SCIENTIFIC-LINUX-DEVEL Archives

October 2020

SCIENTIFIC-LINUX-DEVEL@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
nss-3.53.1-3.el7_9 build issues
From:
Patrick Riehecky <[log in to unmask]>
Reply To:
Patrick Riehecky <[log in to unmask]>
Date:
Fri, 2 Oct 2020 15:57:39 +0000
Content-Type:
multipart/mixed
Parts/Attachments:
text/plain (3286 bytes) , nss-3.53.1-3.el7_9_failure.tar.xz (1 MB) 
Anyone out there seen these types of build issues in the past?



IKE CLASS_1563 seems to fail self test.  The other key sizes test out

just fine.



My attempts to trace down why it is raising an error  of

SEC_ERROR_INVALID_ARGS haven't been all that helpful...



It feels like a key sizing issue, but not one I've been able to track

down.





        [----------] 66 tests from FipsDhCases/SoftokenFipsDhValidate

        [ RUN      ] FipsDhCases/SoftokenFipsDhValidate.DhVectors/0

        Test:IKE 1536

        param_type: IKE_APPROVED, key_class: CLASS_1536

        p: [192]

ffffffffffffffffc90fdaa22168c234c4c6628b80dc1cd129024e088a67cc74...

        g: [1] 02

        q: [0]

        pub_key: [0]

        softoken_gtest.cc:553: Failure

        Expected: (nullptr) != (priv_key.get()), actual: (nullptr) vs

NULL

        PK11_GenerateKeyPair failed: SEC_ERROR_INVALID_ARGS

        softoken_gtest.cc:555: Failure

        Expected: (nullptr) != (pub_tmp), actual: (nullptr) vs NULL

        softoken_gtest.cc:897: Failure

        Expected equality of these values:

          SECSuccess

            Which is: 0

          rv

            Which is: -1

        Test(IKE 1536) failed



        <snip>



        [  FAILED  ] FipsDhCases/SoftokenFipsDhValidate.DhVectors/0,

where GetParam() = 112-byte object <44-CF 45-00 00-00 00-00 00-00 00-00 

00-00 00-00 20-4D 46-00 00-00 00-00 C0-00 00-00 00-00 00-00 00-00 00-00 

00-00 00-00 A1-D4 45-00 00-00 00-00 01-00 00-00 00-00 00-00 00-00 00-00 

00-00 00-00 00-00 00-00 00-00 00-00 00-00 00-00 00-00 00-00 00-00 00-00 

00-00 00-00 00-00 00-00 00-00 00-00 00-00 00-00 00-00 00-00 01-00 00-00 

00-00 00-00> (189 ms)

        Test:IKE 1536 with subprime

        param_type: IKE_APPROVED, key_class: CLASS_1536

        p: [192]

ffffffffffffffffc90fdaa22168c234c4c6628b80dc1cd129024e088a67cc74...

        g: [1] 02

        q: [192]

7fffffffffffffffe487ed5110b4611a62633145c06e0e68948127044533e63a...

        pub_key: [0]

        softoken_gtest.cc:553: Failure

        Expected: (nullptr) != (priv_key.get()), actual: (nullptr) vs

NULL

        PK11_GenerateKeyPair failed: SEC_ERROR_INVALID_ARGS

        softoken_gtest.cc:555: Failure

        Expected: (nullptr) != (pub_tmp), actual: (nullptr) vs NULL

        softoken_gtest.cc:897: Failure

        Expected equality of these values:

          SECSuccess

            Which is: 0

          rv

            Which is: -1

        Test(IKE 1536 with subprime) failed

        [  FAILED  ] FipsDhCases/SoftokenFipsDhValidate.DhVectors/11,

where GetParam() = 112-byte object <28-CD 45-00 00-00 00-00 00-00 00-00 

00-00 00-00 20-4D 46-00 00-00 00-00 C0-00 00-00 00-00 00-00 00-00 00-00 

00-00 00-00 A1-D4 45-00 00-00 00-00 01-00 00-00 00-00 00-00 00-00 00-00 

00-00 00-00 60-10 46-00 00-00 00-00 C0-00 00-00 00-00 00-00 00-00 00-00 

00-00 00-00 00-00 00-00 00-00 00-00 00-00 00-00 00-00 00-00 01-00 00-00 

00-00 00-00> (204 ms)





For the curious, I've attached the mock logs.  Note: the extracted

archive content is over 80Mb.



Upstream test patch : 

https://hg.mozilla.org/projects/nss/rev/0be91fa2217a



The nss-3.53.1-3.el7_9 sources can be pulled down from 

https://git.centos.org/rpms/nss/tree/c7 with the centos-git-common

tools.



Pat

ATOM RSS1 RSS2