Compare commits
No commits in common. "167e0dd6944f0f6e15c8cc0c2714dee055856c6e" and "4855397272f7585ea8fa9f9659a7d4e410bd7a65" have entirely different histories.
167e0dd694
...
4855397272
3
.gitignore
vendored
3
.gitignore
vendored
@ -1,5 +1,6 @@
|
|||||||
.build*.log
|
.build*.log
|
||||||
clog
|
clog
|
||||||
|
000*.patch
|
||||||
*.src.rpm
|
*.src.rpm
|
||||||
openssl-1.0.0a-usa.tar.bz2
|
openssl-1.0.0a-usa.tar.bz2
|
||||||
/openssl-1.0.0b-usa.tar.bz2
|
/openssl-1.0.0b-usa.tar.bz2
|
||||||
@ -55,5 +56,3 @@ openssl-1.0.0a-usa.tar.bz2
|
|||||||
/openssl-3.0.2-hobbled.tar.gz
|
/openssl-3.0.2-hobbled.tar.gz
|
||||||
/openssl-3.0.3-hobbled.tar.gz
|
/openssl-3.0.3-hobbled.tar.gz
|
||||||
/openssl-3.0.5-hobbled.tar.xz
|
/openssl-3.0.5-hobbled.tar.xz
|
||||||
/openssl-3.0.7-hobbled.tar.gz
|
|
||||||
/openssl-3.0.8-hobbled.tar.gz
|
|
||||||
|
@ -272,9 +272,9 @@ index 404a706fab..e81fa9ec3e 100644
|
|||||||
--- a/util/libcrypto.num
|
--- a/util/libcrypto.num
|
||||||
+++ b/util/libcrypto.num
|
+++ b/util/libcrypto.num
|
||||||
@@ -5282,3 +5282,4 @@ OSSL_DECODER_CTX_set_input_structure ? 3_0_0 EXIST::FUNCTION:
|
@@ -5282,3 +5282,4 @@ OSSL_DECODER_CTX_set_input_structure ? 3_0_0 EXIST::FUNCTION:
|
||||||
|
EVP_PKEY_CTX_get0_provider 5555 3_0_0 EXIST::FUNCTION:
|
||||||
OPENSSL_strcasecmp 5556 3_0_3 EXIST::FUNCTION:
|
OPENSSL_strcasecmp 5556 3_0_3 EXIST::FUNCTION:
|
||||||
OPENSSL_strncasecmp 5557 3_0_3 EXIST::FUNCTION:
|
OPENSSL_strncasecmp 5557 3_0_3 EXIST::FUNCTION:
|
||||||
OSSL_CMP_CTX_reset_geninfo_ITAVs 5558 3_0_8 EXIST::FUNCTION:CMP
|
|
||||||
+ossl_safe_getenv ? 3_0_0 EXIST::FUNCTION:
|
+ossl_safe_getenv ? 3_0_0 EXIST::FUNCTION:
|
||||||
--
|
--
|
||||||
2.26.2
|
2.26.2
|
||||||
|
@ -12,12 +12,24 @@ default context.
|
|||||||
3 files changed, 39 insertions(+)
|
3 files changed, 39 insertions(+)
|
||||||
create mode 100644 include/openssl/fips.h
|
create mode 100644 include/openssl/fips.h
|
||||||
|
|
||||||
|
diff --git a/include/openssl/crypto.h.in b/include/openssl/crypto.h.in
|
||||||
|
index 1036da9a2b..9d4896fcaf 100644
|
||||||
|
--- a/include/openssl/crypto.h.in
|
||||||
|
+++ b/include/openssl/crypto.h.in
|
||||||
|
@@ -38,6 +38,7 @@ use OpenSSL::stackhash qw(generate_stack_macros);
|
||||||
|
# include <openssl/opensslconf.h>
|
||||||
|
# include <openssl/cryptoerr.h>
|
||||||
|
# include <openssl/core.h>
|
||||||
|
+# include <openssl/fips.h>
|
||||||
|
|
||||||
|
# ifdef CHARSET_EBCDIC
|
||||||
|
# include <openssl/ebcdic.h>
|
||||||
diff --git a/include/openssl/fips.h b/include/openssl/fips.h
|
diff --git a/include/openssl/fips.h b/include/openssl/fips.h
|
||||||
new file mode 100644
|
new file mode 100644
|
||||||
index 0000000000..c64f0f8e8f
|
index 0000000000..c64f0f8e8f
|
||||||
--- /dev/null
|
--- /dev/null
|
||||||
+++ b/include/openssl/fips.h
|
+++ b/include/openssl/fips.h
|
||||||
@@ -0,0 +1,26 @@
|
@@ -0,0 +1,25 @@
|
||||||
+/*
|
+/*
|
||||||
+ * Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
|
+ * Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
+ *
|
+ *
|
||||||
@ -31,7 +43,6 @@ index 0000000000..c64f0f8e8f
|
|||||||
+# define OPENSSL_FIPS_H
|
+# define OPENSSL_FIPS_H
|
||||||
+# pragma once
|
+# pragma once
|
||||||
+
|
+
|
||||||
+# include <openssl/evp.h>
|
|
||||||
+# include <openssl/macros.h>
|
+# include <openssl/macros.h>
|
||||||
+
|
+
|
||||||
+# ifdef __cplusplus
|
+# ifdef __cplusplus
|
||||||
@ -47,11 +58,10 @@ index 0000000000..c64f0f8e8f
|
|||||||
diff -up openssl-3.0.0-beta1/test/property_test.c.fips-macro openssl-3.0.0-beta1/test/property_test.c
|
diff -up openssl-3.0.0-beta1/test/property_test.c.fips-macro openssl-3.0.0-beta1/test/property_test.c
|
||||||
--- openssl-3.0.0-beta1/test/property_test.c.fips-macro 2021-06-29 12:14:58.851557698 +0200
|
--- openssl-3.0.0-beta1/test/property_test.c.fips-macro 2021-06-29 12:14:58.851557698 +0200
|
||||||
+++ openssl-3.0.0-beta1/test/property_test.c 2021-06-29 12:17:14.630143832 +0200
|
+++ openssl-3.0.0-beta1/test/property_test.c 2021-06-29 12:17:14.630143832 +0200
|
||||||
@@ -488,6 +488,19 @@ static int test_property_list_to_string(
|
@@ -488,6 +488,18 @@ static int test_property_list_to_string(
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
+#include <openssl/fips.h>
|
|
||||||
+static int test_downstream_FIPS_mode(void)
|
+static int test_downstream_FIPS_mode(void)
|
||||||
+{
|
+{
|
||||||
+ int ret = 0;
|
+ int ret = 0;
|
||||||
|
@ -2,8 +2,8 @@ diff -up openssl-3.0.0-alpha13/crypto/context.c.kernel-fips openssl-3.0.0-alpha1
|
|||||||
--- openssl-3.0.0-alpha13/crypto/context.c.kernel-fips 2021-03-16 00:09:55.814826432 +0100
|
--- openssl-3.0.0-alpha13/crypto/context.c.kernel-fips 2021-03-16 00:09:55.814826432 +0100
|
||||||
+++ openssl-3.0.0-alpha13/crypto/context.c 2021-03-16 00:15:55.129043811 +0100
|
+++ openssl-3.0.0-alpha13/crypto/context.c 2021-03-16 00:15:55.129043811 +0100
|
||||||
@@ -12,11 +12,46 @@
|
@@ -12,11 +12,46 @@
|
||||||
|
#include "internal/provider.h"
|
||||||
#include "crypto/ctype.h"
|
#include "crypto/ctype.h"
|
||||||
#include "crypto/rand.h"
|
|
||||||
|
|
||||||
+# include <sys/types.h>
|
+# include <sys/types.h>
|
||||||
+# include <sys/stat.h>
|
+# include <sys/stat.h>
|
||||||
|
@ -5011,15 +5011,3 @@ diff -up openssl-3.0.0-beta1/test/recipes/30-test_evp_data/evppkey_ecc.txt.remov
|
|||||||
Title=prime256v1 curve tests
|
Title=prime256v1 curve tests
|
||||||
|
|
||||||
PrivateKey=ALICE_cf_prime256v1
|
PrivateKey=ALICE_cf_prime256v1
|
||||||
diff -up openssl-3.0.7/test/recipes/15-test_ec.t.skipshort openssl-3.0.7/test/recipes/15-test_ec.t
|
|
||||||
--- openssl-3.0.7/test/recipes/15-test_ec.t.skipshort 2022-11-23 12:40:55.324395782 +0100
|
|
||||||
+++ openssl-3.0.7/test/recipes/15-test_ec.t 2022-11-23 12:42:12.478094387 +0100
|
|
||||||
@@ -90,7 +90,7 @@ subtest 'Ed448 conversions -- public key
|
|
||||||
|
|
||||||
subtest 'Check loading of fips and non-fips keys' => sub {
|
|
||||||
plan skip_all => "FIPS is disabled"
|
|
||||||
- if $no_fips;
|
|
||||||
+ if 1; #Red Hat specific, original value is $no_fips;
|
|
||||||
|
|
||||||
plan tests => 2;
|
|
||||||
|
|
||||||
|
@ -7,14 +7,6 @@
|
|||||||
diff -up openssl-3.0.1/crypto/provider_conf.c.fipsact openssl-3.0.1/crypto/provider_conf.c
|
diff -up openssl-3.0.1/crypto/provider_conf.c.fipsact openssl-3.0.1/crypto/provider_conf.c
|
||||||
--- openssl-3.0.1/crypto/provider_conf.c.fipsact 2022-05-12 12:44:31.199034948 +0200
|
--- openssl-3.0.1/crypto/provider_conf.c.fipsact 2022-05-12 12:44:31.199034948 +0200
|
||||||
+++ openssl-3.0.1/crypto/provider_conf.c 2022-05-12 12:49:17.468318373 +0200
|
+++ openssl-3.0.1/crypto/provider_conf.c 2022-05-12 12:49:17.468318373 +0200
|
||||||
@@ -10,6 +10,7 @@
|
|
||||||
#include <string.h>
|
|
||||||
#include <openssl/trace.h>
|
|
||||||
#include <openssl/err.h>
|
|
||||||
+#include <openssl/evp.h>
|
|
||||||
#include <openssl/conf.h>
|
|
||||||
#include <openssl/safestack.h>
|
|
||||||
#include <openssl/provider.h>
|
|
||||||
@@ -136,58 +136,18 @@ static int prov_already_activated(const
|
@@ -136,58 +136,18 @@ static int prov_already_activated(const
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
diff -up openssl-3.0.7/providers/fips/self_test.c.embed-hmac openssl-3.0.7/providers/fips/self_test.c
|
diff -up openssl-3.0.0/providers/fips/self_test.c.embed-hmac openssl-3.0.0/providers/fips/self_test.c
|
||||||
--- openssl-3.0.7/providers/fips/self_test.c.embed-hmac 2023-01-05 10:03:44.864869710 +0100
|
--- openssl-3.0.0/providers/fips/self_test.c.embed-hmac 2021-11-16 13:57:05.127171056 +0100
|
||||||
+++ openssl-3.0.7/providers/fips/self_test.c 2023-01-05 10:15:17.041606472 +0100
|
+++ openssl-3.0.0/providers/fips/self_test.c 2021-11-16 14:07:21.963412455 +0100
|
||||||
@@ -172,11 +172,27 @@ DEP_FINI_ATTRIBUTE void cleanup(void)
|
@@ -171,11 +171,27 @@ DEP_FINI_ATTRIBUTE void cleanup(void)
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
@ -29,7 +29,13 @@ diff -up openssl-3.0.7/providers/fips/self_test.c.embed-hmac openssl-3.0.7/provi
|
|||||||
static int verify_integrity(OSSL_CORE_BIO *bio, OSSL_FUNC_BIO_read_ex_fn read_ex_cb,
|
static int verify_integrity(OSSL_CORE_BIO *bio, OSSL_FUNC_BIO_read_ex_fn read_ex_cb,
|
||||||
unsigned char *expected, size_t expected_len,
|
unsigned char *expected, size_t expected_len,
|
||||||
OSSL_LIB_CTX *libctx, OSSL_SELF_TEST *ev,
|
OSSL_LIB_CTX *libctx, OSSL_SELF_TEST *ev,
|
||||||
@@ -189,9 +205,20 @@ static int verify_integrity(OSSL_CORE_BI
|
@@ -183,14 +199,26 @@ static int verify_integrity(OSSL_CORE_BI
|
||||||
|
{
|
||||||
|
int ret = 0, status;
|
||||||
|
unsigned char out[MAX_MD_SIZE];
|
||||||
|
- unsigned char buf[INTEGRITY_BUF_SIZE];
|
||||||
|
+ unsigned char buf[INTEGRITY_BUF_SIZE+HMAC_LEN];
|
||||||
|
size_t bytes_read = 0, out_len = 0;
|
||||||
EVP_MAC *mac = NULL;
|
EVP_MAC *mac = NULL;
|
||||||
EVP_MAC_CTX *ctx = NULL;
|
EVP_MAC_CTX *ctx = NULL;
|
||||||
OSSL_PARAM params[2], *p = params;
|
OSSL_PARAM params[2], *p = params;
|
||||||
@ -38,6 +44,7 @@ diff -up openssl-3.0.7/providers/fips/self_test.c.embed-hmac openssl-3.0.7/provi
|
|||||||
+ struct link_map *lm = NULL;
|
+ struct link_map *lm = NULL;
|
||||||
+ unsigned long paddr;
|
+ unsigned long paddr;
|
||||||
+ unsigned long off = 0;
|
+ unsigned long off = 0;
|
||||||
|
+ int have_rest = 0;
|
||||||
|
|
||||||
OSSL_SELF_TEST_onbegin(ev, event_type, OSSL_SELF_TEST_DESC_INTEGRITY_HMAC);
|
OSSL_SELF_TEST_onbegin(ev, event_type, OSSL_SELF_TEST_DESC_INTEGRITY_HMAC);
|
||||||
|
|
||||||
@ -50,52 +57,64 @@ diff -up openssl-3.0.7/providers/fips/self_test.c.embed-hmac openssl-3.0.7/provi
|
|||||||
mac = EVP_MAC_fetch(libctx, MAC_NAME, NULL);
|
mac = EVP_MAC_fetch(libctx, MAC_NAME, NULL);
|
||||||
if (mac == NULL)
|
if (mac == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
@@ -205,13 +233,42 @@ static int verify_integrity(OSSL_CORE_BI
|
@@ -204,12 +233,53 @@ static int verify_integrity(OSSL_CORE_BI
|
||||||
if (!EVP_MAC_init(ctx, fixed_key, sizeof(fixed_key), params))
|
if (!EVP_MAC_init(ctx, fixed_key, sizeof(fixed_key), params))
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
- while (1) {
|
+ status = read_ex_cb(bio, buf, HMAC_LEN, &bytes_read);
|
||||||
|
+ if (status != 1 || bytes_read != HMAC_LEN)
|
||||||
|
+ goto err;
|
||||||
|
+ off += HMAC_LEN;
|
||||||
|
+
|
||||||
|
while (1) {
|
||||||
- status = read_ex_cb(bio, buf, sizeof(buf), &bytes_read);
|
- status = read_ex_cb(bio, buf, sizeof(buf), &bytes_read);
|
||||||
+ while ((off + INTEGRITY_BUF_SIZE) <= paddr) {
|
- if (status != 1)
|
||||||
+ status = read_ex_cb(bio, buf, INTEGRITY_BUF_SIZE, &bytes_read);
|
+ status = read_ex_cb(bio, buf+HMAC_LEN, INTEGRITY_BUF_SIZE, &bytes_read);
|
||||||
if (status != 1)
|
+ if (status != 1) {
|
||||||
break;
|
+ have_rest = 1;
|
||||||
if (!EVP_MAC_update(ctx, buf, bytes_read))
|
|
||||||
goto err;
|
|
||||||
+ off += bytes_read;
|
|
||||||
}
|
|
||||||
+
|
|
||||||
+ if (off + INTEGRITY_BUF_SIZE > paddr) {
|
|
||||||
+ int delta = paddr - off;
|
|
||||||
+ status = read_ex_cb(bio, buf, delta, &bytes_read);
|
|
||||||
+ if (status != 1)
|
|
||||||
+ goto err;
|
|
||||||
+ if (!EVP_MAC_update(ctx, buf, bytes_read))
|
|
||||||
+ goto err;
|
|
||||||
+ off += bytes_read;
|
|
||||||
+
|
|
||||||
+ status = read_ex_cb(bio, buf, HMAC_LEN, &bytes_read);
|
|
||||||
+ memset(buf, 0, HMAC_LEN);
|
|
||||||
+ if (status != 1)
|
|
||||||
+ goto err;
|
|
||||||
+ if (!EVP_MAC_update(ctx, buf, bytes_read))
|
|
||||||
+ goto err;
|
|
||||||
+ off += bytes_read;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ while (bytes_read > 0) {
|
|
||||||
+ status = read_ex_cb(bio, buf, INTEGRITY_BUF_SIZE, &bytes_read);
|
|
||||||
+ if (status != 1)
|
|
||||||
+ break;
|
+ break;
|
||||||
+ if (!EVP_MAC_update(ctx, buf, bytes_read))
|
+ }
|
||||||
+ goto err;
|
|
||||||
+ off += bytes_read;
|
|
||||||
+ }
|
|
||||||
+
|
+
|
||||||
|
+ if (bytes_read == INTEGRITY_BUF_SIZE) { /* Full block */
|
||||||
|
+ /* Logic:
|
||||||
|
+ * We have HMAC_LEN (read before) + INTEGRITY_BUF_SIZE (read now) in buffer
|
||||||
|
+ * We calculate HMAC from first INTEGRITY_BUF_SIZE bytes
|
||||||
|
+ * and move last HMAC_LEN bytes to the beginning of the buffer
|
||||||
|
+ *
|
||||||
|
+ * If we have read (a part of) buffer fips_hmac_container
|
||||||
|
+ * we should replace it with zeros.
|
||||||
|
+ * If it is inside our current buffer, we will update now.
|
||||||
|
+ * If it intersects the upper bound, we will clean up on the next step.
|
||||||
|
+ */
|
||||||
|
+ if (off - HMAC_LEN <= paddr && paddr <= off + bytes_read)
|
||||||
|
+ memset (buf + HMAC_LEN + paddr - off, 0, HMAC_LEN);
|
||||||
|
+ off += bytes_read;
|
||||||
|
+
|
||||||
|
+ if (!EVP_MAC_update(ctx, buf, bytes_read))
|
||||||
|
+ goto err;
|
||||||
|
+ memcpy (buf, buf+INTEGRITY_BUF_SIZE, HMAC_LEN);
|
||||||
|
+ } else { /* Final block */
|
||||||
|
+ /* Logic is basically the same as in previous branch
|
||||||
|
+ * but we calculate HMAC from HMAC_LEN (rest of previous step)
|
||||||
|
+ * and bytes_read read on this step
|
||||||
|
+ * */
|
||||||
|
+ if (off - HMAC_LEN <= paddr && paddr <= off + bytes_read)
|
||||||
|
+ memset (buf + HMAC_LEN + paddr - off, 0, HMAC_LEN);
|
||||||
|
+ if (!EVP_MAC_update(ctx, buf, bytes_read+HMAC_LEN))
|
||||||
|
+ goto err;
|
||||||
|
+ off += bytes_read;
|
||||||
|
break;
|
||||||
|
- if (!EVP_MAC_update(ctx, buf, bytes_read))
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+ if (have_rest) {
|
||||||
|
+ if (!EVP_MAC_update(ctx, buf, HMAC_LEN))
|
||||||
|
goto err;
|
||||||
|
+ off += HMAC_LEN;
|
||||||
|
}
|
||||||
if (!EVP_MAC_final(ctx, out, &out_len, sizeof(out)))
|
if (!EVP_MAC_final(ctx, out, &out_len, sizeof(out)))
|
||||||
goto err;
|
goto err;
|
||||||
|
@@ -284,8 +358,7 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS
|
||||||
@@ -285,8 +342,7 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS
|
|
||||||
CRYPTO_THREAD_unlock(fips_state_lock);
|
CRYPTO_THREAD_unlock(fips_state_lock);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -105,7 +124,7 @@ diff -up openssl-3.0.7/providers/fips/self_test.c.embed-hmac openssl-3.0.7/provi
|
|||||||
ERR_raise(ERR_LIB_PROV, PROV_R_MISSING_CONFIG_DATA);
|
ERR_raise(ERR_LIB_PROV, PROV_R_MISSING_CONFIG_DATA);
|
||||||
goto end;
|
goto end;
|
||||||
}
|
}
|
||||||
@@ -305,8 +361,9 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS
|
@@ -294,8 +367,9 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS
|
||||||
if (ev == NULL)
|
if (ev == NULL)
|
||||||
goto end;
|
goto end;
|
||||||
|
|
||||||
@ -117,7 +136,7 @@ diff -up openssl-3.0.7/providers/fips/self_test.c.embed-hmac openssl-3.0.7/provi
|
|||||||
if (module_checksum == NULL) {
|
if (module_checksum == NULL) {
|
||||||
ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_CONFIG_DATA);
|
ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_CONFIG_DATA);
|
||||||
goto end;
|
goto end;
|
||||||
@@ -356,7 +413,6 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS
|
@@ -357,7 +431,6 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS
|
||||||
ok = 1;
|
ok = 1;
|
||||||
end:
|
end:
|
||||||
OSSL_SELF_TEST_free(ev);
|
OSSL_SELF_TEST_free(ev);
|
||||||
|
@ -148,7 +148,7 @@ diff -up openssl-3.0.0/doc/man5/fips_config.pod.xxx openssl-3.0.0/doc/man5/fips_
|
|||||||
+environment variable B<OPENSSL_FORCE_FIPS_MODE> is set. See the documentation
|
+environment variable B<OPENSSL_FORCE_FIPS_MODE> is set. See the documentation
|
||||||
+for more information.
|
+for more information.
|
||||||
|
|
||||||
=head1 HISTORY
|
=head1 COPYRIGHT
|
||||||
|
|
||||||
diff -up openssl-3.0.0/doc/man7/OSSL_PROVIDER-FIPS.pod.xxx openssl-3.0.0/doc/man7/OSSL_PROVIDER-FIPS.pod
|
diff -up openssl-3.0.0/doc/man7/OSSL_PROVIDER-FIPS.pod.xxx openssl-3.0.0/doc/man7/OSSL_PROVIDER-FIPS.pod
|
||||||
--- openssl-3.0.0/doc/man7/OSSL_PROVIDER-FIPS.pod.xxx 2021-11-22 13:18:13.850086386 +0100
|
--- openssl-3.0.0/doc/man7/OSSL_PROVIDER-FIPS.pod.xxx 2021-11-22 13:18:13.850086386 +0100
|
||||||
|
@ -11,3 +11,16 @@ diff -up openssl-3.0.0/apps/speed.c.beldmit openssl-3.0.0/apps/speed.c
|
|||||||
if (!EVP_MAC_init(mctx, NULL, 0, NULL)
|
if (!EVP_MAC_init(mctx, NULL, 0, NULL)
|
||||||
|| !EVP_MAC_update(mctx, buf, lengths[testnum])
|
|| !EVP_MAC_update(mctx, buf, lengths[testnum])
|
||||||
|| !EVP_MAC_final(mctx, mac, &outl, sizeof(mac)))
|
|| !EVP_MAC_final(mctx, mac, &outl, sizeof(mac)))
|
||||||
|
@@ -1922,8 +1925,10 @@ int speed_main(int argc, char **argv)
|
||||||
|
if (loopargs[i].mctx == NULL)
|
||||||
|
goto end;
|
||||||
|
|
||||||
|
- if (!EVP_MAC_CTX_set_params(loopargs[i].mctx, params))
|
||||||
|
- goto end;
|
||||||
|
+ if (!EVP_MAC_CTX_set_params(loopargs[i].mctx, params)) {
|
||||||
|
+ EVP_MAC_CTX_free(loopargs[i].mctx);
|
||||||
|
+ loopargs[i].mctx = NULL;
|
||||||
|
+ }
|
||||||
|
}
|
||||||
|
for (testnum = 0; testnum < size_num; testnum++) {
|
||||||
|
print_message(names[D_HMAC], c[D_HMAC][testnum], lengths[testnum],
|
||||||
|
@ -493,8 +493,8 @@ index 10b4e57d79..2d3c363bb0 100644
|
|||||||
--- a/util/libcrypto.num
|
--- a/util/libcrypto.num
|
||||||
+++ b/util/libcrypto.num
|
+++ b/util/libcrypto.num
|
||||||
@@ -5426,3 +5426,5 @@ ASN1_item_d2i_ex 5552 3_0_0 EXIST::FUNCTION:
|
@@ -5426,3 +5426,5 @@ ASN1_item_d2i_ex 5552 3_0_0 EXIST::FUNCTION:
|
||||||
|
OPENSSL_strcasecmp 5556 3_0_3 EXIST::FUNCTION:
|
||||||
OPENSSL_strncasecmp 5557 3_0_3 EXIST::FUNCTION:
|
OPENSSL_strncasecmp 5557 3_0_3 EXIST::FUNCTION:
|
||||||
OSSL_CMP_CTX_reset_geninfo_ITAVs 5558 3_0_8 EXIST::FUNCTION:CMP
|
|
||||||
ossl_safe_getenv ? 3_0_0 EXIST::FUNCTION:
|
ossl_safe_getenv ? 3_0_0 EXIST::FUNCTION:
|
||||||
+ossl_ctx_legacy_digest_signatures_allowed ? 3_0_1 EXIST::FUNCTION:
|
+ossl_ctx_legacy_digest_signatures_allowed ? 3_0_1 EXIST::FUNCTION:
|
||||||
+ossl_ctx_legacy_digest_signatures_allowed_set ? 3_0_1 EXIST::FUNCTION:
|
+ossl_ctx_legacy_digest_signatures_allowed_set ? 3_0_1 EXIST::FUNCTION:
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
From e738d17c45869eda31cb94f2832e65ec7cf8afa9 Mon Sep 17 00:00:00 2001
|
From f6a2f59574788aadd0ce323ad8ebe4d0c470672e Mon Sep 17 00:00:00 2001
|
||||||
From: Clemens Lang <cllang@redhat.com>
|
From: Clemens Lang <cllang@redhat.com>
|
||||||
Date: Wed, 17 Aug 2022 12:56:29 -0400
|
Date: Wed, 17 Aug 2022 12:56:29 -0400
|
||||||
Subject: [PATCH] Selectively disallow SHA1 signatures
|
Subject: [PATCH] Selectively disallow SHA1 signatures
|
||||||
@ -235,7 +235,7 @@ index a84113287c3d0edf6c67726aee7d8abb87401445..f1536258470563b4fe74f8d1e3db6d73
|
|||||||
|
|
||||||
The value is a boolean that can be B<yes> or B<no>. If the value is
|
The value is a boolean that can be B<yes> or B<no>. If the value is
|
||||||
diff --git a/include/internal/cryptlib.h b/include/internal/cryptlib.h
|
diff --git a/include/internal/cryptlib.h b/include/internal/cryptlib.h
|
||||||
index 934d4b089c209a16b01a364da0f528afd4d12475..45346d7d0b0c91eae4a9d4466ed314c0873cf6f6 100644
|
index 1291299b6e50ea129ba77c85bb0b21b0997e4494..e234341e6afd15f7108c7af453d6f2190c086b04 100644
|
||||||
--- a/include/internal/cryptlib.h
|
--- a/include/internal/cryptlib.h
|
||||||
+++ b/include/internal/cryptlib.h
|
+++ b/include/internal/cryptlib.h
|
||||||
@@ -168,7 +168,8 @@ typedef struct ossl_ex_data_global_st {
|
@@ -168,7 +168,8 @@ typedef struct ossl_ex_data_global_st {
|
||||||
@ -439,7 +439,7 @@ index 7023a866131e38c214ac7326fdd83274dab81833..f66d7705c35add553694c5808b51d569
|
|||||||
if (pmgf1mdname != NULL
|
if (pmgf1mdname != NULL
|
||||||
&& !rsa_setup_mgf1_md(prsactx, pmgf1mdname, pmgf1mdprops))
|
&& !rsa_setup_mgf1_md(prsactx, pmgf1mdname, pmgf1mdprops))
|
||||||
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
|
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
|
||||||
index 51c2283db915d792fa3020a2d7cbdc0d91fc9dca..89c1dd31c72271b1923ab972e3d3359b6c8e1a03 100644
|
index 48a0b7f6e5908e62b433a306c49a3f2ff7e8df76..909e38c2fe88324884a939b583fd7f43d01f3920 100644
|
||||||
--- a/ssl/t1_lib.c
|
--- a/ssl/t1_lib.c
|
||||||
+++ b/ssl/t1_lib.c
|
+++ b/ssl/t1_lib.c
|
||||||
@@ -20,6 +20,7 @@
|
@@ -20,6 +20,7 @@
|
||||||
@ -477,15 +477,15 @@ index 51c2283db915d792fa3020a2d7cbdc0d91fc9dca..89c1dd31c72271b1923ab972e3d3359b
|
|||||||
if (!EVP_PKEY_set_type(tmpkey, lu->sig)) {
|
if (!EVP_PKEY_set_type(tmpkey, lu->sig)) {
|
||||||
cache[i].enabled = 0;
|
cache[i].enabled = 0;
|
||||||
diff --git a/util/libcrypto.num b/util/libcrypto.num
|
diff --git a/util/libcrypto.num b/util/libcrypto.num
|
||||||
index 4e729be97d7b31b4caf0c3bab06dbce908dc2628..2ad515028ac6522e43cdb48794ba2cc96de56049 100644
|
index d94f406606132690d4744e470d98eff377d87699..07ae9a21ec979028eb78feaee4cadb801b790caf 100644
|
||||||
--- a/util/libcrypto.num
|
--- a/util/libcrypto.num
|
||||||
+++ b/util/libcrypto.num
|
+++ b/util/libcrypto.num
|
||||||
@@ -5429,3 +5429,5 @@ OPENSSL_strcasecmp 5556 3_0_3 EXIST::FUNCTION:
|
@@ -5428,3 +5428,5 @@ EVP_PKEY_CTX_get0_provider 5555 3_0_0 EXIST::FUNCTION:
|
||||||
|
OPENSSL_strcasecmp 5556 3_0_3 EXIST::FUNCTION:
|
||||||
OPENSSL_strncasecmp 5557 3_0_3 EXIST::FUNCTION:
|
OPENSSL_strncasecmp 5557 3_0_3 EXIST::FUNCTION:
|
||||||
OSSL_CMP_CTX_reset_geninfo_ITAVs 5558 3_0_8 EXIST::FUNCTION:CMP
|
|
||||||
ossl_safe_getenv ? 3_0_0 EXIST::FUNCTION:
|
ossl_safe_getenv ? 3_0_0 EXIST::FUNCTION:
|
||||||
+ossl_ctx_legacy_digest_signatures_allowed ? 3_0_1 EXIST::FUNCTION:
|
+ossl_ctx_legacy_digest_signatures_allowed ? 3_0_1 EXIST::FUNCTION:
|
||||||
+ossl_ctx_legacy_digest_signatures_allowed_set ? 3_0_1 EXIST::FUNCTION:
|
+ossl_ctx_legacy_digest_signatures_allowed_set ? 3_0_1 EXIST::FUNCTION:
|
||||||
--
|
--
|
||||||
2.39.1
|
2.37.2
|
||||||
|
|
||||||
|
@ -1,54 +1,14 @@
|
|||||||
diff -up openssl-3.0.3/util/libcrypto.num.locale openssl-3.0.3/util/libcrypto.num
|
diff -up openssl-3.0.3/util/libcrypto.num.locale openssl-3.0.3/util/libcrypto.num
|
||||||
--- openssl-3.0.3/util/libcrypto.num.locale 2022-06-01 12:35:52.667498724 +0200
|
--- openssl-3.0.3/util/libcrypto.num.locale 2022-06-01 12:35:52.667498724 +0200
|
||||||
+++ openssl-3.0.3/util/libcrypto.num 2022-06-01 12:36:08.112633093 +0200
|
+++ openssl-3.0.3/util/libcrypto.num 2022-06-01 12:36:08.112633093 +0200
|
||||||
@@ -5425,6 +5425,8 @@ ASN1_item_d2i_ex
|
@@ -5425,8 +5425,8 @@ ASN1_item_d2i_ex
|
||||||
OPENSSL_strcasecmp 5556 3_0_3 EXIST::FUNCTION:
|
ASN1_TIME_print_ex 5553 3_0_0 EXIST::FUNCTION:
|
||||||
OPENSSL_strncasecmp 5557 3_0_3 EXIST::FUNCTION:
|
EVP_PKEY_get0_provider 5554 3_0_0 EXIST::FUNCTION:
|
||||||
OSSL_CMP_CTX_reset_geninfo_ITAVs 5558 3_0_8 EXIST::FUNCTION:CMP
|
EVP_PKEY_CTX_get0_provider 5555 3_0_0 EXIST::FUNCTION:
|
||||||
+OPENSSL_strcasecmp ? 3_0_1 EXIST::FUNCTION:
|
-OPENSSL_strcasecmp 5556 3_0_3 EXIST::FUNCTION:
|
||||||
+OPENSSL_strncasecmp ? 3_0_1 EXIST::FUNCTION:
|
-OPENSSL_strncasecmp 5557 3_0_3 EXIST::FUNCTION:
|
||||||
|
+OPENSSL_strcasecmp 5556 3_0_1 EXIST::FUNCTION:
|
||||||
|
+OPENSSL_strncasecmp 5557 3_0_1 EXIST::FUNCTION:
|
||||||
ossl_safe_getenv ? 3_0_0 EXIST::FUNCTION:
|
ossl_safe_getenv ? 3_0_0 EXIST::FUNCTION:
|
||||||
ossl_ctx_legacy_digest_signatures_allowed ? 3_0_1 EXIST::FUNCTION:
|
ossl_ctx_legacy_digest_signatures_allowed ? 3_0_1 EXIST::FUNCTION:
|
||||||
ossl_ctx_legacy_digest_signatures_allowed_set ? 3_0_1 EXIST::FUNCTION:
|
ossl_ctx_legacy_digest_signatures_allowed_set ? 3_0_1 EXIST::FUNCTION:
|
||||||
diff -up openssl-3.0.7/crypto/o_str.c.cmp openssl-3.0.7/crypto/o_str.c
|
|
||||||
--- openssl-3.0.7/crypto/o_str.c.cmp 2022-11-25 12:50:22.449760653 +0100
|
|
||||||
+++ openssl-3.0.7/crypto/o_str.c 2022-11-25 12:51:19.416350584 +0100
|
|
||||||
@@ -342,7 +342,12 @@ int openssl_strerror_r(int errnum, char
|
|
||||||
#endif
|
|
||||||
}
|
|
||||||
|
|
||||||
-int OPENSSL_strcasecmp(const char *s1, const char *s2)
|
|
||||||
+int
|
|
||||||
+#ifndef FIPS_MODULE
|
|
||||||
+__attribute__ ((symver ("OPENSSL_strcasecmp@@OPENSSL_3.0.3"),
|
|
||||||
+ symver ("OPENSSL_strcasecmp@OPENSSL_3.0.1")))
|
|
||||||
+#endif
|
|
||||||
+OPENSSL_strcasecmp(const char *s1, const char *s2)
|
|
||||||
{
|
|
||||||
int t;
|
|
||||||
|
|
||||||
@@ -352,7 +354,12 @@ int OPENSSL_strcasecmp(const char *s1, c
|
|
||||||
return t;
|
|
||||||
}
|
|
||||||
|
|
||||||
-int OPENSSL_strncasecmp(const char *s1, const char *s2, size_t n)
|
|
||||||
+int
|
|
||||||
+#ifndef FIPS_MODULE
|
|
||||||
+__attribute__ ((symver ("OPENSSL_strncasecmp@@OPENSSL_3.0.3"),
|
|
||||||
+ symver ("OPENSSL_strncasecmp@OPENSSL_3.0.1")))
|
|
||||||
+#endif
|
|
||||||
+OPENSSL_strncasecmp(const char *s1, const char *s2, size_t n)
|
|
||||||
{
|
|
||||||
int t;
|
|
||||||
size_t i;
|
|
||||||
diff -up openssl-3.0.7/test/recipes/01-test_symbol_presence.t.cmp openssl-3.0.7/test/recipes/01-test_symbol_presence.t
|
|
||||||
--- openssl-3.0.7/test/recipes/01-test_symbol_presence.t.cmp 2022-11-25 18:19:05.669769076 +0100
|
|
||||||
+++ openssl-3.0.7/test/recipes/01-test_symbol_presence.t 2022-11-25 18:31:20.993392678 +0100
|
|
||||||
@@ -77,6 +80,7 @@ foreach my $libname (@libnames) {
|
|
||||||
s| .*||;
|
|
||||||
# Drop OpenSSL dynamic version information if there is any
|
|
||||||
s|\@\@.+$||;
|
|
||||||
+ s|\@.+$||;
|
|
||||||
# Return the result
|
|
||||||
$_
|
|
||||||
}
|
|
||||||
|
@ -136,7 +136,7 @@ diff -up openssl-3.0.1/test/recipes/80-test_ssl_old.t.no_bad_pad openssl-3.0.1/t
|
|||||||
diff -up openssl-3.0.1/test/recipes/30-test_evp_data/evppkey_rsa_common.txt.fipskeylen openssl-3.0.1/test/recipes/30-test_evp_data/evppkey_rsa_common.txt
|
diff -up openssl-3.0.1/test/recipes/30-test_evp_data/evppkey_rsa_common.txt.fipskeylen openssl-3.0.1/test/recipes/30-test_evp_data/evppkey_rsa_common.txt
|
||||||
--- openssl-3.0.1/test/recipes/30-test_evp_data/evppkey_rsa_common.txt.fipskeylen 2022-06-16 14:26:19.383530498 +0200
|
--- openssl-3.0.1/test/recipes/30-test_evp_data/evppkey_rsa_common.txt.fipskeylen 2022-06-16 14:26:19.383530498 +0200
|
||||||
+++ openssl-3.0.1/test/recipes/30-test_evp_data/evppkey_rsa_common.txt 2022-06-16 14:39:53.637777701 +0200
|
+++ openssl-3.0.1/test/recipes/30-test_evp_data/evppkey_rsa_common.txt 2022-06-16 14:39:53.637777701 +0200
|
||||||
@@ -263,13 +263,13 @@ Input = 64b0e9f9892371110c40ba5739dc0974
|
@@ -263,12 +263,13 @@ Input = 64b0e9f9892371110c40ba5739dc0974
|
||||||
Output = 0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef
|
Output = 0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef
|
||||||
|
|
||||||
# RSA decrypt
|
# RSA decrypt
|
||||||
@ -147,7 +147,6 @@ diff -up openssl-3.0.1/test/recipes/30-test_evp_data/evppkey_rsa_common.txt.fips
|
|||||||
Output = "Hello World"
|
Output = "Hello World"
|
||||||
|
|
||||||
# Corrupted ciphertext
|
# Corrupted ciphertext
|
||||||
-FIPSversion = <3.2.0
|
|
||||||
+Availablein = default
|
+Availablein = default
|
||||||
Decrypt = RSA-2048
|
Decrypt = RSA-2048
|
||||||
Input = 550AF55A2904E7B9762352F8FB7FA235A9CB053AACB2D5FCB8CA48453CB2EE3619746C701ABF2D4CC67003471A187900B05AA812BD25ED05C675DFC8C97A24A7BF49BD6214992CAD766D05A9A2B57B74F26A737E0237B8B76C45F1F226A836D7CFBC75BA999BDBE48DBC09227AA46C88F21DCCBA7840141AD5A5D71FD122E6BD6AC3E564780DFE623FC1CA9B995A6037BF0BBD43B205A84AC5444F34202C05CE9113087176432476576DE6FFFF9A52EA57C08BE3EC2F49676CB8E12F762AC71FA3C321E00AC988910C85FF52F93825666CE0D40FFAA0592078919D4493F46D95CCF76364C6D57760DD0B64805F9AFC76A2365A5575CA301D5103F0EA76CB9A79
|
Input = 550AF55A2904E7B9762352F8FB7FA235A9CB053AACB2D5FCB8CA48453CB2EE3619746C701ABF2D4CC67003471A187900B05AA812BD25ED05C675DFC8C97A24A7BF49BD6214992CAD766D05A9A2B57B74F26A737E0237B8B76C45F1F226A836D7CFBC75BA999BDBE48DBC09227AA46C88F21DCCBA7840141AD5A5D71FD122E6BD6AC3E564780DFE623FC1CA9B995A6037BF0BBD43B205A84AC5444F34202C05CE9113087176432476576DE6FFFF9A52EA57C08BE3EC2F49676CB8E12F762AC71FA3C321E00AC988910C85FF52F93825666CE0D40FFAA0592078919D4493F46D95CCF76364C6D57760DD0B64805F9AFC76A2365A5575CA301D5103F0EA76CB9A79
|
||||||
|
@ -1,313 +0,0 @@
|
|||||||
From 97ac06e5a8e3a8699279c06eeb64c8e958bad7bd Mon Sep 17 00:00:00 2001
|
|
||||||
From: Clemens Lang <cllang@redhat.com>
|
|
||||||
Date: Fri, 15 Jul 2022 17:45:40 +0200
|
|
||||||
Subject: [PATCH] FIPS: Use digest_sign & digest_verify in self test
|
|
||||||
|
|
||||||
In review for FIPS 140-3, the lack of a self-test for the digest_sign
|
|
||||||
and digest_verify provider functions was highlighted as a problem. NIST
|
|
||||||
no longer provides ACVP tests for the RSA SigVer primitive (see
|
|
||||||
https://github.com/usnistgov/ACVP/issues/1347). Because FIPS 140-3
|
|
||||||
recommends the use of functions that compute the digest and signature
|
|
||||||
within the module, we have been advised in our module review that the
|
|
||||||
self tests should also use the combined digest and signature APIs, i.e.
|
|
||||||
the digest_sign and digest_verify provider functions.
|
|
||||||
|
|
||||||
Modify the signature self-test to use these instead by switching to
|
|
||||||
EVP_DigestSign and EVP_DigestVerify. This requires adding more ifdefs to
|
|
||||||
crypto/evp/m_sigver.c to make these functions usable in the FIPS module.
|
|
||||||
|
|
||||||
Signed-off-by: Clemens Lang <cllang@redhat.com>
|
|
||||||
---
|
|
||||||
crypto/evp/m_sigver.c | 43 +++++++++++++++++++++++++++------
|
|
||||||
providers/fips/self_test_kats.c | 37 +++++++++++++++-------------
|
|
||||||
2 files changed, 56 insertions(+), 24 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/crypto/evp/m_sigver.c b/crypto/evp/m_sigver.c
|
|
||||||
index db1a1d7bc3..c94c3c53bd 100644
|
|
||||||
--- a/crypto/evp/m_sigver.c
|
|
||||||
+++ b/crypto/evp/m_sigver.c
|
|
||||||
@@ -88,6 +88,7 @@ static int update(EVP_MD_CTX *ctx, const void *data, size_t datalen)
|
|
||||||
ERR_raise(ERR_LIB_EVP, EVP_R_ONLY_ONESHOT_SUPPORTED);
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
+#endif /* !defined(FIPS_MODULE) */
|
|
||||||
|
|
||||||
/*
|
|
||||||
* If we get the "NULL" md then the name comes back as "UNDEF". We want to use
|
|
||||||
@@ -130,8 +131,10 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
|
|
||||||
reinit = 0;
|
|
||||||
if (e == NULL)
|
|
||||||
ctx->pctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, props);
|
|
||||||
+#ifndef FIPS_MODULE
|
|
||||||
else
|
|
||||||
ctx->pctx = EVP_PKEY_CTX_new(pkey, e);
|
|
||||||
+#endif /* !defined(FIPS_MODULE) */
|
|
||||||
}
|
|
||||||
if (ctx->pctx == NULL)
|
|
||||||
return 0;
|
|
||||||
@@ -139,8 +142,10 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
|
|
||||||
locpctx = ctx->pctx;
|
|
||||||
ERR_set_mark();
|
|
||||||
|
|
||||||
+#ifndef FIPS_MODULE
|
|
||||||
if (evp_pkey_ctx_is_legacy(locpctx))
|
|
||||||
goto legacy;
|
|
||||||
+#endif /* !defined(FIPS_MODULE) */
|
|
||||||
|
|
||||||
/* do not reinitialize if pkey is set or operation is different */
|
|
||||||
if (reinit
|
|
||||||
@@ -225,8 +230,10 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
|
|
||||||
signature =
|
|
||||||
evp_signature_fetch_from_prov((OSSL_PROVIDER *)tmp_prov,
|
|
||||||
supported_sig, locpctx->propquery);
|
|
||||||
+#ifndef FIPS_MODULE
|
|
||||||
if (signature == NULL)
|
|
||||||
goto legacy;
|
|
||||||
+#endif /* !defined(FIPS_MODULE) */
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
if (signature == NULL)
|
|
||||||
@@ -310,6 +317,7 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
|
|
||||||
ctx->fetched_digest = EVP_MD_fetch(locpctx->libctx, mdname, props);
|
|
||||||
if (ctx->fetched_digest != NULL) {
|
|
||||||
ctx->digest = ctx->reqdigest = ctx->fetched_digest;
|
|
||||||
+#ifndef FIPS_MODULE
|
|
||||||
} else {
|
|
||||||
/* legacy engine support : remove the mark when this is deleted */
|
|
||||||
ctx->reqdigest = ctx->digest = EVP_get_digestbyname(mdname);
|
|
||||||
@@ -318,11 +326,13 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
|
|
||||||
ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
|
|
||||||
goto err;
|
|
||||||
}
|
|
||||||
+#endif /* !defined(FIPS_MODULE) */
|
|
||||||
}
|
|
||||||
(void)ERR_pop_to_mark();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
+#ifndef FIPS_MODULE
|
|
||||||
if (ctx->reqdigest != NULL
|
|
||||||
&& !EVP_PKEY_is_a(locpctx->pkey, SN_hmac)
|
|
||||||
&& !EVP_PKEY_is_a(locpctx->pkey, SN_tls1_prf)
|
|
||||||
@@ -334,6 +344,7 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
|
|
||||||
goto err;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
+#endif /* !defined(FIPS_MODULE) */
|
|
||||||
|
|
||||||
if (ver) {
|
|
||||||
if (signature->digest_verify_init == NULL) {
|
|
||||||
@@ -366,6 +377,7 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
|
|
||||||
EVP_KEYMGMT_free(tmp_keymgmt);
|
|
||||||
return 0;
|
|
||||||
|
|
||||||
+#ifndef FIPS_MODULE
|
|
||||||
legacy:
|
|
||||||
/*
|
|
||||||
* If we don't have the full support we need with provided methods,
|
|
||||||
@@ -437,6 +449,7 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
|
|
||||||
ctx->pctx->flag_call_digest_custom = 1;
|
|
||||||
|
|
||||||
ret = 1;
|
|
||||||
+#endif /* !defined(FIPS_MODULE) */
|
|
||||||
|
|
||||||
end:
|
|
||||||
#ifndef FIPS_MODULE
|
|
||||||
@@ -479,7 +492,6 @@ int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
|
|
||||||
return do_sigver_init(ctx, pctx, type, NULL, NULL, NULL, e, pkey, 1,
|
|
||||||
NULL);
|
|
||||||
}
|
|
||||||
-#endif /* FIPS_MDOE */
|
|
||||||
|
|
||||||
int EVP_DigestSignUpdate(EVP_MD_CTX *ctx, const void *data, size_t dsize)
|
|
||||||
{
|
|
||||||
@@ -541,23 +553,29 @@ int EVP_DigestVerifyUpdate(EVP_MD_CTX *ctx, const void *data, size_t dsize)
|
|
||||||
return EVP_DigestUpdate(ctx, data, dsize);
|
|
||||||
}
|
|
||||||
|
|
||||||
-#ifndef FIPS_MODULE
|
|
||||||
int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
|
|
||||||
size_t *siglen)
|
|
||||||
{
|
|
||||||
- int sctx = 0, r = 0;
|
|
||||||
- EVP_PKEY_CTX *dctx, *pctx = ctx->pctx;
|
|
||||||
+ int r = 0;
|
|
||||||
+#ifndef FIPS_MODULE
|
|
||||||
+ int sctx = 0;
|
|
||||||
+ EVP_PKEY_CTX *dctx;
|
|
||||||
+#endif /* !defined(FIPS_MODULE) */
|
|
||||||
+ EVP_PKEY_CTX *pctx = ctx->pctx;
|
|
||||||
|
|
||||||
+#ifndef FIPS_MODULE
|
|
||||||
if (pctx == NULL
|
|
||||||
|| pctx->operation != EVP_PKEY_OP_SIGNCTX
|
|
||||||
|| pctx->op.sig.algctx == NULL
|
|
||||||
|| pctx->op.sig.signature == NULL)
|
|
||||||
goto legacy;
|
|
||||||
+#endif /* !defined(FIPS_MODULE) */
|
|
||||||
|
|
||||||
if (sigret == NULL || (ctx->flags & EVP_MD_CTX_FLAG_FINALISE) != 0)
|
|
||||||
return pctx->op.sig.signature->digest_sign_final(pctx->op.sig.algctx,
|
|
||||||
sigret, siglen,
|
|
||||||
sigret == NULL ? 0 : *siglen);
|
|
||||||
+#ifndef FIPS_MODULE
|
|
||||||
dctx = EVP_PKEY_CTX_dup(pctx);
|
|
||||||
if (dctx == NULL)
|
|
||||||
return 0;
|
|
||||||
@@ -566,8 +584,10 @@ int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
|
|
||||||
sigret, siglen,
|
|
||||||
*siglen);
|
|
||||||
EVP_PKEY_CTX_free(dctx);
|
|
||||||
+#endif /* defined(FIPS_MODULE) */
|
|
||||||
return r;
|
|
||||||
|
|
||||||
+#ifndef FIPS_MODULE
|
|
||||||
legacy:
|
|
||||||
if (pctx == NULL || pctx->pmeth == NULL) {
|
|
||||||
ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
|
|
||||||
@@ -639,6 +659,7 @@ int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return 1;
|
|
||||||
+#endif /* !defined(FIPS_MODULE) */
|
|
||||||
}
|
|
||||||
|
|
||||||
int EVP_DigestSign(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen,
|
|
||||||
@@ -669,21 +690,27 @@ int EVP_DigestSign(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen,
|
|
||||||
int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sig,
|
|
||||||
size_t siglen)
|
|
||||||
{
|
|
||||||
- unsigned char md[EVP_MAX_MD_SIZE];
|
|
||||||
int r = 0;
|
|
||||||
+#ifndef FIPS_MODULE
|
|
||||||
+ unsigned char md[EVP_MAX_MD_SIZE];
|
|
||||||
unsigned int mdlen = 0;
|
|
||||||
int vctx = 0;
|
|
||||||
- EVP_PKEY_CTX *dctx, *pctx = ctx->pctx;
|
|
||||||
+ EVP_PKEY_CTX *dctx;
|
|
||||||
+#endif /* !defined(FIPS_MODULE) */
|
|
||||||
+ EVP_PKEY_CTX *pctx = ctx->pctx;
|
|
||||||
|
|
||||||
+#ifndef FIPS_MODULE
|
|
||||||
if (pctx == NULL
|
|
||||||
|| pctx->operation != EVP_PKEY_OP_VERIFYCTX
|
|
||||||
|| pctx->op.sig.algctx == NULL
|
|
||||||
|| pctx->op.sig.signature == NULL)
|
|
||||||
goto legacy;
|
|
||||||
+#endif /* !defined(FIPS_MODULE) */
|
|
||||||
|
|
||||||
if ((ctx->flags & EVP_MD_CTX_FLAG_FINALISE) != 0)
|
|
||||||
return pctx->op.sig.signature->digest_verify_final(pctx->op.sig.algctx,
|
|
||||||
sig, siglen);
|
|
||||||
+#ifndef FIPS_MODULE
|
|
||||||
dctx = EVP_PKEY_CTX_dup(pctx);
|
|
||||||
if (dctx == NULL)
|
|
||||||
return 0;
|
|
||||||
@@ -691,8 +718,10 @@ int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sig,
|
|
||||||
r = dctx->op.sig.signature->digest_verify_final(dctx->op.sig.algctx,
|
|
||||||
sig, siglen);
|
|
||||||
EVP_PKEY_CTX_free(dctx);
|
|
||||||
+#endif /* !defined(FIPS_MODULE) */
|
|
||||||
return r;
|
|
||||||
|
|
||||||
+#ifndef FIPS_MODULE
|
|
||||||
legacy:
|
|
||||||
if (pctx == NULL || pctx->pmeth == NULL) {
|
|
||||||
ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
|
|
||||||
@@ -732,6 +761,7 @@ int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sig,
|
|
||||||
if (vctx || !r)
|
|
||||||
return r;
|
|
||||||
return EVP_PKEY_verify(pctx, sig, siglen, md, mdlen);
|
|
||||||
+#endif /* !defined(FIPS_MODULE) */
|
|
||||||
}
|
|
||||||
|
|
||||||
int EVP_DigestVerify(EVP_MD_CTX *ctx, const unsigned char *sigret,
|
|
||||||
@@ -757,4 +787,3 @@ int EVP_DigestVerify(EVP_MD_CTX *ctx, const unsigned char *sigret,
|
|
||||||
return -1;
|
|
||||||
return EVP_DigestVerifyFinal(ctx, sigret, siglen);
|
|
||||||
}
|
|
||||||
-#endif /* FIPS_MODULE */
|
|
||||||
diff --git a/providers/fips/self_test_kats.c b/providers/fips/self_test_kats.c
|
|
||||||
index b6d5e8e134..77eec075e6 100644
|
|
||||||
--- a/providers/fips/self_test_kats.c
|
|
||||||
+++ b/providers/fips/self_test_kats.c
|
|
||||||
@@ -444,11 +444,14 @@ static int self_test_sign(const ST_KAT_SIGN *t,
|
|
||||||
int ret = 0;
|
|
||||||
OSSL_PARAM *params = NULL, *params_sig = NULL;
|
|
||||||
OSSL_PARAM_BLD *bld = NULL;
|
|
||||||
+ EVP_MD *md = NULL;
|
|
||||||
+ EVP_MD_CTX *ctx = NULL;
|
|
||||||
EVP_PKEY_CTX *sctx = NULL, *kctx = NULL;
|
|
||||||
EVP_PKEY *pkey = NULL;
|
|
||||||
- unsigned char sig[256];
|
|
||||||
BN_CTX *bnctx = NULL;
|
|
||||||
BIGNUM *K = NULL;
|
|
||||||
+ const char *msg = "Hello World!";
|
|
||||||
+ unsigned char sig[256];
|
|
||||||
size_t siglen = sizeof(sig);
|
|
||||||
static const unsigned char dgst[] = {
|
|
||||||
0x7f, 0x83, 0xb1, 0x65, 0x7f, 0xf1, 0xfc, 0x53, 0xb9, 0x2d, 0xc1, 0x81,
|
|
||||||
@@ -488,23 +491,26 @@ static int self_test_sign(const ST_KAT_SIGN *t,
|
|
||||||
|| EVP_PKEY_fromdata(kctx, &pkey, EVP_PKEY_KEYPAIR, params) <= 0)
|
|
||||||
goto err;
|
|
||||||
|
|
||||||
- /* Create a EVP_PKEY_CTX to use for the signing operation */
|
|
||||||
- sctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, NULL);
|
|
||||||
- if (sctx == NULL
|
|
||||||
- || EVP_PKEY_sign_init(sctx) <= 0)
|
|
||||||
- goto err;
|
|
||||||
-
|
|
||||||
- /* set signature parameters */
|
|
||||||
- if (!OSSL_PARAM_BLD_push_utf8_string(bld, OSSL_SIGNATURE_PARAM_DIGEST,
|
|
||||||
- t->mdalgorithm,
|
|
||||||
- strlen(t->mdalgorithm) + 1))
|
|
||||||
- goto err;
|
|
||||||
+ /* Create a EVP_MD_CTX to use for the signature operation, assign signature
|
|
||||||
+ * parameters and sign */
|
|
||||||
params_sig = OSSL_PARAM_BLD_to_param(bld);
|
|
||||||
- if (EVP_PKEY_CTX_set_params(sctx, params_sig) <= 0)
|
|
||||||
+ md = EVP_MD_fetch(libctx, "SHA256", NULL);
|
|
||||||
+ ctx = EVP_MD_CTX_new();
|
|
||||||
+ if (md == NULL || ctx == NULL)
|
|
||||||
+ goto err;
|
|
||||||
+ EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_FINALISE | EVP_MD_CTX_FLAG_ONESHOT);
|
|
||||||
+ if (EVP_DigestSignInit(ctx, &sctx, md, NULL, pkey) <= 0
|
|
||||||
+ || EVP_PKEY_CTX_set_params(sctx, params_sig) <= 0
|
|
||||||
+ || EVP_DigestSign(ctx, sig, &siglen, (const unsigned char *)msg, strlen(msg)) <= 0
|
|
||||||
+ || EVP_MD_CTX_reset(ctx) <= 0)
|
|
||||||
goto err;
|
|
||||||
|
|
||||||
- if (EVP_PKEY_sign(sctx, sig, &siglen, dgst, sizeof(dgst)) <= 0
|
|
||||||
- || EVP_PKEY_verify_init(sctx) <= 0
|
|
||||||
+ /* sctx is not freed automatically inside the FIPS module */
|
|
||||||
+ EVP_PKEY_CTX_free(sctx);
|
|
||||||
+ sctx = NULL;
|
|
||||||
+
|
|
||||||
+ EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_FINALISE | EVP_MD_CTX_FLAG_ONESHOT);
|
|
||||||
+ if (EVP_DigestVerifyInit(ctx, &sctx, md, NULL, pkey) <= 0
|
|
||||||
|| EVP_PKEY_CTX_set_params(sctx, params_sig) <= 0)
|
|
||||||
goto err;
|
|
||||||
|
|
||||||
@@ -509,14 +510,17 @@ static int self_test_sign(const ST_KAT_SIGN *t,
|
|
||||||
goto err;
|
|
||||||
|
|
||||||
OSSL_SELF_TEST_oncorrupt_byte(st, sig);
|
|
||||||
- if (EVP_PKEY_verify(sctx, sig, siglen, dgst, sizeof(dgst)) <= 0)
|
|
||||||
+ if (EVP_DigestVerify(ctx, sig, siglen, (const unsigned char *)msg, strlen(msg)) <= 0)
|
|
||||||
goto err;
|
|
||||||
ret = 1;
|
|
||||||
err:
|
|
||||||
BN_CTX_free(bnctx);
|
|
||||||
EVP_PKEY_free(pkey);
|
|
||||||
- EVP_PKEY_CTX_free(kctx);
|
|
||||||
+ EVP_MD_free(md);
|
|
||||||
+ EVP_MD_CTX_free(ctx);
|
|
||||||
+ /* sctx is not freed automatically inside the FIPS module */
|
|
||||||
EVP_PKEY_CTX_free(sctx);
|
|
||||||
+ EVP_PKEY_CTX_free(kctx);
|
|
||||||
OSSL_PARAM_free(params);
|
|
||||||
OSSL_PARAM_free(params_sig);
|
|
||||||
OSSL_PARAM_BLD_free(bld);
|
|
||||||
--
|
|
||||||
2.37.1
|
|
||||||
|
|
@ -1,146 +0,0 @@
|
|||||||
From 5dee3e41a5b3f8934277de17a2ae192f43601948 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Tomas Mraz <tomas@openssl.org>
|
|
||||||
Date: Fri, 9 Sep 2022 14:46:24 +0200
|
|
||||||
Subject: [PATCH] Fix AES-GCM on Power 8 CPUs
|
|
||||||
|
|
||||||
Properly fallback to the default implementation on CPUs
|
|
||||||
missing necessary instructions.
|
|
||||||
|
|
||||||
Fixes #19163
|
|
||||||
|
|
||||||
(cherry picked from commit 24344d387178d45b37a1fbc51519c390e9a4effe)
|
|
||||||
---
|
|
||||||
include/crypto/aes_platform.h | 12 +---
|
|
||||||
.../ciphers/cipher_aes_gcm_hw_ppc.inc | 72 ++++++++++++++-----
|
|
||||||
2 files changed, 56 insertions(+), 28 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/include/crypto/aes_platform.h b/include/crypto/aes_platform.h
|
|
||||||
index 0c281a366a..6830bad0e9 100644
|
|
||||||
--- a/include/crypto/aes_platform.h
|
|
||||||
+++ b/include/crypto/aes_platform.h
|
|
||||||
@@ -83,16 +83,8 @@ size_t ppc_aes_gcm_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t ppc_aes_gcm_decrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t len, const void *key, unsigned char ivec[16],
|
|
||||||
u64 *Xi);
|
|
||||||
-size_t ppc_aes_gcm_encrypt_wrap(const unsigned char *in, unsigned char *out,
|
|
||||||
- size_t len, const void *key,
|
|
||||||
- unsigned char ivec[16], u64 *Xi);
|
|
||||||
-size_t ppc_aes_gcm_decrypt_wrap(const unsigned char *in, unsigned char *out,
|
|
||||||
- size_t len, const void *key,
|
|
||||||
- unsigned char ivec[16], u64 *Xi);
|
|
||||||
-# define AES_gcm_encrypt ppc_aes_gcm_encrypt_wrap
|
|
||||||
-# define AES_gcm_decrypt ppc_aes_gcm_decrypt_wrap
|
|
||||||
-# define AES_GCM_ASM(gctx) ((gctx)->ctr==aes_p8_ctr32_encrypt_blocks && \
|
|
||||||
- (gctx)->gcm.ghash==gcm_ghash_p8)
|
|
||||||
+# define AES_GCM_ASM_PPC(gctx) ((gctx)->ctr==aes_p8_ctr32_encrypt_blocks && \
|
|
||||||
+ (gctx)->gcm.ghash==gcm_ghash_p8)
|
|
||||||
void gcm_ghash_p8(u64 Xi[2],const u128 Htable[16],const u8 *inp, size_t len);
|
|
||||||
# endif /* PPC */
|
|
||||||
|
|
||||||
diff --git a/providers/implementations/ciphers/cipher_aes_gcm_hw_ppc.inc b/providers/implementations/ciphers/cipher_aes_gcm_hw_ppc.inc
|
|
||||||
index 4eed0f4ab0..03e3eddc41 100644
|
|
||||||
--- a/providers/implementations/ciphers/cipher_aes_gcm_hw_ppc.inc
|
|
||||||
+++ b/providers/implementations/ciphers/cipher_aes_gcm_hw_ppc.inc
|
|
||||||
@@ -23,12 +23,6 @@ static int aes_ppc_gcm_initkey(PROV_GCM_CTX *ctx, const unsigned char *key,
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
-
|
|
||||||
-extern size_t ppc_aes_gcm_encrypt(const unsigned char *in, unsigned char *out, size_t len,
|
|
||||||
- const void *key, unsigned char ivec[16], u64 *Xi);
|
|
||||||
-extern size_t ppc_aes_gcm_decrypt(const unsigned char *in, unsigned char *out, size_t len,
|
|
||||||
- const void *key, unsigned char ivec[16], u64 *Xi);
|
|
||||||
-
|
|
||||||
static inline u32 UTO32(unsigned char *buf)
|
|
||||||
{
|
|
||||||
return ((u32) buf[0] << 24) | ((u32) buf[1] << 16) | ((u32) buf[2] << 8) | ((u32) buf[3]);
|
|
||||||
@@ -47,7 +41,7 @@ static inline u32 add32TOU(unsigned char buf[4], u32 n)
|
|
||||||
return r;
|
|
||||||
}
|
|
||||||
|
|
||||||
-static size_t aes_p10_gcm_crypt(const unsigned char *in, unsigned char *out, size_t len,
|
|
||||||
+static size_t ppc_aes_gcm_crypt(const unsigned char *in, unsigned char *out, size_t len,
|
|
||||||
const void *key, unsigned char ivec[16], u64 *Xi, int encrypt)
|
|
||||||
{
|
|
||||||
int s = 0;
|
|
||||||
@@ -90,24 +84,66 @@ static size_t aes_p10_gcm_crypt(const unsigned char *in, unsigned char *out, siz
|
|
||||||
return ndone;
|
|
||||||
}
|
|
||||||
|
|
||||||
-size_t ppc_aes_gcm_encrypt_wrap(const unsigned char *in, unsigned char *out, size_t len,
|
|
||||||
- const void *key, unsigned char ivec[16], u64 *Xi)
|
|
||||||
-{
|
|
||||||
- return aes_p10_gcm_crypt(in, out, len, key, ivec, Xi, 1);
|
|
||||||
-}
|
|
||||||
-
|
|
||||||
-size_t ppc_aes_gcm_decrypt_wrap(const unsigned char *in, unsigned char *out, size_t len,
|
|
||||||
- const void *key, unsigned char ivec[16], u64 *Xi)
|
|
||||||
+static int ppc_aes_gcm_cipher_update(PROV_GCM_CTX *ctx, const unsigned char *in,
|
|
||||||
+ size_t len, unsigned char *out)
|
|
||||||
{
|
|
||||||
- return aes_p10_gcm_crypt(in, out, len, key, ivec, Xi, 0);
|
|
||||||
+ if (ctx->enc) {
|
|
||||||
+ if (ctx->ctr != NULL) {
|
|
||||||
+ size_t bulk = 0;
|
|
||||||
+
|
|
||||||
+ if (len >= AES_GCM_ENC_BYTES && AES_GCM_ASM_PPC(ctx)) {
|
|
||||||
+ size_t res = (16 - ctx->gcm.mres) % 16;
|
|
||||||
+
|
|
||||||
+ if (CRYPTO_gcm128_encrypt(&ctx->gcm, in, out, res))
|
|
||||||
+ return 0;
|
|
||||||
+
|
|
||||||
+ bulk = ppc_aes_gcm_crypt(in + res, out + res, len - res,
|
|
||||||
+ ctx->gcm.key,
|
|
||||||
+ ctx->gcm.Yi.c, ctx->gcm.Xi.u, 1);
|
|
||||||
+
|
|
||||||
+ ctx->gcm.len.u[1] += bulk;
|
|
||||||
+ bulk += res;
|
|
||||||
+ }
|
|
||||||
+ if (CRYPTO_gcm128_encrypt_ctr32(&ctx->gcm, in + bulk, out + bulk,
|
|
||||||
+ len - bulk, ctx->ctr))
|
|
||||||
+ return 0;
|
|
||||||
+ } else {
|
|
||||||
+ if (CRYPTO_gcm128_encrypt(&ctx->gcm, in, out, len))
|
|
||||||
+ return 0;
|
|
||||||
+ }
|
|
||||||
+ } else {
|
|
||||||
+ if (ctx->ctr != NULL) {
|
|
||||||
+ size_t bulk = 0;
|
|
||||||
+
|
|
||||||
+ if (len >= AES_GCM_DEC_BYTES && AES_GCM_ASM_PPC(ctx)) {
|
|
||||||
+ size_t res = (16 - ctx->gcm.mres) % 16;
|
|
||||||
+
|
|
||||||
+ if (CRYPTO_gcm128_decrypt(&ctx->gcm, in, out, res))
|
|
||||||
+ return -1;
|
|
||||||
+
|
|
||||||
+ bulk = ppc_aes_gcm_crypt(in + res, out + res, len - res,
|
|
||||||
+ ctx->gcm.key,
|
|
||||||
+ ctx->gcm.Yi.c, ctx->gcm.Xi.u, 0);
|
|
||||||
+
|
|
||||||
+ ctx->gcm.len.u[1] += bulk;
|
|
||||||
+ bulk += res;
|
|
||||||
+ }
|
|
||||||
+ if (CRYPTO_gcm128_decrypt_ctr32(&ctx->gcm, in + bulk, out + bulk,
|
|
||||||
+ len - bulk, ctx->ctr))
|
|
||||||
+ return 0;
|
|
||||||
+ } else {
|
|
||||||
+ if (CRYPTO_gcm128_decrypt(&ctx->gcm, in, out, len))
|
|
||||||
+ return 0;
|
|
||||||
+ }
|
|
||||||
+ }
|
|
||||||
+ return 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
-
|
|
||||||
static const PROV_GCM_HW aes_ppc_gcm = {
|
|
||||||
aes_ppc_gcm_initkey,
|
|
||||||
ossl_gcm_setiv,
|
|
||||||
ossl_gcm_aad_update,
|
|
||||||
- generic_aes_gcm_cipher_update,
|
|
||||||
+ ppc_aes_gcm_cipher_update,
|
|
||||||
ossl_gcm_cipher_final,
|
|
||||||
ossl_gcm_one_shot
|
|
||||||
};
|
|
||||||
--
|
|
||||||
2.37.3
|
|
||||||
|
|
File diff suppressed because it is too large
Load Diff
98
openssl.spec
98
openssl.spec
@ -28,13 +28,13 @@ print(string.sub(hash, 0, 16))
|
|||||||
|
|
||||||
Summary: Utilities from the general purpose cryptography library with TLS implementation
|
Summary: Utilities from the general purpose cryptography library with TLS implementation
|
||||||
Name: openssl
|
Name: openssl
|
||||||
Version: 3.0.8
|
Version: 3.0.5
|
||||||
Release: 1%{?dist}
|
Release: 3%{?dist}
|
||||||
Epoch: 1
|
Epoch: 1
|
||||||
# We have to remove certain patented algorithms from the openssl source
|
# We have to remove certain patented algorithms from the openssl source
|
||||||
# tarball with the hobble-openssl script which is included below.
|
# tarball with the hobble-openssl script which is included below.
|
||||||
# The original openssl upstream tarball cannot be shipped in the .src.rpm.
|
# The original openssl upstream tarball cannot be shipped in the .src.rpm.
|
||||||
Source: openssl-%{version}-hobbled.tar.gz
|
Source: openssl-%{version}-hobbled.tar.xz
|
||||||
Source1: hobble-openssl
|
Source1: hobble-openssl
|
||||||
Source2: Makefile.certificate
|
Source2: Makefile.certificate
|
||||||
Source3: genpatches
|
Source3: genpatches
|
||||||
@ -71,6 +71,12 @@ Patch11: 0011-Remove-EC-curves.patch
|
|||||||
# Disable explicit EC curves
|
# Disable explicit EC curves
|
||||||
# https://bugzilla.redhat.com/show_bug.cgi?id=2066412
|
# https://bugzilla.redhat.com/show_bug.cgi?id=2066412
|
||||||
Patch12: 0012-Disable-explicit-ec.patch
|
Patch12: 0012-Disable-explicit-ec.patch
|
||||||
|
# https://github.com/openssl/openssl/pull/17981
|
||||||
|
# Patch13: 0013-FIPS-provider-explicit-ec.patch
|
||||||
|
# https://github.com/openssl/openssl/pull/17998
|
||||||
|
# Patch14: 0014-FIPS-disable-explicit-ec.patch
|
||||||
|
# https://github.com/openssl/openssl/pull/18609
|
||||||
|
# Patch15: 0015-FIPS-decoded-from-explicit.patch
|
||||||
# Instructions to load legacy provider in openssl.cnf
|
# Instructions to load legacy provider in openssl.cnf
|
||||||
Patch24: 0024-load-legacy-prov.patch
|
Patch24: 0024-load-legacy-prov.patch
|
||||||
# Tmp: test name change
|
# Tmp: test name change
|
||||||
@ -87,8 +93,12 @@ Patch35: 0035-speed-skip-unavailable-dgst.patch
|
|||||||
Patch44: 0044-FIPS-140-3-keychecks.patch
|
Patch44: 0044-FIPS-140-3-keychecks.patch
|
||||||
# Minimize fips services
|
# Minimize fips services
|
||||||
Patch45: 0045-FIPS-services-minimize.patch
|
Patch45: 0045-FIPS-services-minimize.patch
|
||||||
|
# Backport of s390x hardening, https://github.com/openssl/openssl/pull/17486
|
||||||
|
# Patch46: 0046-FIPS-s390x-hardening.patch
|
||||||
# Execute KATS before HMAC verification
|
# Execute KATS before HMAC verification
|
||||||
Patch47: 0047-FIPS-early-KATS.patch
|
Patch47: 0047-FIPS-early-KATS.patch
|
||||||
|
# Backport of correctly handle 2^14 byte long records #17538
|
||||||
|
# Patch48: 0048-correctly-handle-records.patch
|
||||||
%if 0%{?rhel}
|
%if 0%{?rhel}
|
||||||
# Selectively disallow SHA1 signatures
|
# Selectively disallow SHA1 signatures
|
||||||
Patch49: 0049-Selectively-disallow-SHA1-signatures.patch
|
Patch49: 0049-Selectively-disallow-SHA1-signatures.patch
|
||||||
@ -111,6 +121,10 @@ Patch52: 0052-Allow-SHA1-in-seclevel-1-if-rh-allow-sha1-signatures.patch
|
|||||||
# Instrument with USDT probes related to SHA-1 deprecation
|
# Instrument with USDT probes related to SHA-1 deprecation
|
||||||
Patch53: 0053-Add-SHA1-probes.patch
|
Patch53: 0053-Add-SHA1-probes.patch
|
||||||
%endif
|
%endif
|
||||||
|
# https://bugzilla.redhat.com/show_bug.cgi?id=2004915, backport of 2c0f7d46b8449423446cfe1e52fc1e1ecd506b62
|
||||||
|
# Patch54: 0054-Replace-size-check-with-more-meaningful-pubkey-check.patch
|
||||||
|
# https://github.com/openssl/openssl/pull/17324
|
||||||
|
# Patch55: 0055-nonlegacy-fetch-null-deref.patch
|
||||||
# https://github.com/openssl/openssl/pull/18103
|
# https://github.com/openssl/openssl/pull/18103
|
||||||
# The patch is incorporated in 3.0.3 but we provide this function since 3.0.1
|
# The patch is incorporated in 3.0.3 but we provide this function since 3.0.1
|
||||||
# so the patch should persist
|
# so the patch should persist
|
||||||
@ -124,9 +138,27 @@ Patch60: 0060-FIPS-KAT-signature-tests.patch
|
|||||||
# https://bugzilla.redhat.com/show_bug.cgi?id=2087147
|
# https://bugzilla.redhat.com/show_bug.cgi?id=2087147
|
||||||
Patch61: 0061-Deny-SHA-1-signature-verification-in-FIPS-provider.patch
|
Patch61: 0061-Deny-SHA-1-signature-verification-in-FIPS-provider.patch
|
||||||
Patch62: 0062-fips-Expose-a-FIPS-indicator.patch
|
Patch62: 0062-fips-Expose-a-FIPS-indicator.patch
|
||||||
|
# https://github.com/openssl/openssl/pull/18141
|
||||||
|
# Patch63: 0063-CVE-2022-1473.patch
|
||||||
|
# upstream commits 55c80c222293a972587004c185dc5653ae207a0e 2eda98790c5c2741d76d23cc1e74b0dc4f4b391a
|
||||||
|
# Patch64: 0064-CVE-2022-1343.diff
|
||||||
|
# upstream commit 1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2
|
||||||
|
# Patch65: 0065-CVE-2022-1292.patch
|
||||||
|
# https://github.com/openssl/openssl/pull/18444
|
||||||
|
# https://github.com/openssl/openssl/pull/18467
|
||||||
|
# Patch66: 0066-replace-expired-certs.patch
|
||||||
|
# https://github.com/openssl/openssl/pull/18512
|
||||||
|
# Patch67: 0067-fix-ppc64-montgomery.patch
|
||||||
|
#https://github.com/openssl/openssl/commit/2c9c35870601b4a44d86ddbf512b38df38285cfa
|
||||||
|
#https://github.com/openssl/openssl/commit/8a3579a7b7067a983e69a4eda839ac408c120739
|
||||||
|
# Patch68: 0068-CVE-2022-2068.patch
|
||||||
|
# https://github.com/openssl/openssl/commit/a98f339ddd7e8f487d6e0088d4a9a42324885a93
|
||||||
|
# https://github.com/openssl/openssl/commit/52d50d52c2f1f4b70d37696bfa74fe5e581e7ba8
|
||||||
|
# Patch69: 0069-CVE-2022-2097.patch
|
||||||
|
# https://github.com/openssl/openssl/commit/edceec7fe0c9a5534ae155c8398c63dd7dd95483
|
||||||
|
# Patch70: 0070-EVP_PKEY_Q_keygen-Call-OPENSSL_init_crypto-to-init-s.patch
|
||||||
# https://github.com/openssl/openssl/commit/44a563dde1584cd9284e80b6e45ee5019be8d36c
|
# https://github.com/openssl/openssl/commit/44a563dde1584cd9284e80b6e45ee5019be8d36c
|
||||||
# https://github.com/openssl/openssl/commit/345c99b6654b8313c792d54f829943068911ddbd
|
# https://github.com/openssl/openssl/commit/345c99b6654b8313c792d54f829943068911ddbd
|
||||||
# Regression on Power8, see rhbz2124845, https://github.com/openssl/openssl/issues/19163; fix in 0079-Fix-AES-GCM-on-Power-8-CPUs.patch
|
|
||||||
Patch71: 0071-AES-GCM-performance-optimization.patch
|
Patch71: 0071-AES-GCM-performance-optimization.patch
|
||||||
# https://github.com/openssl/openssl/commit/f596bbe4da779b56eea34d96168b557d78e1149
|
# https://github.com/openssl/openssl/commit/f596bbe4da779b56eea34d96168b557d78e1149
|
||||||
# https://github.com/openssl/openssl/commit/7e1f3ffcc5bc15fb9a12b9e3bb202f544c6ed5aa
|
# https://github.com/openssl/openssl/commit/7e1f3ffcc5bc15fb9a12b9e3bb202f544c6ed5aa
|
||||||
@ -135,11 +167,7 @@ Patch72: 0072-ChaCha20-performance-optimizations-for-ppc64le.patch
|
|||||||
# https://bugzilla.redhat.com/show_bug.cgi?id=2102535
|
# https://bugzilla.redhat.com/show_bug.cgi?id=2102535
|
||||||
Patch73: 0073-FIPS-Use-OAEP-in-KATs-support-fixed-OAEP-seed.patch
|
Patch73: 0073-FIPS-Use-OAEP-in-KATs-support-fixed-OAEP-seed.patch
|
||||||
# https://bugzilla.redhat.com/show_bug.cgi?id=2102535
|
# https://bugzilla.redhat.com/show_bug.cgi?id=2102535
|
||||||
%if 0%{?rhel}
|
|
||||||
Patch74: 0074-FIPS-Use-digest_sign-digest_verify-in-self-test-eln.patch
|
|
||||||
%else
|
|
||||||
Patch74: 0074-FIPS-Use-digest_sign-digest_verify-in-self-test.patch
|
Patch74: 0074-FIPS-Use-digest_sign-digest_verify-in-self-test.patch
|
||||||
%endif
|
|
||||||
# https://bugzilla.redhat.com/show_bug.cgi?id=2102535
|
# https://bugzilla.redhat.com/show_bug.cgi?id=2102535
|
||||||
Patch75: 0075-FIPS-Use-FFDHE2048-in-self-test.patch
|
Patch75: 0075-FIPS-Use-FFDHE2048-in-self-test.patch
|
||||||
# Downstream only. Reseed DRBG using getrandom(GRND_RANDOM)
|
# Downstream only. Reseed DRBG using getrandom(GRND_RANDOM)
|
||||||
@ -149,10 +177,6 @@ Patch76: 0076-FIPS-140-3-DRBG.patch
|
|||||||
Patch77: 0077-FIPS-140-3-zeroization.patch
|
Patch77: 0077-FIPS-140-3-zeroization.patch
|
||||||
# https://bugzilla.redhat.com/show_bug.cgi?id=2114772
|
# https://bugzilla.redhat.com/show_bug.cgi?id=2114772
|
||||||
Patch78: 0078-Add-FIPS-indicator-parameter-to-HKDF.patch
|
Patch78: 0078-Add-FIPS-indicator-parameter-to-HKDF.patch
|
||||||
# https://bugzilla.redhat.com/show_bug.cgi?id=2124845, https://github.com/openssl/openssl/pull/19182
|
|
||||||
Patch79: 0079-Fix-AES-GCM-on-Power-8-CPUs.patch
|
|
||||||
# https://github.com/openssl/openssl/pull/13817
|
|
||||||
Patch100: 0100-RSA-PKCS15-implicit-rejection.patch
|
|
||||||
|
|
||||||
License: ASL 2.0
|
License: ASL 2.0
|
||||||
URL: http://www.openssl.org/
|
URL: http://www.openssl.org/
|
||||||
@ -301,8 +325,7 @@ export HASHBANGPERL=/usr/bin/perl
|
|||||||
zlib enable-camellia enable-seed enable-rfc3779 enable-sctp \
|
zlib enable-camellia enable-seed enable-rfc3779 enable-sctp \
|
||||||
enable-cms enable-md2 enable-rc5 ${ktlsopt} enable-fips\
|
enable-cms enable-md2 enable-rc5 ${ktlsopt} enable-fips\
|
||||||
no-mdc2 no-ec2m no-sm2 no-sm4 enable-buildtest-c++\
|
no-mdc2 no-ec2m no-sm2 no-sm4 enable-buildtest-c++\
|
||||||
shared ${sslarch} $RPM_OPT_FLAGS '-DDEVRANDOM="\"/dev/urandom\"" -DREDHAT_FIPS_VERSION="\"%{fips}\""'\
|
shared ${sslarch} $RPM_OPT_FLAGS '-DDEVRANDOM="\"/dev/urandom\"" -DREDHAT_FIPS_VERSION="\"%{fips}\""'
|
||||||
-Wl,--allow-multiple-definition
|
|
||||||
|
|
||||||
# Do not run this in a production package the FIPS symbols must be patched-in
|
# Do not run this in a production package the FIPS symbols must be patched-in
|
||||||
#util/mkdef.pl crypto update
|
#util/mkdef.pl crypto update
|
||||||
@ -491,55 +514,10 @@ install -m644 %{SOURCE9} \
|
|||||||
%ldconfig_scriptlets libs
|
%ldconfig_scriptlets libs
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
* Thu Feb 09 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.8-1
|
|
||||||
- Rebase to upstream version 3.0.8
|
|
||||||
Resolves: CVE-2022-4203
|
|
||||||
Resolves: CVE-2022-4304
|
|
||||||
Resolves: CVE-2022-4450
|
|
||||||
Resolves: CVE-2023-0215
|
|
||||||
Resolves: CVE-2023-0216
|
|
||||||
Resolves: CVE-2023-0217
|
|
||||||
Resolves: CVE-2023-0286
|
|
||||||
Resolves: CVE-2023-0401
|
|
||||||
|
|
||||||
* Thu Jan 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1:3.0.7-4
|
|
||||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
|
|
||||||
|
|
||||||
* Thu Jan 05 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.7-3
|
|
||||||
- Backport implicit rejection for RSA PKCS#1 v1.5 encryption
|
|
||||||
Resolves: rhbz#2153470
|
|
||||||
|
|
||||||
* Thu Jan 05 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.7-2
|
|
||||||
- Refactor embedded mac verification in FIPS module
|
|
||||||
Resolves: rhbz#2156045
|
|
||||||
|
|
||||||
* Fri Dec 23 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.7-1
|
|
||||||
- Rebase to upstream version 3.0.7
|
|
||||||
- C99 compatibility in downstream-only 0032-Force-fips.patch
|
|
||||||
Resolves: rhbz#2152504
|
|
||||||
- Adjusting include for the FIPS_mode macro
|
|
||||||
Resolves: rhbz#2083876
|
|
||||||
|
|
||||||
* Wed Nov 16 2022 Simo sorce <simo@redhat.com> - 1:3.0.5-7
|
|
||||||
- Backport patches to fix external providers compatibility issues
|
|
||||||
|
|
||||||
* Tue Nov 01 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.5-6
|
|
||||||
- CVE-2022-3602: X.509 Email Address Buffer Overflow
|
|
||||||
- CVE-2022-3786: X.509 Email Address Buffer Overflow
|
|
||||||
Resolves: CVE-2022-3602
|
|
||||||
Resolves: CVE-2022-3786
|
|
||||||
|
|
||||||
* Mon Sep 12 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.5-5
|
|
||||||
- Update patches to make ELN build happy
|
|
||||||
Resolves: rhbz#2123755
|
|
||||||
|
|
||||||
* Fri Sep 09 2022 Clemens Lang <cllang@redhat.com> - 1:3.0.5-4
|
|
||||||
- Fix AES-GCM on Power 8 CPUs
|
|
||||||
Resolves: rhbz#2124845
|
|
||||||
|
|
||||||
* Thu Sep 01 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.5-3
|
* Thu Sep 01 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.5-3
|
||||||
- Sync patches with RHEL
|
- Sync patches with RHEL
|
||||||
Related: rhbz#2123755
|
Related: rhbz#2123755
|
||||||
|
|
||||||
* Fri Jul 22 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1:3.0.5-2
|
* Fri Jul 22 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1:3.0.5-2
|
||||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
|
||||||
|
|
||||||
|
2
sources
2
sources
@ -1 +1 @@
|
|||||||
SHA512 (openssl-3.0.8-hobbled.tar.gz) = 42f2a59aa8c39c21b66b528329ace126b870f6d7c3a1da2f2ee18ab875923c5bcf3d9046f884201556799a8ab1d915112a1f124cfaf1ab77b2eac834d1f88c60
|
SHA512 (openssl-3.0.5-hobbled.tar.xz) = 2f5531d46a905af8d36bf81c18fa34ccc86f5bd66e6e4227bb17e2f926ef14f78057ab60cd9d55bb9d1bad3d5b56a71170e4a86708fd8352324db2e0747142cf
|
||||||
|
Loading…
Reference in New Issue
Block a user