rpms
/
openssl
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Multiple fixes 

re-enable the stitched AES-CBC-SHA implementations
make AES-GCM work in FIPS mode again
enable TLS-1.2 AES-CCM ciphers in FIPS mode
fix openssl speed errors in FIPS mode
This commit is contained in:
Tomas Mraz 2019-10-03 17:43:23 +02:00
parent 10c30b2322
commit f1c4ba61a3
3 changed files with 178 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
openssl-1.1.1-aes-asm.patch Normal file
View File

@ -0,0 +1,58 @@
commit 61cc715240d2d3f9511ca88043a3e9797c11482f
Author: Richard Levitte <levitte@openssl.org>
Date: Thu Oct 3 08:28:31 2019 +0200
Define AESNI_ASM if AESNI assembler is included, and use it
Because we have cases where basic assembler support isn't present, but
AESNI asssembler support is, we need a separate macro that indicates
that, and use it.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10080)
diff --git a/Configure b/Configure
index 811bee81f5..f498ac2f81 100755
--- a/Configure
+++ b/Configure
@@ -1376,6 +1376,7 @@ unless ($disabled{asm}) {
}
if ($target{aes_asm_src}) {
push @{$config{lib_defines}}, "AES_ASM" if ($target{aes_asm_src} =~ m/\baes-/);;
+ push @{$config{lib_defines}}, "AESNI_ASM" if ($target{aes_asm_src} =~ m/\baesni-/);;
# aes-ctr.fake is not a real file, only indication that assembler
# module implements AES_ctr32_encrypt...
push @{$config{lib_defines}}, "AES_CTR_ASM" if ($target{aes_asm_src} =~ s/\s*aes-ctr\.fake//);
diff --git a/crypto/evp/e_aes_cbc_hmac_sha1.c b/crypto/evp/e_aes_cbc_hmac_sha1.c
index c9f5969162..27c36b46e7 100644
--- a/crypto/evp/e_aes_cbc_hmac_sha1.c
+++ b/crypto/evp/e_aes_cbc_hmac_sha1.c
@@ -33,7 +33,7 @@ typedef struct {
#define NO_PAYLOAD_LENGTH ((size_t)-1)
-#if defined(AES_ASM) && ( \
+#if defined(AESNI_ASM) && ( \
defined(__x86_64) || defined(__x86_64__) || \
defined(_M_AMD64) || defined(_M_X64) )
diff --git a/crypto/evp/e_aes_cbc_hmac_sha256.c b/crypto/evp/e_aes_cbc_hmac_sha256.c
index d5178313ae..cc622b6faa 100644
--- a/crypto/evp/e_aes_cbc_hmac_sha256.c
+++ b/crypto/evp/e_aes_cbc_hmac_sha256.c
@@ -34,7 +34,7 @@ typedef struct {
# define NO_PAYLOAD_LENGTH ((size_t)-1)
-#if defined(AES_ASM) && ( \
+#if defined(AESNI_ASM) && ( \
defined(__x86_64) || defined(__x86_64__) || \
defined(_M_AMD64) || defined(_M_X64) )
@@ -947,4 +947,4 @@ const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha256(void)
{
return NULL;
}
-#endif
+#endif /* AESNI_ASM */

118
openssl-1.1.1-fips.patch
View File

@ -11,8 +11,8 @@ diff -up openssl-1.1.1d/apps/pkcs12.c.fips openssl-1.1.1d/apps/pkcs12.c
int cert_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
# endif
diff -up openssl-1.1.1d/apps/speed.c.fips openssl-1.1.1d/apps/speed.c
--- openssl-1.1.1d/apps/speed.c.fips 2019-09-13 15:13:11.008525884 +0200
+++ openssl-1.1.1d/apps/speed.c 2019-09-13 15:13:11.022525640 +0200
--- openssl-1.1.1d/apps/speed.c.fips 2019-10-03 16:51:22.019915908 +0200
+++ openssl-1.1.1d/apps/speed.c 2019-10-03 17:40:09.909994582 +0200
@@ -1595,7 +1595,8 @@ int speed_main(int argc, char **argv)
continue;
if (strcmp(*argv, "rsa") == 0) {
@ -60,7 +60,7 @@ diff -up openssl-1.1.1d/apps/speed.c.fips openssl-1.1.1d/apps/speed.c
eddsa_doit[i] = 2;
continue;
}
@@ -1737,23 +1742,30 @@ int speed_main(int argc, char **argv)
@@ -1737,23 +1742,31 @@ int speed_main(int argc, char **argv)
/* No parameters; turn on everything. */
if ((argc == 0) && !doit[D_EVP]) {
for (i = 0; i < ALGOR_NUM; i++)
@ -87,16 +87,18 @@ diff -up openssl-1.1.1d/apps/speed.c.fips openssl-1.1.1d/apps/speed.c
for (loop = 0; loop < OSSL_NELEM(ecdsa_doit); loop++)
ecdsa_doit[loop] = 1;
for (loop = 0; loop < OSSL_NELEM(ecdh_doit); loop++)
ecdh_doit[loop] = 1;
- ecdh_doit[loop] = 1;
- for (loop = 0; loop < OSSL_NELEM(eddsa_doit); loop++)
- eddsa_doit[loop] = 1;
+ if(!FIPS_mode() || (loop != R_EC_X25519 && loop != R_EC_X448))
+ ecdh_doit[loop] = 1;
+ if (!FIPS_mode())
+ for (loop = 0; loop < OSSL_NELEM(eddsa_doit); loop++)
+ eddsa_doit[loop] = 1;
#endif
}
for (i = 0; i < ALGOR_NUM; i++)
@@ -1801,30 +1813,46 @@ int speed_main(int argc, char **argv)
@@ -1801,30 +1814,46 @@ int speed_main(int argc, char **argv)
AES_set_encrypt_key(key24, 192, &aes_ks2);
AES_set_encrypt_key(key32, 256, &aes_ks3);
#ifndef OPENSSL_NO_CAMELLIA
@ -153,7 +155,7 @@ diff -up openssl-1.1.1d/apps/speed.c.fips openssl-1.1.1d/apps/speed.c
#endif
#ifndef SIGALRM
# ifndef OPENSSL_NO_DES
@@ -2122,6 +2150,7 @@ int speed_main(int argc, char **argv)
@@ -2122,6 +2151,7 @@ int speed_main(int argc, char **argv)
for (i = 0; i < loopargs_len; i++) {
loopargs[i].hctx = HMAC_CTX_new();
@ -461,7 +463,7 @@ diff -up openssl-1.1.1d/crypto/dsa/dsa_gen.c.fips openssl-1.1.1d/crypto/dsa/dsa_
+ goto err;
+ }
+
+ if (FIPS_mode() && (L != 1024 || N != 160) &&
+ if (FIPS_mode() &&
+ (L != 2048 || N != 224) && (L != 2048 || N != 256) &&
+ (L != 3072 || N != 256)) {
+ DSAerr(DSA_F_DSA_BUILTIN_PARAMGEN2, DSA_R_KEY_SIZE_INVALID);
@ -11368,6 +11370,108 @@ diff -up openssl-1.1.1d/include/openssl/rsaerr.h.fips openssl-1.1.1d/include/ope
# define RSA_R_UNSUPPORTED_SIGNATURE_TYPE 155
# define RSA_R_VALUE_MISSING 147
# define RSA_R_WRONG_SIGNATURE_LENGTH 119
diff -up openssl-1.1.1d/ssl/s3_lib.c.fips openssl-1.1.1d/ssl/s3_lib.c
--- openssl-1.1.1d/ssl/s3_lib.c.fips 2019-09-10 15:13:07.000000000 +0200
+++ openssl-1.1.1d/ssl/s3_lib.c 2019-10-03 16:53:51.140362311 +0200
@@ -43,7 +43,7 @@ static SSL_CIPHER tls13_ciphers[] = {
SSL_AEAD,
TLS1_3_VERSION, TLS1_3_VERSION,
0, 0,
- SSL_HIGH,
+ SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_SHA256,
128,
128,
@@ -58,7 +58,7 @@ static SSL_CIPHER tls13_ciphers[] = {
SSL_AEAD,
TLS1_3_VERSION, TLS1_3_VERSION,
0, 0,
- SSL_HIGH,
+ SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_SHA384,
256,
256,
@@ -92,7 +92,7 @@ static SSL_CIPHER tls13_ciphers[] = {
SSL_AEAD,
TLS1_3_VERSION, TLS1_3_VERSION,
0, 0,
- SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_SHA256,
128,
128,
@@ -634,7 +634,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
SSL_AEAD,
TLS1_2_VERSION, TLS1_2_VERSION,
DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
128,
128,
@@ -650,7 +650,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
SSL_AEAD,
TLS1_2_VERSION, TLS1_2_VERSION,
DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
256,
256,
@@ -666,7 +666,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
SSL_AEAD,
TLS1_2_VERSION, TLS1_2_VERSION,
DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
128,
128,
@@ -682,7 +682,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
SSL_AEAD,
TLS1_2_VERSION, TLS1_2_VERSION,
DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
256,
256,
@@ -794,7 +794,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
SSL_AEAD,
TLS1_2_VERSION, TLS1_2_VERSION,
DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
128,
128,
@@ -810,7 +810,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
SSL_AEAD,
TLS1_2_VERSION, TLS1_2_VERSION,
DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
256,
256,
@@ -890,7 +890,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
SSL_AEAD,
TLS1_2_VERSION, TLS1_2_VERSION,
DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
128,
128,
@@ -906,7 +906,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
SSL_AEAD,
TLS1_2_VERSION, TLS1_2_VERSION,
DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
256,
256,
diff -up openssl-1.1.1d/ssl/ssl_ciph.c.fips openssl-1.1.1d/ssl/ssl_ciph.c
--- openssl-1.1.1d/ssl/ssl_ciph.c.fips 2019-09-13 15:13:11.019525692 +0200
+++ openssl-1.1.1d/ssl/ssl_ciph.c 2019-09-13 15:13:11.068524836 +0200

10
openssl.spec
View File

@ -22,7 +22,7 @@
Summary: Utilities from the general purpose cryptography library with TLS implementation
Name: openssl
Version: 1.1.1d
Release: 1%{?dist}
Release: 2%{?dist}
Epoch: 1
# We have to remove certain patented algorithms from the openssl source
# tarball with the hobble-openssl script which is included below.
@ -67,6 +67,7 @@ Patch51: openssl-1.1.1-upstream-sync.patch
Patch52: openssl-1.1.1-s390x-update.patch
Patch53: openssl-1.1.1-fips-crng-test.patch
Patch54: openssl-1.1.1-regression-fixes.patch
Patch55: openssl-1.1.1-aes-asm.patch
License: OpenSSL
URL: http://www.openssl.org/
@ -168,6 +169,7 @@ cp %{SOURCE13} test/
%patch52 -p1 -b .s390x-update
%patch53 -p1 -b .crng-test
%patch54 -p1 -b .regression
%patch55 -p1 -b .aes-asm
%build
@ -454,6 +456,12 @@ export LD_LIBRARY_PATH
%ldconfig_scriptlets libs
%changelog
* Thu Oct 3 2019 Tomáš Mráz <tmraz@redhat.com> 1.1.1d-2
- re-enable the stitched AES-CBC-SHA implementations
- make AES-GCM work in FIPS mode again
- enable TLS-1.2 AES-CCM ciphers in FIPS mode
- fix openssl speed errors in FIPS mode
* Fri Sep 13 2019 Tomáš Mráz <tmraz@redhat.com> 1.1.1d-1
- update to the 1.1.1d release