodeMessage(VerifyDetachedSigRequestTemplate, &request, 
+                          (CMTItem*)msg) != CMTSuccess) {
+        rv = SSM_FAILURE;
+    } else {
+        rv = SSM_SUCCESS;
+    }
+    msg->data = NULL;
+    
+    if (rv == SSM_SUCCESS) {
+        
+        /* Get the content info resource, if it exists. */
+        rv = SSMControlConnection_GetResource(ctrl, request.pkcs7ContentID,
+                                              (SSMResource **) &ci);
+    }
+    
+    if (rv == SSM_SUCCESS) {
+        
+        PR_ASSERT(SSM_IsAKindOf(&ci->super, SSM_RESTYPE_PKCS7_CONTENT_INFO));
+        SSM_DEBUG("Found content info (%s at %ld).\n",
+                  SSM_ResourceClassName(&ci->super),
+                  ci->super.m_id);
+        rv = SSMP7ContentInfo_VerifyDetachedSignature(ci,
+                                             (SECCertUsage)request.certUsage,
+                                             (HASH_HashType) request.hashAlgID,
+                                             (PRBool) request.keepCert, 
+                                             (PRIntn) request.hash.len,
+											 (char *)request.hash.data);
+        SSM_DEBUG("VerifyDetachedSig rv = %d.\n", rv);
+    }
+    msg->type = (SECItemType) (SSM_OBJECT_SIGNING | SSM_VERIFY_DETACHED_SIG |
+                               SSM_REPLY_OK_MESSAGE);
+    if (rv != SSM_SUCCESS) {
+        reply.value = PR_GetError();
+    } else {
+        reply.value = 0;
+    }
+    CMT_EncodeMessage(SingleNumMessageTemplate, (CMTItem*)msg, &reply);
+    ssmcontrolconnection_send_message_to_client(ctrl, msg);
+    return SSM_SUCCESS;
+}
+
 SSMStatus
 SSMControlConnection_ProcessSigningRequest(SSMControlConnection *ctrl, 
 										   SECItem *msg)
@ -2035,48 +2086,22 @@ SSMControlConnection_ProcessSigningRequest(SSMControlConnection *ctrl,
 	{
 	case SSM_VERIFY_DETACHED_SIG:
        {
-        VerifyDetachedSigRequest request;
-        SingleNumMessage reply;
-
-        SSM_DEBUG("Processing Verify Detached Signature request.\n");
-        if (CMT_DecodeMessage(VerifyDetachedSigRequestTemplate, &request, (CMTItem*)msg) != CMTSuccess) {
-            rv = PR_FAILURE;
-        } else {
-            rv = PR_SUCCESS;
-        }
-		msg->data = NULL;
-
-		if (rv == PR_SUCCESS)
-		{
-			/* Get the content info resource, if it exists. */
-			rv = SSMControlConnection_GetResource(ctrl, request.pkcs7ContentID,
-                                                  (SSMResource **) &ci);
-		}
-
-		if (rv == PR_SUCCESS)
-		{
-			PR_ASSERT(SSM_IsAKindOf(&ci->super, SSM_RESTYPE_PKCS7_CONTENT_INFO));
-            SSM_DEBUG("Found content info (%s at %ld).\n",
-                      SSM_ResourceClassName(&ci->super),
-                      ci->super.m_id);
-			rv = SSMP7ContentInfo_VerifyDetachedSignature(ci,
-														  (SECCertUsage) request.certUsage,
-														  (HASH_HashType) request.hashAlgID,
-														  (PRBool) request.keepCert, 
-														  (PRIntn) request.hash.len,
-														  (char *)request.hash.data);
-            SSM_DEBUG("VerifyDetachedSig rv = %d.\n", rv);
-		}
-        msg->type = (SECItemType) (SSM_OBJECT_SIGNING | SSM_VERIFY_DETACHED_SIG
-               | SSM_REPLY_OK_MESSAGE);
-		if (rv != SSM_SUCCESS) {
-			reply.value = PR_GetError();
-		} else {
-			reply.value = 0;
-		}
-        CMT_EncodeMessage(SingleNumMessageTemplate, (CMTItem*)msg, &reply);
-
-		return SSM_SUCCESS;
+            if (PK11_IsFIPS()) {
+                /*
+                 * When FIPS is enabled, we want to do the verification on a
+                 * separate thread so that we don't block the front end 
+                 * thread when the password response comes back
+                 */
+                rv = SSM_ProcessMsgOnThread(ssm_verifydetachedthread,
+                                            ctrl, msg);
+            } else {
+                rv = ssm_verifydetachedthread(ctrl, msg);
+            }
+            if (rv == SSM_SUCCESS) {
+                return SSM_ERR_DEFER_RESPONSE;
+            } else {
+                return SSM_FAILURE;
+            }
        }
 		break;
    case SSM_CREATE_SIGNED:
--- a/security/psm/server/p7cinfo.c
+++ b/security/psm/server/p7cinfo.c
@ -256,11 +256,11 @@ SSMP7ContentInfo_GetAttr(SSMResource *res,
 }

 SSMStatus SSMP7ContentInfo_VerifyDetachedSignature(SSMP7ContentInfo *ci,
-						  SECCertUsage usage,
-						  HASH_HashType hash,
-						  PRBool keepCerts,
-						  PRIntn digestLen,
-						  char *detachedDigest)
+                                                   SECCertUsage usage,
+                                                   HASH_HashType hash,
+                                                   PRBool keepCerts,
+                                                   PRIntn digestLen,
+                                                   char *detachedDigest)
 {
 	SSMStatus rv = PR_FAILURE;
 	SECItem digest;