Compare commits
23 Commits
510d152776
...
c600b7d07d
Author | SHA1 | Date |
---|---|---|
David Abdurachmanov | c600b7d07d | |
David Abdurachmanov | a5176fa215 | |
Sahana Prasad | e331fc1326 | |
Dmitry Belyavskiy | 5c67b5adc3 | |
Dmitry Belyavskiy | e52367af47 | |
Dmitry Belyavskiy | c73a6ab930 | |
Sahana Prasad | 1eb7adc383 | |
Sahana Prasad | 9409bc7044 | |
Dmitry Belyavskiy | 2b0eda88de | |
Fedora Release Engineering | 7e9699e170 | |
Peter Leitmann | 979cb8a57b | |
Sahana Prasad | 477bb5e652 | |
Stephen Gallagher | e198b69ab5 | |
Stephen Gallagher | 167e0dd694 | |
Dmitry Belyavskiy | 194ef7464a | |
Fedora Release Engineering | 02d85d00af | |
Dmitry Belyavskiy | 9ce9458604 | |
Dmitry Belyavskiy | 500ad3d300 | |
Dmitry Belyavskiy | 106fe8964c | |
Simo Sorce | e9a0511933 | |
Dmitry Belyavskiy | f7a2c68257 | |
Dmitry Belyavskiy | b5f6fd8216 | |
Clemens Lang | d54aeb5a0f |
|
@ -0,0 +1 @@
|
|||
1
|
|
@ -1,6 +1,5 @@
|
|||
.build*.log
|
||||
clog
|
||||
000*.patch
|
||||
*.src.rpm
|
||||
openssl-1.0.0a-usa.tar.bz2
|
||||
/openssl-1.0.0b-usa.tar.bz2
|
||||
|
@ -56,3 +55,8 @@ openssl-1.0.0a-usa.tar.bz2
|
|||
/openssl-3.0.2-hobbled.tar.gz
|
||||
/openssl-3.0.3-hobbled.tar.gz
|
||||
/openssl-3.0.5-hobbled.tar.xz
|
||||
/openssl-3.0.7-hobbled.tar.gz
|
||||
/openssl-3.0.8-hobbled.tar.gz
|
||||
/openssl-3.0.8.tar.gz
|
||||
/openssl-3.1.1.tar.gz
|
||||
/openssl-3.1.4.tar.gz
|
||||
|
|
|
@ -1,18 +1,22 @@
|
|||
From 3d5755df8d09ca841c0aca2d7344db060f6cc97f Mon Sep 17 00:00:00 2001
|
||||
From: Tomas Mraz <tmraz@fedoraproject.org>
|
||||
Date: Thu, 24 Sep 2020 09:05:55 +0200
|
||||
Subject: Do not install html docs
|
||||
From a3e7963320ba44e96a60b389fccb8e1cccc30674 Mon Sep 17 00:00:00 2001
|
||||
From: rpm-build <rpm-build>
|
||||
Date: Thu, 19 Oct 2023 13:12:39 +0200
|
||||
Subject: [PATCH 03/46] 0003-Do-not-install-html-docs.patch
|
||||
|
||||
(was openssl-1.1.1-no-html.patch)
|
||||
Patch-name: 0003-Do-not-install-html-docs.patch
|
||||
Patch-id: 3
|
||||
Patch-status: |
|
||||
# # Do not install html docs
|
||||
From-dist-git-commit: 5c67b5adc311af297f425c09e3e1ac7ca8483911
|
||||
---
|
||||
Configurations/unix-Makefile.tmpl | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/Configurations/unix-Makefile.tmpl b/Configurations/unix-Makefile.tmpl
|
||||
index 342e46d24d..9f369edf0e 100644
|
||||
index a48fae5fb8..56b42926e7 100644
|
||||
--- a/Configurations/unix-Makefile.tmpl
|
||||
+++ b/Configurations/unix-Makefile.tmpl
|
||||
@@ -554,7 +554,7 @@ install_sw: install_dev install_engines install_modules install_runtime
|
||||
@@ -611,7 +611,7 @@ install_sw: install_dev install_engines install_modules install_runtime
|
||||
|
||||
uninstall_sw: uninstall_runtime uninstall_modules uninstall_engines uninstall_dev
|
||||
|
||||
|
@ -20,7 +24,7 @@ index 342e46d24d..9f369edf0e 100644
|
|||
+install_docs: install_man_docs
|
||||
|
||||
uninstall_docs: uninstall_man_docs uninstall_html_docs
|
||||
$(RM) -r $(DESTDIR)$(DOCDIR)
|
||||
$(RM) -r "$(DESTDIR)$(DOCDIR)"
|
||||
--
|
||||
2.26.2
|
||||
2.41.0
|
||||
|
||||
|
|
|
@ -1,21 +1,21 @@
|
|||
From 6790960076742a9053c624e26fbb87fcd5789e27 Mon Sep 17 00:00:00 2001
|
||||
From: Tomas Mraz <tmraz@fedoraproject.org>
|
||||
Date: Thu, 24 Sep 2020 09:17:26 +0200
|
||||
Subject: Override default paths for the CA directory tree
|
||||
From 7a65ee33793fa8a28c0dfc94e6872ce92f408b15 Mon Sep 17 00:00:00 2001
|
||||
From: rpm-build <rpm-build>
|
||||
Date: Mon, 31 Jul 2023 09:41:27 +0200
|
||||
Subject: [PATCH 04/35]
|
||||
0004-Override-default-paths-for-the-CA-directory-tree.patch
|
||||
|
||||
Also add default section to load crypto-policies configuration
|
||||
for TLS.
|
||||
|
||||
It needs to be reverted before running tests.
|
||||
|
||||
(was openssl-1.1.1-conf-paths.patch)
|
||||
Patch-name: 0004-Override-default-paths-for-the-CA-directory-tree.patch
|
||||
Patch-id: 4
|
||||
Patch-status: |
|
||||
# Override default paths for the CA directory tree
|
||||
From-dist-git-commit: 9409bc7044cf4b5773639cce20f51399888c45fd
|
||||
---
|
||||
apps/CA.pl.in | 2 +-
|
||||
apps/openssl.cnf | 20 ++++++++++++++++++--
|
||||
2 files changed, 19 insertions(+), 3 deletions(-)
|
||||
apps/openssl.cnf | 13 +++++++++++--
|
||||
2 files changed, 12 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/apps/CA.pl.in b/apps/CA.pl.in
|
||||
index c0afb96716..d6a5fabd16 100644
|
||||
index f029470005..729f104a7e 100644
|
||||
--- a/apps/CA.pl.in
|
||||
+++ b/apps/CA.pl.in
|
||||
@@ -29,7 +29,7 @@ my $X509 = "$openssl x509";
|
||||
|
@ -27,10 +27,11 @@ index c0afb96716..d6a5fabd16 100644
|
|||
my $CAKEY = "cakey.pem";
|
||||
my $CAREQ = "careq.pem";
|
||||
my $CACERT = "cacert.pem";
|
||||
diff -up openssl-3.0.0-alpha16/apps/openssl.cnf.default-tls openssl-3.0.0-alpha16/apps/openssl.cnf
|
||||
--- openssl-3.0.0-alpha16/apps/openssl.cnf.default-tls 2021-07-06 13:41:39.204978272 +0200
|
||||
+++ openssl-3.0.0-alpha16/apps/openssl.cnf 2021-07-06 13:49:50.362857683 +0200
|
||||
@@ -53,6 +53,8 @@ tsa_policy3 = 1.2.3.4.5.7
|
||||
diff --git a/apps/openssl.cnf b/apps/openssl.cnf
|
||||
index 8141ab20cd..3956235fda 100644
|
||||
--- a/apps/openssl.cnf
|
||||
+++ b/apps/openssl.cnf
|
||||
@@ -52,6 +52,8 @@ tsa_policy3 = 1.2.3.4.5.7
|
||||
|
||||
[openssl_init]
|
||||
providers = provider_sect
|
||||
|
@ -39,7 +40,7 @@ diff -up openssl-3.0.0-alpha16/apps/openssl.cnf.default-tls openssl-3.0.0-alpha1
|
|||
|
||||
# List of providers to load
|
||||
[provider_sect]
|
||||
@@ -64,6 +66,13 @@ default = default_sect
|
||||
@@ -71,6 +73,13 @@ default = default_sect
|
||||
[default_sect]
|
||||
# activate = 1
|
||||
|
||||
|
@ -53,7 +54,7 @@ diff -up openssl-3.0.0-alpha16/apps/openssl.cnf.default-tls openssl-3.0.0-alpha1
|
|||
|
||||
####################################################################
|
||||
[ ca ]
|
||||
@@ -72,7 +81,7 @@ default_ca = CA_default # The default c
|
||||
@@ -79,7 +88,7 @@ default_ca = CA_default # The default ca section
|
||||
####################################################################
|
||||
[ CA_default ]
|
||||
|
||||
|
@ -62,7 +63,7 @@ diff -up openssl-3.0.0-alpha16/apps/openssl.cnf.default-tls openssl-3.0.0-alpha1
|
|||
certs = $dir/certs # Where the issued certs are kept
|
||||
crl_dir = $dir/crl # Where the issued crl are kept
|
||||
database = $dir/index.txt # database index file.
|
||||
@@ -304,7 +313,7 @@ default_tsa = tsa_config1 # the default
|
||||
@@ -311,7 +320,7 @@ default_tsa = tsa_config1 # the default TSA section
|
||||
[ tsa_config1 ]
|
||||
|
||||
# These are used by the TSA reply generation only.
|
||||
|
@ -71,3 +72,6 @@ diff -up openssl-3.0.0-alpha16/apps/openssl.cnf.default-tls openssl-3.0.0-alpha1
|
|||
serial = $dir/tsaserial # The current serial number (mandatory)
|
||||
crypto_device = builtin # OpenSSL engine to use for signing
|
||||
signer_cert = $dir/tsacert.pem # The TSA signing certificate
|
||||
--
|
||||
2.41.0
|
||||
|
||||
|
|
|
@ -1,25 +1,30 @@
|
|||
From 736d709ec194b3a763e004696df22792c62a11fc Mon Sep 17 00:00:00 2001
|
||||
From: Tomas Mraz <tmraz@fedoraproject.org>
|
||||
Date: Thu, 24 Sep 2020 10:16:46 +0200
|
||||
Subject: Add support for PROFILE=SYSTEM system default cipherlist
|
||||
From 66b728801f141c9db8e647ab02421c83694ade79 Mon Sep 17 00:00:00 2001
|
||||
From: rpm-build <rpm-build>
|
||||
Date: Mon, 31 Jul 2023 09:41:27 +0200
|
||||
Subject: [PATCH 07/35]
|
||||
0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch
|
||||
|
||||
(was openssl-1.1.1-system-cipherlist.patch)
|
||||
Patch-name: 0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch
|
||||
Patch-id: 7
|
||||
Patch-status: |
|
||||
# Add support for PROFILE=SYSTEM system default cipherlist
|
||||
From-dist-git-commit: 9409bc7044cf4b5773639cce20f51399888c45fd
|
||||
---
|
||||
Configurations/unix-Makefile.tmpl | 5 ++
|
||||
Configure | 10 +++-
|
||||
Configure | 11 +++-
|
||||
doc/man1/openssl-ciphers.pod.in | 9 ++++
|
||||
include/openssl/ssl.h.in | 5 ++
|
||||
ssl/ssl_ciph.c | 88 +++++++++++++++++++++++++++----
|
||||
ssl/ssl_ciph.c | 87 +++++++++++++++++++++++++++----
|
||||
ssl/ssl_lib.c | 4 +-
|
||||
test/cipherlist_test.c | 2 +
|
||||
util/libcrypto.num | 1 +
|
||||
8 files changed, 110 insertions(+), 14 deletions(-)
|
||||
|
||||
diff --git a/Configurations/unix-Makefile.tmpl b/Configurations/unix-Makefile.tmpl
|
||||
index 9f369edf0e..c52389f831 100644
|
||||
index f29cdc7f38..c0df026de3 100644
|
||||
--- a/Configurations/unix-Makefile.tmpl
|
||||
+++ b/Configurations/unix-Makefile.tmpl
|
||||
@@ -269,6 +269,10 @@ MANDIR=$(INSTALLTOP)/share/man
|
||||
@@ -315,6 +315,10 @@ MANDIR=$(INSTALLTOP)/share/man
|
||||
DOCDIR=$(INSTALLTOP)/share/doc/$(BASENAME)
|
||||
HTMLDIR=$(DOCDIR)/html
|
||||
|
||||
|
@ -30,7 +35,7 @@ index 9f369edf0e..c52389f831 100644
|
|||
# MANSUFFIX is for the benefit of anyone who may want to have a suffix
|
||||
# appended after the manpage file section number. "ssl" is popular,
|
||||
# resulting in files such as config.5ssl rather than config.5.
|
||||
@@ -292,6 +296,7 @@ CC=$(CROSS_COMPILE){- $config{CC} -}
|
||||
@@ -338,6 +342,7 @@ CC=$(CROSS_COMPILE){- $config{CC} -}
|
||||
CXX={- $config{CXX} ? "\$(CROSS_COMPILE)$config{CXX}" : '' -}
|
||||
CPPFLAGS={- our $cppflags1 = join(" ",
|
||||
(map { "-D".$_} @{$config{CPPDEFINES}}),
|
||||
|
@ -38,11 +43,54 @@ index 9f369edf0e..c52389f831 100644
|
|||
(map { "-I".$_} @{$config{CPPINCLUDES}}),
|
||||
@{$config{CPPFLAGS}}) -}
|
||||
CFLAGS={- join(' ', @{$config{CFLAGS}}) -}
|
||||
diff --git a/Configure b/Configure
|
||||
index 456995240b..93be83be94 100755
|
||||
--- a/Configure
|
||||
+++ b/Configure
|
||||
@@ -27,7 +27,7 @@ use OpenSSL::config;
|
||||
my $orig_death_handler = $SIG{__DIE__};
|
||||
$SIG{__DIE__} = \&death_handler;
|
||||
|
||||
-my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-egd] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--config=FILE] os/compiler[:flags]\n";
|
||||
+my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-egd] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--system-ciphers-file=SYSTEMCIPHERFILE] [--with-xxx[=vvv]] [--config=FILE] os/compiler[:flags]\n";
|
||||
|
||||
my $banner = <<"EOF";
|
||||
|
||||
@@ -61,6 +61,10 @@ EOF
|
||||
# given with --prefix.
|
||||
# This becomes the value of OPENSSLDIR in Makefile and in C.
|
||||
# (Default: PREFIX/ssl)
|
||||
+#
|
||||
+# --system-ciphers-file A file to read cipher string from when the PROFILE=SYSTEM
|
||||
+# cipher is specified (default).
|
||||
+#
|
||||
# --banner=".." Output specified text instead of default completion banner
|
||||
#
|
||||
# -w Don't wait after showing a Configure warning
|
||||
@@ -387,6 +391,7 @@ $config{prefix}="";
|
||||
$config{openssldir}="";
|
||||
$config{processor}="";
|
||||
$config{libdir}="";
|
||||
+$config{system_ciphers_file}="";
|
||||
my $auto_threads=1; # enable threads automatically? true by default
|
||||
my $default_ranlib;
|
||||
|
||||
@@ -989,6 +994,10 @@ while (@argvcopy)
|
||||
die "FIPS key too long (64 bytes max)\n"
|
||||
if length $1 > 64;
|
||||
}
|
||||
+ elsif (/^--system-ciphers-file=(.*)$/)
|
||||
+ {
|
||||
+ $config{system_ciphers_file}=$1;
|
||||
+ }
|
||||
elsif (/^--banner=(.*)$/)
|
||||
{
|
||||
$banner = $1 . "\n";
|
||||
diff --git a/doc/man1/openssl-ciphers.pod.in b/doc/man1/openssl-ciphers.pod.in
|
||||
index b4ed3e51d5..2122e6bdfd 100644
|
||||
index 658730ec53..04e66bcebe 100644
|
||||
--- a/doc/man1/openssl-ciphers.pod.in
|
||||
+++ b/doc/man1/openssl-ciphers.pod.in
|
||||
@@ -187,6 +187,15 @@ As of OpenSSL 1.0.0, the B<ALL> cipher suites are sensibly ordered by default.
|
||||
@@ -186,6 +186,15 @@ As of OpenSSL 1.0.0, the B<ALL> cipher suites are sensibly ordered by default.
|
||||
|
||||
The cipher suites not enabled by B<ALL>, currently B<eNULL>.
|
||||
|
||||
|
@ -59,10 +107,10 @@ index b4ed3e51d5..2122e6bdfd 100644
|
|||
|
||||
"High" encryption cipher suites. This currently means those with key lengths
|
||||
diff --git a/include/openssl/ssl.h.in b/include/openssl/ssl.h.in
|
||||
index f9a61609e4..c6f95fed3f 100644
|
||||
index f03f52fbd8..0b6de603e2 100644
|
||||
--- a/include/openssl/ssl.h.in
|
||||
+++ b/include/openssl/ssl.h.in
|
||||
@@ -209,6 +209,11 @@ extern "C" {
|
||||
@@ -208,6 +208,11 @@ extern "C" {
|
||||
* throwing out anonymous and unencrypted ciphersuites! (The latter are not
|
||||
* actually enabled by ALL, but "ALL:RSA" would enable some of them.)
|
||||
*/
|
||||
|
@ -75,10 +123,10 @@ index f9a61609e4..c6f95fed3f 100644
|
|||
/* Used in SSL_set_shutdown()/SSL_get_shutdown(); */
|
||||
# define SSL_SENT_SHUTDOWN 1
|
||||
diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c
|
||||
index b1d3f7919e..f7cc7fed48 100644
|
||||
index 93de9cf8fd..a5e60e8839 100644
|
||||
--- a/ssl/ssl_ciph.c
|
||||
+++ b/ssl/ssl_ciph.c
|
||||
@@ -1411,6 +1411,53 @@ int SSL_set_ciphersuites(SSL *s, const char *str)
|
||||
@@ -1443,6 +1443,53 @@ int SSL_set_ciphersuites(SSL *s, const char *str)
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
@ -132,7 +180,7 @@ index b1d3f7919e..f7cc7fed48 100644
|
|||
STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(SSL_CTX *ctx,
|
||||
STACK_OF(SSL_CIPHER) *tls13_ciphersuites,
|
||||
STACK_OF(SSL_CIPHER) **cipher_list,
|
||||
@@ -1425,15 +1472,25 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(SSL_CTX *ctx,
|
||||
@@ -1457,15 +1504,25 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(SSL_CTX *ctx,
|
||||
CIPHER_ORDER *co_list = NULL, *head = NULL, *tail = NULL, *curr;
|
||||
const SSL_CIPHER **ca_list = NULL;
|
||||
const SSL_METHOD *ssl_method = ctx->method;
|
||||
|
@ -153,14 +201,14 @@ index b1d3f7919e..f7cc7fed48 100644
|
|||
if (rule_str == NULL || cipher_list == NULL || cipher_list_by_id == NULL)
|
||||
- return NULL;
|
||||
+ goto err;
|
||||
|
||||
|
||||
if (!check_suiteb_cipher_list(ssl_method, c, &rule_str))
|
||||
- return NULL;
|
||||
+ goto err;
|
||||
|
||||
/*
|
||||
* To reduce the work to do we only want to process the compiled
|
||||
@@ -1456,7 +1513,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(SSL_CTX *ctx,
|
||||
@@ -1487,7 +1544,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(SSL_CTX *ctx,
|
||||
co_list = OPENSSL_malloc(sizeof(*co_list) * num_of_ciphers);
|
||||
if (co_list == NULL) {
|
||||
ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE);
|
||||
|
@ -169,7 +217,7 @@ index b1d3f7919e..f7cc7fed48 100644
|
|||
}
|
||||
|
||||
ssl_cipher_collect_ciphers(ssl_method, num_of_ciphers,
|
||||
@@ -1522,8 +1579,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(SSL_CTX *ctx,
|
||||
@@ -1553,8 +1610,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(SSL_CTX *ctx,
|
||||
* in force within each class
|
||||
*/
|
||||
if (!ssl_cipher_strength_sort(&head, &tail)) {
|
||||
|
@ -179,7 +227,7 @@ index b1d3f7919e..f7cc7fed48 100644
|
|||
}
|
||||
|
||||
/*
|
||||
@@ -1568,9 +1624,8 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(SSL_CTX *ctx,
|
||||
@@ -1598,9 +1654,8 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(SSL_CTX *ctx,
|
||||
num_of_alias_max = num_of_ciphers + num_of_group_aliases + 1;
|
||||
ca_list = OPENSSL_malloc(sizeof(*ca_list) * num_of_alias_max);
|
||||
if (ca_list == NULL) {
|
||||
|
@ -190,7 +238,7 @@ index b1d3f7919e..f7cc7fed48 100644
|
|||
}
|
||||
ssl_cipher_collect_aliases(ca_list, num_of_group_aliases,
|
||||
disabled_mkey, disabled_auth, disabled_enc,
|
||||
@@ -1596,8 +1651,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(SSL_CTX *ctx,
|
||||
@@ -1626,8 +1681,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(SSL_CTX *ctx,
|
||||
OPENSSL_free(ca_list); /* Not needed anymore */
|
||||
|
||||
if (!ok) { /* Rule processing failure */
|
||||
|
@ -200,7 +248,7 @@ index b1d3f7919e..f7cc7fed48 100644
|
|||
}
|
||||
|
||||
/*
|
||||
@@ -1605,10 +1659,13 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(SSL_CTX *ctx,
|
||||
@@ -1635,10 +1689,13 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(SSL_CTX *ctx,
|
||||
* if we cannot get one.
|
||||
*/
|
||||
if ((cipherstack = sk_SSL_CIPHER_new_null()) == NULL) {
|
||||
|
@ -216,7 +264,7 @@ index b1d3f7919e..f7cc7fed48 100644
|
|||
/* Add TLSv1.3 ciphers first - we always prefer those if possible */
|
||||
for (i = 0; i < sk_SSL_CIPHER_num(tls13_ciphersuites); i++) {
|
||||
const SSL_CIPHER *sslc = sk_SSL_CIPHER_value(tls13_ciphersuites, i);
|
||||
@@ -1656,6 +1714,14 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(SSL_CTX *ctx,
|
||||
@@ -1690,6 +1747,14 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(SSL_CTX *ctx,
|
||||
*cipher_list = cipherstack;
|
||||
|
||||
return cipherstack;
|
||||
|
@ -232,10 +280,10 @@ index b1d3f7919e..f7cc7fed48 100644
|
|||
|
||||
char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
|
||||
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
|
||||
index d14d5819ba..48d491219a 100644
|
||||
index f12ad6d034..a059bcd83b 100644
|
||||
--- a/ssl/ssl_lib.c
|
||||
+++ b/ssl/ssl_lib.c
|
||||
@@ -660,7 +660,7 @@ int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth)
|
||||
@@ -661,7 +661,7 @@ int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth)
|
||||
ctx->tls13_ciphersuites,
|
||||
&(ctx->cipher_list),
|
||||
&(ctx->cipher_list_by_id),
|
||||
|
@ -244,7 +292,7 @@ index d14d5819ba..48d491219a 100644
|
|||
if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0)) {
|
||||
ERR_raise(ERR_LIB_SSL, SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS);
|
||||
return 0;
|
||||
@@ -3193,7 +3193,7 @@ SSL_CTX *SSL_CTX_new_ex(OSSL_LIB_CTX *libctx, const char *propq,
|
||||
@@ -3286,7 +3286,7 @@ SSL_CTX *SSL_CTX_new_ex(OSSL_LIB_CTX *libctx, const char *propq,
|
||||
if (!ssl_create_cipher_list(ret,
|
||||
ret->tls13_ciphersuites,
|
||||
&ret->cipher_list, &ret->cipher_list_by_id,
|
||||
|
@ -254,10 +302,10 @@ index d14d5819ba..48d491219a 100644
|
|||
ERR_raise(ERR_LIB_SSL, SSL_R_LIBRARY_HAS_NO_CIPHERS);
|
||||
goto err2;
|
||||
diff --git a/test/cipherlist_test.c b/test/cipherlist_test.c
|
||||
index 380f0727fc..6922a87c30 100644
|
||||
index 2d166e2b46..4ff2aa12d6 100644
|
||||
--- a/test/cipherlist_test.c
|
||||
+++ b/test/cipherlist_test.c
|
||||
@@ -244,7 +244,9 @@ end:
|
||||
@@ -246,7 +246,9 @@ end:
|
||||
|
||||
int setup_tests(void)
|
||||
{
|
||||
|
@ -268,56 +316,14 @@ index 380f0727fc..6922a87c30 100644
|
|||
ADD_TEST(test_default_cipherlist_clear);
|
||||
return 1;
|
||||
diff --git a/util/libcrypto.num b/util/libcrypto.num
|
||||
index 404a706fab..e81fa9ec3e 100644
|
||||
index 406392a7d9..9cb8a4dda2 100644
|
||||
--- a/util/libcrypto.num
|
||||
+++ b/util/libcrypto.num
|
||||
@@ -5282,3 +5282,4 @@ OSSL_DECODER_CTX_set_input_structure ? 3_0_0 EXIST::FUNCTION:
|
||||
EVP_PKEY_CTX_get0_provider 5555 3_0_0 EXIST::FUNCTION:
|
||||
OPENSSL_strcasecmp 5556 3_0_3 EXIST::FUNCTION:
|
||||
OPENSSL_strncasecmp 5557 3_0_3 EXIST::FUNCTION:
|
||||
@@ -5435,3 +5435,4 @@ EVP_MD_CTX_dup 5562 3_1_0 EXIST::FUNCTION:
|
||||
EVP_CIPHER_CTX_dup 5563 3_1_0 EXIST::FUNCTION:
|
||||
BN_are_coprime 5564 3_1_0 EXIST::FUNCTION:
|
||||
OSSL_CMP_MSG_update_recipNonce 5565 3_0_9 EXIST::FUNCTION:CMP
|
||||
+ossl_safe_getenv ? 3_0_0 EXIST::FUNCTION:
|
||||
--
|
||||
2.26.2
|
||||
2.41.0
|
||||
|
||||
diff -up openssl-3.0.0-beta1/Configure.sys-default openssl-3.0.0-beta1/Configure
|
||||
--- openssl-3.0.0-beta1/Configure.sys-default 2021-06-29 11:47:58.978144386 +0200
|
||||
+++ openssl-3.0.0-beta1/Configure 2021-06-29 11:52:01.631126260 +0200
|
||||
@@ -27,7 +27,7 @@ use OpenSSL::config;
|
||||
my $orig_death_handler = $SIG{__DIE__};
|
||||
$SIG{__DIE__} = \&death_handler;
|
||||
|
||||
-my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-egd] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--config=FILE] os/compiler[:flags]\n";
|
||||
+my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-egd] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--system-ciphers-file=SYSTEMCIPHERFILE] [--with-xxx[=vvv]] [--config=FILE] os/compiler[:flags]\n";
|
||||
|
||||
my $banner = <<"EOF";
|
||||
|
||||
@@ -61,6 +61,10 @@ EOF
|
||||
# given with --prefix.
|
||||
# This becomes the value of OPENSSLDIR in Makefile and in C.
|
||||
# (Default: PREFIX/ssl)
|
||||
+#
|
||||
+# --system-ciphers-file A file to read cipher string from when the PROFILE=SYSTEM
|
||||
+# cipher is specified (default).
|
||||
+#
|
||||
# --banner=".." Output specified text instead of default completion banner
|
||||
#
|
||||
# -w Don't wait after showing a Configure warning
|
||||
@@ -385,6 +389,7 @@ $config{prefix}="";
|
||||
$config{openssldir}="";
|
||||
$config{processor}="";
|
||||
$config{libdir}="";
|
||||
+$config{system_ciphers_file}="";
|
||||
my $auto_threads=1; # enable threads automatically? true by default
|
||||
my $default_ranlib;
|
||||
|
||||
@@ -987,6 +992,10 @@ while (@argvcopy)
|
||||
die "FIPS key too long (64 bytes max)\n"
|
||||
if length $1 > 64;
|
||||
}
|
||||
+ elsif (/^--system-ciphers-file=(.*)$/)
|
||||
+ {
|
||||
+ $config{system_ciphers_file}=$1;
|
||||
+ }
|
||||
elsif (/^--banner=(.*)$/)
|
||||
{
|
||||
$banner = $1 . "\n";
|
||||
|
|
|
@ -1,35 +1,25 @@
|
|||
From 5b2ec9a54037d7b007324bf53e067e73511cdfe4 Mon Sep 17 00:00:00 2001
|
||||
From: Tomas Mraz <tmraz@fedoraproject.org>
|
||||
Date: Thu, 26 Nov 2020 14:00:16 +0100
|
||||
Subject: Add FIPS_mode() compatibility macro
|
||||
From 8e29a10b39a649d751870eb1fd1b8c388e66acc3 Mon Sep 17 00:00:00 2001
|
||||
From: rpm-build <rpm-build>
|
||||
Date: Mon, 31 Jul 2023 09:41:27 +0200
|
||||
Subject: [PATCH 08/35] 0008-Add-FIPS_mode-compatibility-macro.patch
|
||||
|
||||
The macro calls EVP_default_properties_is_fips_enabled() on the
|
||||
default context.
|
||||
Patch-name: 0008-Add-FIPS_mode-compatibility-macro.patch
|
||||
Patch-id: 8
|
||||
Patch-status: |
|
||||
# Add FIPS_mode() compatibility macro
|
||||
From-dist-git-commit: 9409bc7044cf4b5773639cce20f51399888c45fd
|
||||
---
|
||||
include/openssl/crypto.h.in | 1 +
|
||||
include/openssl/fips.h | 25 +++++++++++++++++++++++++
|
||||
test/property_test.c | 13 +++++++++++++
|
||||
3 files changed, 39 insertions(+)
|
||||
include/openssl/fips.h | 26 ++++++++++++++++++++++++++
|
||||
test/property_test.c | 14 ++++++++++++++
|
||||
2 files changed, 40 insertions(+)
|
||||
create mode 100644 include/openssl/fips.h
|
||||
|
||||
diff --git a/include/openssl/crypto.h.in b/include/openssl/crypto.h.in
|
||||
index 1036da9a2b..9d4896fcaf 100644
|
||||
--- a/include/openssl/crypto.h.in
|
||||
+++ b/include/openssl/crypto.h.in
|
||||
@@ -38,6 +38,7 @@ use OpenSSL::stackhash qw(generate_stack_macros);
|
||||
# include <openssl/opensslconf.h>
|
||||
# include <openssl/cryptoerr.h>
|
||||
# include <openssl/core.h>
|
||||
+# include <openssl/fips.h>
|
||||
|
||||
# ifdef CHARSET_EBCDIC
|
||||
# include <openssl/ebcdic.h>
|
||||
diff --git a/include/openssl/fips.h b/include/openssl/fips.h
|
||||
new file mode 100644
|
||||
index 0000000000..c64f0f8e8f
|
||||
index 0000000000..4162cbf88e
|
||||
--- /dev/null
|
||||
+++ b/include/openssl/fips.h
|
||||
@@ -0,0 +1,25 @@
|
||||
@@ -0,0 +1,26 @@
|
||||
+/*
|
||||
+ * Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
+ *
|
||||
|
@ -43,6 +33,7 @@ index 0000000000..c64f0f8e8f
|
|||
+# define OPENSSL_FIPS_H
|
||||
+# pragma once
|
||||
+
|
||||
+# include <openssl/evp.h>
|
||||
+# include <openssl/macros.h>
|
||||
+
|
||||
+# ifdef __cplusplus
|
||||
|
@ -55,13 +46,15 @@ index 0000000000..c64f0f8e8f
|
|||
+}
|
||||
+# endif
|
||||
+#endif
|
||||
diff -up openssl-3.0.0-beta1/test/property_test.c.fips-macro openssl-3.0.0-beta1/test/property_test.c
|
||||
--- openssl-3.0.0-beta1/test/property_test.c.fips-macro 2021-06-29 12:14:58.851557698 +0200
|
||||
+++ openssl-3.0.0-beta1/test/property_test.c 2021-06-29 12:17:14.630143832 +0200
|
||||
@@ -488,6 +488,18 @@ static int test_property_list_to_string(
|
||||
diff --git a/test/property_test.c b/test/property_test.c
|
||||
index 45b1db3e85..8894c1c1cb 100644
|
||||
--- a/test/property_test.c
|
||||
+++ b/test/property_test.c
|
||||
@@ -677,6 +677,19 @@ static int test_property_list_to_string(int i)
|
||||
return ret;
|
||||
}
|
||||
|
||||
+#include <openssl/fips.h>
|
||||
+static int test_downstream_FIPS_mode(void)
|
||||
+{
|
||||
+ int ret = 0;
|
||||
|
@ -77,7 +70,7 @@ diff -up openssl-3.0.0-beta1/test/property_test.c.fips-macro openssl-3.0.0-beta1
|
|||
int setup_tests(void)
|
||||
{
|
||||
ADD_TEST(test_property_string);
|
||||
@@ -500,6 +512,7 @@ int setup_tests(void)
|
||||
@@ -690,6 +703,7 @@ int setup_tests(void)
|
||||
ADD_TEST(test_property);
|
||||
ADD_TEST(test_query_cache_stochastic);
|
||||
ADD_TEST(test_fips_mode);
|
||||
|
@ -85,3 +78,6 @@ diff -up openssl-3.0.0-beta1/test/property_test.c.fips-macro openssl-3.0.0-beta1
|
|||
ADD_ALL_TESTS(test_property_list_to_string, OSSL_NELEM(to_string_tests));
|
||||
return 1;
|
||||
}
|
||||
--
|
||||
2.41.0
|
||||
|
||||
|
|
|
@ -1,9 +1,25 @@
|
|||
diff -up openssl-3.0.0-alpha13/crypto/context.c.kernel-fips openssl-3.0.0-alpha13/crypto/context.c
|
||||
--- openssl-3.0.0-alpha13/crypto/context.c.kernel-fips 2021-03-16 00:09:55.814826432 +0100
|
||||
+++ openssl-3.0.0-alpha13/crypto/context.c 2021-03-16 00:15:55.129043811 +0100
|
||||
@@ -12,11 +12,46 @@
|
||||
From aa3aebf132959e7e44876042efaf9ff24ffe0f2b Mon Sep 17 00:00:00 2001
|
||||
From: rpm-build <rpm-build>
|
||||
Date: Mon, 31 Jul 2023 09:41:27 +0200
|
||||
Subject: [PATCH 09/35] 0009-Add-Kernel-FIPS-mode-flag-support.patch
|
||||
|
||||
Patch-name: 0009-Add-Kernel-FIPS-mode-flag-support.patch
|
||||
Patch-id: 9
|
||||
Patch-status: |
|
||||
# Add check to see if fips flag is enabled in kernel
|
||||
From-dist-git-commit: 9409bc7044cf4b5773639cce20f51399888c45fd
|
||||
---
|
||||
crypto/context.c | 36 ++++++++++++++++++++++++++++++++++++
|
||||
include/internal/provider.h | 3 +++
|
||||
2 files changed, 39 insertions(+)
|
||||
|
||||
diff --git a/crypto/context.c b/crypto/context.c
|
||||
index e294ea1512..51002ba79a 100644
|
||||
--- a/crypto/context.c
|
||||
+++ b/crypto/context.c
|
||||
@@ -16,6 +16,41 @@
|
||||
#include "internal/provider.h"
|
||||
#include "crypto/ctype.h"
|
||||
#include "crypto/context.h"
|
||||
|
||||
+# include <sys/types.h>
|
||||
+# include <sys/stat.h>
|
||||
|
@ -11,11 +27,6 @@ diff -up openssl-3.0.0-alpha13/crypto/context.c.kernel-fips openssl-3.0.0-alpha1
|
|||
+# include <unistd.h>
|
||||
+# include <openssl/evp.h>
|
||||
+
|
||||
struct ossl_lib_ctx_onfree_list_st {
|
||||
ossl_lib_ctx_onfree_fn *fn;
|
||||
struct ossl_lib_ctx_onfree_list_st *next;
|
||||
};
|
||||
|
||||
+# define FIPS_MODE_SWITCH_FILE "/proc/sys/crypto/fips_enabled"
|
||||
+
|
||||
+static int kernel_fips_flag;
|
||||
|
@ -46,20 +57,21 @@ diff -up openssl-3.0.0-alpha13/crypto/context.c.kernel-fips openssl-3.0.0-alpha1
|
|||
+
|
||||
+
|
||||
struct ossl_lib_ctx_st {
|
||||
CRYPTO_RWLOCK *lock;
|
||||
CRYPTO_EX_DATA data;
|
||||
@@ -121,6 +170,7 @@ static CRYPTO_THREAD_LOCAL default_conte
|
||||
CRYPTO_RWLOCK *lock, *rand_crngt_lock;
|
||||
OSSL_EX_DATA_GLOBAL global;
|
||||
@@ -336,6 +371,7 @@ static int default_context_inited = 0;
|
||||
|
||||
DEFINE_RUN_ONCE_STATIC(default_context_do_init)
|
||||
{
|
||||
+ read_kernel_fips_flag();
|
||||
return CRYPTO_THREAD_init_local(&default_context_thread_local, NULL)
|
||||
&& context_init(&default_context_int);
|
||||
}
|
||||
diff -up openssl-3.0.1/include/internal/provider.h.embed-fips openssl-3.0.1/include/internal/provider.h
|
||||
--- openssl-3.0.1/include/internal/provider.h.embed-fips 2022-01-11 13:13:08.323238760 +0100
|
||||
+++ openssl-3.0.1/include/internal/provider.h 2022-01-11 13:13:43.522558909 +0100
|
||||
@@ -110,6 +110,9 @@ int ossl_provider_init_as_child(OSSL_LIB
|
||||
if (!CRYPTO_THREAD_init_local(&default_context_thread_local, NULL))
|
||||
goto err;
|
||||
|
||||
diff --git a/include/internal/provider.h b/include/internal/provider.h
|
||||
index 18937f84c7..1446bf7afb 100644
|
||||
--- a/include/internal/provider.h
|
||||
+++ b/include/internal/provider.h
|
||||
@@ -112,6 +112,9 @@ int ossl_provider_init_as_child(OSSL_LIB_CTX *ctx,
|
||||
const OSSL_DISPATCH *in);
|
||||
void ossl_provider_deinit_child(OSSL_LIB_CTX *ctx);
|
||||
|
||||
|
@ -69,3 +81,6 @@ diff -up openssl-3.0.1/include/internal/provider.h.embed-fips openssl-3.0.1/incl
|
|||
# ifdef __cplusplus
|
||||
}
|
||||
# endif
|
||||
--
|
||||
2.41.0
|
||||
|
||||
|
|
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
|
@ -1,7 +1,27 @@
|
|||
diff -up openssl-3.0.1/crypto/ec/ec_asn1.c.disable_explicit_ec openssl-3.0.1/crypto/ec/ec_asn1.c
|
||||
--- openssl-3.0.1/crypto/ec/ec_asn1.c.disable_explicit_ec 2022-03-22 13:10:45.718077845 +0100
|
||||
+++ openssl-3.0.1/crypto/ec/ec_asn1.c 2022-03-22 13:12:46.626599016 +0100
|
||||
@@ -895,6 +895,12 @@ EC_GROUP *d2i_ECPKParameters(EC_GROUP **
|
||||
From 91bdd9b816b22bc1464ec323f3272b866b24114d Mon Sep 17 00:00:00 2001
|
||||
From: rpm-build <rpm-build>
|
||||
Date: Mon, 31 Jul 2023 09:41:28 +0200
|
||||
Subject: [PATCH 12/35] 0012-Disable-explicit-ec.patch
|
||||
|
||||
Patch-name: 0012-Disable-explicit-ec.patch
|
||||
Patch-id: 12
|
||||
Patch-status: |
|
||||
# Disable explicit EC curves
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=2066412
|
||||
From-dist-git-commit: 9409bc7044cf4b5773639cce20f51399888c45fd
|
||||
---
|
||||
crypto/ec/ec_asn1.c | 11 ++++++++++
|
||||
crypto/ec/ec_lib.c | 6 +++++
|
||||
test/ectest.c | 22 ++++++++++---------
|
||||
test/endecode_test.c | 20 ++++++++---------
|
||||
.../30-test_evp_data/evppkey_ecdsa.txt | 12 ----------
|
||||
5 files changed, 39 insertions(+), 32 deletions(-)
|
||||
|
||||
diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c
|
||||
index 7a0b35a594..d19d57344e 100644
|
||||
--- a/crypto/ec/ec_asn1.c
|
||||
+++ b/crypto/ec/ec_asn1.c
|
||||
@@ -905,6 +905,12 @@ EC_GROUP *d2i_ECPKParameters(EC_GROUP **a, const unsigned char **in, long len)
|
||||
if (params->type == ECPKPARAMETERS_TYPE_EXPLICIT)
|
||||
group->decoded_from_explicit_params = 1;
|
||||
|
||||
|
@ -14,7 +34,7 @@ diff -up openssl-3.0.1/crypto/ec/ec_asn1.c.disable_explicit_ec openssl-3.0.1/cry
|
|||
if (a) {
|
||||
EC_GROUP_free(*a);
|
||||
*a = group;
|
||||
@@ -954,6 +959,11 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, con
|
||||
@@ -964,6 +970,11 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len)
|
||||
goto err;
|
||||
}
|
||||
|
||||
|
@ -26,10 +46,99 @@ diff -up openssl-3.0.1/crypto/ec/ec_asn1.c.disable_explicit_ec openssl-3.0.1/cry
|
|||
ret->version = priv_key->version;
|
||||
|
||||
if (priv_key->privateKey) {
|
||||
diff -up openssl-3.0.1/test/endecode_test.c.disable_explicit_ec openssl-3.0.1/test/endecode_test.c
|
||||
--- openssl-3.0.1/test/endecode_test.c.disable_explicit_ec 2022-03-21 16:55:46.005558779 +0100
|
||||
+++ openssl-3.0.1/test/endecode_test.c 2022-03-21 16:56:12.636792762 +0100
|
||||
@@ -57,7 +57,7 @@ static BN_CTX *bnctx = NULL;
|
||||
diff --git a/crypto/ec/ec_lib.c b/crypto/ec/ec_lib.c
|
||||
index a84e088c19..6c37bf78ae 100644
|
||||
--- a/crypto/ec/ec_lib.c
|
||||
+++ b/crypto/ec/ec_lib.c
|
||||
@@ -1724,6 +1724,11 @@ EC_GROUP *EC_GROUP_new_from_params(const OSSL_PARAM params[],
|
||||
goto err;
|
||||
}
|
||||
if (named_group == group) {
|
||||
+ if (EC_GROUP_check_named_curve(group, 0, NULL) == NID_undef) {
|
||||
+ ERR_raise(ERR_LIB_EC, EC_R_UNKNOWN_GROUP);
|
||||
+ goto err;
|
||||
+ }
|
||||
+#if 0
|
||||
/*
|
||||
* If we did not find a named group then the encoding should be explicit
|
||||
* if it was specified
|
||||
@@ -1739,6 +1744,7 @@ EC_GROUP *EC_GROUP_new_from_params(const OSSL_PARAM params[],
|
||||
goto err;
|
||||
}
|
||||
EC_GROUP_set_asn1_flag(group, OPENSSL_EC_EXPLICIT_CURVE);
|
||||
+#endif
|
||||
} else {
|
||||
EC_GROUP_free(group);
|
||||
group = named_group;
|
||||
diff --git a/test/ectest.c b/test/ectest.c
|
||||
index 4890b0555e..e11aec5b3b 100644
|
||||
--- a/test/ectest.c
|
||||
+++ b/test/ectest.c
|
||||
@@ -2301,10 +2301,11 @@ static int do_test_custom_explicit_fromdata(EC_GROUP *group, BN_CTX *ctx,
|
||||
if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld))
|
||||
|| !TEST_ptr(pctx = EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL))
|
||||
|| !TEST_int_gt(EVP_PKEY_fromdata_init(pctx), 0)
|
||||
- || !TEST_int_gt(EVP_PKEY_fromdata(pctx, &pkeyparam,
|
||||
+ || !TEST_int_le(EVP_PKEY_fromdata(pctx, &pkeyparam,
|
||||
EVP_PKEY_KEY_PARAMETERS, params), 0))
|
||||
goto err;
|
||||
-
|
||||
+/* As creating the key should fail, the rest of the test is pointless */
|
||||
+# if 0
|
||||
/*- Check that all the set values are retrievable -*/
|
||||
|
||||
/* There should be no match to a group name since the generator changed */
|
||||
@@ -2433,6 +2434,7 @@ static int do_test_custom_explicit_fromdata(EC_GROUP *group, BN_CTX *ctx,
|
||||
#endif
|
||||
)
|
||||
goto err;
|
||||
+#endif
|
||||
ret = 1;
|
||||
err:
|
||||
BN_free(order_out);
|
||||
@@ -2714,21 +2716,21 @@ static int custom_params_test(int id)
|
||||
|
||||
/* Compute keyexchange in both directions */
|
||||
if (!TEST_ptr(pctx1 = EVP_PKEY_CTX_new(pkey1, NULL))
|
||||
- || !TEST_int_eq(EVP_PKEY_derive_init(pctx1), 1)
|
||||
- || !TEST_int_eq(EVP_PKEY_derive_set_peer(pctx1, pkey2), 1)
|
||||
+ || !TEST_int_le(EVP_PKEY_derive_init(pctx1), 0)
|
||||
+/* || !TEST_int_eq(EVP_PKEY_derive_set_peer(pctx1, pkey2), 1)
|
||||
|| !TEST_int_eq(EVP_PKEY_derive(pctx1, NULL, &sslen), 1)
|
||||
|| !TEST_int_gt(bsize, sslen)
|
||||
- || !TEST_int_eq(EVP_PKEY_derive(pctx1, buf1, &sslen), 1))
|
||||
+ || !TEST_int_eq(EVP_PKEY_derive(pctx1, buf1, &sslen), 1)*/)
|
||||
goto err;
|
||||
if (!TEST_ptr(pctx2 = EVP_PKEY_CTX_new(pkey2, NULL))
|
||||
- || !TEST_int_eq(EVP_PKEY_derive_init(pctx2), 1)
|
||||
- || !TEST_int_eq(EVP_PKEY_derive_set_peer(pctx2, pkey1), 1)
|
||||
+ || !TEST_int_le(EVP_PKEY_derive_init(pctx2), 1)
|
||||
+/* || !TEST_int_eq(EVP_PKEY_derive_set_peer(pctx2, pkey1), 1)
|
||||
|| !TEST_int_eq(EVP_PKEY_derive(pctx2, NULL, &t), 1)
|
||||
|| !TEST_int_gt(bsize, t)
|
||||
|| !TEST_int_le(sslen, t)
|
||||
- || !TEST_int_eq(EVP_PKEY_derive(pctx2, buf2, &t), 1))
|
||||
+ || !TEST_int_eq(EVP_PKEY_derive(pctx2, buf2, &t), 1) */)
|
||||
goto err;
|
||||
-
|
||||
+#if 0
|
||||
/* Both sides should expect the same shared secret */
|
||||
if (!TEST_mem_eq(buf1, sslen, buf2, t))
|
||||
goto err;
|
||||
@@ -2780,7 +2782,7 @@ static int custom_params_test(int id)
|
||||
/* compare with previous result */
|
||||
|| !TEST_mem_eq(buf1, t, buf2, sslen))
|
||||
goto err;
|
||||
-
|
||||
+#endif
|
||||
ret = 1;
|
||||
|
||||
err:
|
||||
diff --git a/test/endecode_test.c b/test/endecode_test.c
|
||||
index 14648287eb..9a437d8c64 100644
|
||||
--- a/test/endecode_test.c
|
||||
+++ b/test/endecode_test.c
|
||||
@@ -62,7 +62,7 @@ static BN_CTX *bnctx = NULL;
|
||||
static OSSL_PARAM_BLD *bld_prime_nc = NULL;
|
||||
static OSSL_PARAM_BLD *bld_prime = NULL;
|
||||
static OSSL_PARAM *ec_explicit_prime_params_nc = NULL;
|
||||
|
@ -38,7 +147,7 @@ diff -up openssl-3.0.1/test/endecode_test.c.disable_explicit_ec openssl-3.0.1/te
|
|||
|
||||
# ifndef OPENSSL_NO_EC2M
|
||||
static OSSL_PARAM_BLD *bld_tri_nc = NULL;
|
||||
@@ -990,9 +990,9 @@ IMPLEMENT_TEST_SUITE_LEGACY(EC, "EC")
|
||||
@@ -1009,9 +1009,9 @@ IMPLEMENT_TEST_SUITE_LEGACY(EC, "EC")
|
||||
DOMAIN_KEYS(ECExplicitPrimeNamedCurve);
|
||||
IMPLEMENT_TEST_SUITE(ECExplicitPrimeNamedCurve, "EC", 1)
|
||||
IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitPrimeNamedCurve, "EC")
|
||||
|
@ -51,7 +160,7 @@ diff -up openssl-3.0.1/test/endecode_test.c.disable_explicit_ec openssl-3.0.1/te
|
|||
# ifndef OPENSSL_NO_EC2M
|
||||
DOMAIN_KEYS(ECExplicitTriNamedCurve);
|
||||
IMPLEMENT_TEST_SUITE(ECExplicitTriNamedCurve, "EC", 1)
|
||||
@@ -1318,7 +1318,7 @@ int setup_tests(void)
|
||||
@@ -1352,7 +1352,7 @@ int setup_tests(void)
|
||||
|| !create_ec_explicit_prime_params_namedcurve(bld_prime_nc)
|
||||
|| !create_ec_explicit_prime_params(bld_prime)
|
||||
|| !TEST_ptr(ec_explicit_prime_params_nc = OSSL_PARAM_BLD_to_param(bld_prime_nc))
|
||||
|
@ -60,7 +169,7 @@ diff -up openssl-3.0.1/test/endecode_test.c.disable_explicit_ec openssl-3.0.1/te
|
|||
# ifndef OPENSSL_NO_EC2M
|
||||
|| !TEST_ptr(bld_tri_nc = OSSL_PARAM_BLD_new())
|
||||
|| !TEST_ptr(bld_tri = OSSL_PARAM_BLD_new())
|
||||
@@ -1346,7 +1346,7 @@ int setup_tests(void)
|
||||
@@ -1380,7 +1380,7 @@ int setup_tests(void)
|
||||
TEST_info("Generating EC keys...");
|
||||
MAKE_DOMAIN_KEYS(EC, "EC", EC_params);
|
||||
MAKE_DOMAIN_KEYS(ECExplicitPrimeNamedCurve, "EC", ec_explicit_prime_params_nc);
|
||||
|
@ -69,7 +178,7 @@ diff -up openssl-3.0.1/test/endecode_test.c.disable_explicit_ec openssl-3.0.1/te
|
|||
# ifndef OPENSSL_NO_EC2M
|
||||
MAKE_DOMAIN_KEYS(ECExplicitTriNamedCurve, "EC", ec_explicit_tri_params_nc);
|
||||
MAKE_DOMAIN_KEYS(ECExplicitTri2G, "EC", ec_explicit_tri_params_explicit);
|
||||
@@ -1389,8 +1389,8 @@ int setup_tests(void)
|
||||
@@ -1423,8 +1423,8 @@ int setup_tests(void)
|
||||
ADD_TEST_SUITE_LEGACY(EC);
|
||||
ADD_TEST_SUITE(ECExplicitPrimeNamedCurve);
|
||||
ADD_TEST_SUITE_LEGACY(ECExplicitPrimeNamedCurve);
|
||||
|
@ -80,7 +189,7 @@ diff -up openssl-3.0.1/test/endecode_test.c.disable_explicit_ec openssl-3.0.1/te
|
|||
# ifndef OPENSSL_NO_EC2M
|
||||
ADD_TEST_SUITE(ECExplicitTriNamedCurve);
|
||||
ADD_TEST_SUITE_LEGACY(ECExplicitTriNamedCurve);
|
||||
@@ -1427,7 +1427,7 @@ void cleanup_tests(void)
|
||||
@@ -1461,7 +1461,7 @@ void cleanup_tests(void)
|
||||
{
|
||||
#ifndef OPENSSL_NO_EC
|
||||
OSSL_PARAM_free(ec_explicit_prime_params_nc);
|
||||
|
@ -89,7 +198,7 @@ diff -up openssl-3.0.1/test/endecode_test.c.disable_explicit_ec openssl-3.0.1/te
|
|||
OSSL_PARAM_BLD_free(bld_prime_nc);
|
||||
OSSL_PARAM_BLD_free(bld_prime);
|
||||
# ifndef OPENSSL_NO_EC2M
|
||||
@@ -1449,7 +1449,7 @@ void cleanup_tests(void)
|
||||
@@ -1483,7 +1483,7 @@ void cleanup_tests(void)
|
||||
#ifndef OPENSSL_NO_EC
|
||||
FREE_DOMAIN_KEYS(EC);
|
||||
FREE_DOMAIN_KEYS(ECExplicitPrimeNamedCurve);
|
||||
|
@ -98,10 +207,11 @@ diff -up openssl-3.0.1/test/endecode_test.c.disable_explicit_ec openssl-3.0.1/te
|
|||
# ifndef OPENSSL_NO_EC2M
|
||||
FREE_DOMAIN_KEYS(ECExplicitTriNamedCurve);
|
||||
FREE_DOMAIN_KEYS(ECExplicitTri2G);
|
||||
diff -up openssl-3.0.1/test/recipes/30-test_evp_data/evppkey_ecdsa.txt.disable_explicit_ec openssl-3.0.1/test/recipes/30-test_evp_data/evppkey_ecdsa.txt
|
||||
--- openssl-3.0.1/test/recipes/30-test_evp_data/evppkey_ecdsa.txt.disable_explicit_ec 2022-03-25 11:20:50.920949208 +0100
|
||||
+++ openssl-3.0.1/test/recipes/30-test_evp_data/evppkey_ecdsa.txt 2022-03-25 11:21:13.177147598 +0100
|
||||
@@ -121,18 +121,6 @@ AAAA//////////+85vqtpxeehPO5ysL8YyVRAgEB
|
||||
diff --git a/test/recipes/30-test_evp_data/evppkey_ecdsa.txt b/test/recipes/30-test_evp_data/evppkey_ecdsa.txt
|
||||
index ec3c032aba..584ecee0eb 100644
|
||||
--- a/test/recipes/30-test_evp_data/evppkey_ecdsa.txt
|
||||
+++ b/test/recipes/30-test_evp_data/evppkey_ecdsa.txt
|
||||
@@ -133,18 +133,6 @@ AAAA//////////+85vqtpxeehPO5ysL8YyVRAgEBBG0wawIBAQQgiUTxtr5vLVjj
|
||||
3ev1gTwRBduzqqlwd54AUSgI+pjttW8zrWNitO8H1sf59MPWOESKxNtZ1+Nl
|
||||
-----END PRIVATE KEY-----
|
||||
|
||||
|
@ -120,3 +230,6 @@ diff -up openssl-3.0.1/test/recipes/30-test_evp_data/evppkey_ecdsa.txt.disable_e
|
|||
PrivateKey = B-163
|
||||
-----BEGIN PRIVATE KEY-----
|
||||
MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUDnQW0mLiHVha/jqFznX/K
|
||||
--
|
||||
2.41.0
|
||||
|
||||
|
|
|
@ -0,0 +1,58 @@
|
|||
From 9ede2b1e13f72db37718853faff74b4429084d59 Mon Sep 17 00:00:00 2001
|
||||
From: rpm-build <rpm-build>
|
||||
Date: Mon, 31 Jul 2023 09:41:28 +0200
|
||||
Subject: [PATCH 13/35] 0013-skipped-tests-EC-curves.patch
|
||||
|
||||
Patch-name: 0013-skipped-tests-EC-curves.patch
|
||||
Patch-id: 13
|
||||
Patch-status: |
|
||||
# Skipped tests from former 0011-Remove-EC-curves.patch
|
||||
From-dist-git-commit: 9409bc7044cf4b5773639cce20f51399888c45fd
|
||||
---
|
||||
test/recipes/15-test_ec.t | 2 +-
|
||||
test/recipes/65-test_cmp_protect.t | 2 +-
|
||||
test/recipes/65-test_cmp_vfy.t | 2 +-
|
||||
3 files changed, 3 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/test/recipes/15-test_ec.t b/test/recipes/15-test_ec.t
|
||||
index 0638d626e7..c0efd77649 100644
|
||||
--- a/test/recipes/15-test_ec.t
|
||||
+++ b/test/recipes/15-test_ec.t
|
||||
@@ -90,7 +90,7 @@ subtest 'Ed448 conversions -- public key' => sub {
|
||||
|
||||
subtest 'Check loading of fips and non-fips keys' => sub {
|
||||
plan skip_all => "FIPS is disabled"
|
||||
- if $no_fips;
|
||||
+ if 1; #Red Hat specific, original value is $no_fips;
|
||||
|
||||
plan tests => 2;
|
||||
|
||||
diff --git a/test/recipes/65-test_cmp_protect.t b/test/recipes/65-test_cmp_protect.t
|
||||
index 631603df7c..4cb2ffebbc 100644
|
||||
--- a/test/recipes/65-test_cmp_protect.t
|
||||
+++ b/test/recipes/65-test_cmp_protect.t
|
||||
@@ -27,7 +27,7 @@ plan skip_all => "This test is not supported in a no-cmp build"
|
||||
plan skip_all => "This test is not supported in a shared library build on Windows"
|
||||
if $^O eq 'MSWin32' && !disabled("shared");
|
||||
|
||||
-plan tests => 2 + ($no_fips ? 0 : 1); #fips test
|
||||
+plan skip_all => 2 + ($no_fips ? 0 : 1); #fips test
|
||||
|
||||
my @basic_cmd = ("cmp_protect_test",
|
||||
data_file("server.pem"),
|
||||
diff --git a/test/recipes/65-test_cmp_vfy.t b/test/recipes/65-test_cmp_vfy.t
|
||||
index f722800e27..26a01786bb 100644
|
||||
--- a/test/recipes/65-test_cmp_vfy.t
|
||||
+++ b/test/recipes/65-test_cmp_vfy.t
|
||||
@@ -27,7 +27,7 @@ plan skip_all => "This test is not supported in a no-cmp build"
|
||||
plan skip_all => "This test is not supported in a no-ec build"
|
||||
if disabled("ec");
|
||||
|
||||
-plan tests => 2 + ($no_fips ? 0 : 1); #fips test
|
||||
+plan skip_all => 2 + ($no_fips ? 0 : 1); #fips test
|
||||
|
||||
my @basic_cmd = ("cmp_vfy_test",
|
||||
data_file("server.crt"), data_file("client.crt"),
|
||||
--
|
||||
2.41.0
|
||||
|
|
@ -1,6 +1,22 @@
|
|||
diff -up openssl-3.0.0/apps/openssl.cnf.legacy-prov openssl-3.0.0/apps/openssl.cnf
|
||||
--- openssl-3.0.0/apps/openssl.cnf.legacy-prov 2021-09-09 12:06:40.895793297 +0200
|
||||
+++ openssl-3.0.0/apps/openssl.cnf 2021-09-09 12:12:33.947482500 +0200
|
||||
From 69636828729ecc287863366dcdd6548dee78c7a4 Mon Sep 17 00:00:00 2001
|
||||
From: rpm-build <rpm-build>
|
||||
Date: Mon, 31 Jul 2023 09:41:28 +0200
|
||||
Subject: [PATCH 14/35] 0024-load-legacy-prov.patch
|
||||
|
||||
Patch-name: 0024-load-legacy-prov.patch
|
||||
Patch-id: 24
|
||||
Patch-status: |
|
||||
# Instructions to load legacy provider in openssl.cnf
|
||||
From-dist-git-commit: 9409bc7044cf4b5773639cce20f51399888c45fd
|
||||
---
|
||||
apps/openssl.cnf | 37 +++++++++++++++----------------------
|
||||
doc/man5/config.pod | 8 ++++++++
|
||||
2 files changed, 23 insertions(+), 22 deletions(-)
|
||||
|
||||
diff --git a/apps/openssl.cnf b/apps/openssl.cnf
|
||||
index 3956235fda..bddb6bc029 100644
|
||||
--- a/apps/openssl.cnf
|
||||
+++ b/apps/openssl.cnf
|
||||
@@ -42,36 +42,29 @@ tsa_policy1 = 1.2.3.4.1
|
||||
tsa_policy2 = 1.2.3.4.5.6
|
||||
tsa_policy3 = 1.2.3.4.5.7
|
||||
|
@ -19,11 +35,6 @@ diff -up openssl-3.0.0/apps/openssl.cnf.legacy-prov openssl-3.0.0/apps/openssl.c
|
|||
ssl_conf = ssl_module
|
||||
|
||||
-# List of providers to load
|
||||
-[provider_sect]
|
||||
-default = default_sect
|
||||
-# The fips section name should match the section name inside the
|
||||
-# included fipsmodule.cnf.
|
||||
-# fips = fips_sect
|
||||
+# Uncomment the sections that start with ## below to enable the legacy provider.
|
||||
+# Loading the legacy provider enables support for the following algorithms:
|
||||
+# Hashing Algorithms / Message Digests: MD2, MD4, MDC2, WHIRLPOOL, RIPEMD160
|
||||
|
@ -32,7 +43,13 @@ diff -up openssl-3.0.0/apps/openssl.cnf.legacy-prov openssl-3.0.0/apps/openssl.c
|
|||
+# In general it is not recommended to use the above mentioned algorithms for
|
||||
+# security critical operations, as they are cryptographically weak or vulnerable
|
||||
+# to side-channel attacks and as such have been deprecated.
|
||||
|
||||
+
|
||||
[provider_sect]
|
||||
default = default_sect
|
||||
-# The fips section name should match the section name inside the
|
||||
-# included fipsmodule.cnf.
|
||||
-# fips = fips_sect
|
||||
-
|
||||
-# If no providers are activated explicitly, the default one is activated implicitly.
|
||||
-# See man 7 OSSL_PROVIDER-default for more details.
|
||||
-#
|
||||
|
@ -41,13 +58,10 @@ diff -up openssl-3.0.0/apps/openssl.cnf.legacy-prov openssl-3.0.0/apps/openssl.c
|
|||
-# becomes unavailable in openssl. As a consequence applications depending on
|
||||
-# OpenSSL may not work correctly which could lead to significant system
|
||||
-# problems including inability to remotely access the system.
|
||||
-[default_sect]
|
||||
-# activate = 1
|
||||
+[provider_sect]
|
||||
+default = default_sect
|
||||
+##legacy = legacy_sect
|
||||
+##
|
||||
+[default_sect]
|
||||
[default_sect]
|
||||
-# activate = 1
|
||||
+activate = 1
|
||||
+
|
||||
+##[legacy_sect]
|
||||
|
@ -55,9 +69,10 @@ diff -up openssl-3.0.0/apps/openssl.cnf.legacy-prov openssl-3.0.0/apps/openssl.c
|
|||
|
||||
[ ssl_module ]
|
||||
|
||||
diff -up openssl-3.0.0/doc/man5/config.pod.legacy-prov openssl-3.0.0/doc/man5/config.pod
|
||||
--- openssl-3.0.0/doc/man5/config.pod.legacy-prov 2021-09-09 12:09:38.079040853 +0200
|
||||
+++ openssl-3.0.0/doc/man5/config.pod 2021-09-09 12:11:56.646224876 +0200
|
||||
diff --git a/doc/man5/config.pod b/doc/man5/config.pod
|
||||
index 8d312c661f..714a10437b 100644
|
||||
--- a/doc/man5/config.pod
|
||||
+++ b/doc/man5/config.pod
|
||||
@@ -273,6 +273,14 @@ significant.
|
||||
All parameters in the section as well as sub-sections are made
|
||||
available to the provider.
|
||||
|
@ -73,3 +88,6 @@ diff -up openssl-3.0.0/doc/man5/config.pod.legacy-prov openssl-3.0.0/doc/man5/co
|
|||
=head3 Default provider and its activation
|
||||
|
||||
If no providers are activated explicitly, the default one is activated implicitly.
|
||||
--
|
||||
2.41.0
|
||||
|
||||
|
|
|
@ -1,40 +0,0 @@
|
|||
diff -up openssl-3.0.0/test/recipes/90-test_sslapi.t.beldmit openssl-3.0.0/test/recipes/90-test_sslapi.t
|
||||
--- openssl-3.0.0/test/recipes/90-test_sslapi.t.beldmit 2021-09-22 11:56:49.452507975 +0200
|
||||
+++ openssl-3.0.0/test/recipes/90-test_sslapi.t 2021-09-22 11:57:19.371764742 +0200
|
||||
@@ -40,7 +40,7 @@ unless ($no_fips) {
|
||||
"recipes",
|
||||
"90-test_sslapi_data",
|
||||
"dhparams.pem")])),
|
||||
- "running sslapitest");
|
||||
+ "running sslapitest - FIPS");
|
||||
}
|
||||
|
||||
unlink $tmpfilename;
|
||||
diff --git a/test/sslapitest.c b/test/sslapitest.c
|
||||
index e95d2657f46c..7af0eab3fce0 100644
|
||||
--- a/test/sslapitest.c
|
||||
+++ b/test/sslapitest.c
|
||||
@@ -1158,6 +1158,11 @@ static int execute_test_ktls(int cis_ktls, int sis_ktls,
|
||||
goto end;
|
||||
}
|
||||
|
||||
+ if (is_fips && strstr(cipher, "CHACHA") != NULL) {
|
||||
+ testresult = TEST_skip("CHACHA is not supported in FIPS");
|
||||
+ goto end;
|
||||
+ }
|
||||
+
|
||||
/* Create a session based on SHA-256 */
|
||||
if (!TEST_true(create_ssl_ctx_pair(libctx, TLS_server_method(),
|
||||
TLS_client_method(),
|
||||
@@ -1292,6 +1297,11 @@ static int execute_test_ktls_sendfile(int tls_version, const char *cipher)
|
||||
goto end;
|
||||
}
|
||||
|
||||
+ if (is_fips && strstr(cipher, "CHACHA") != NULL) {
|
||||
+ testresult = TEST_skip("CHACHA is not supported in FIPS");
|
||||
+ goto end;
|
||||
+ }
|
||||
+
|
||||
/* Create a session based on SHA-256 */
|
||||
if (!TEST_true(create_ssl_ctx_pair(libctx, TLS_server_method(),
|
||||
TLS_client_method(),
|
|
@ -1,159 +1,60 @@
|
|||
#Note: provider_conf_activate() is introduced in downstream only. It is a rewrite
|
||||
#(partial) of the function provider_conf_load() under the 'if (activate) section.
|
||||
#If there is any change to this section, after deleting it in provider_conf_load()
|
||||
#ensure that you also add those changes to the provider_conf_activate() function.
|
||||
#additionally please add this check for cnf explicitly as shown below.
|
||||
#'ok = cnf ? provider_conf_params(prov, NULL, NULL, value, cnf) : 1;'
|
||||
diff -up openssl-3.0.1/crypto/provider_conf.c.fipsact openssl-3.0.1/crypto/provider_conf.c
|
||||
--- openssl-3.0.1/crypto/provider_conf.c.fipsact 2022-05-12 12:44:31.199034948 +0200
|
||||
+++ openssl-3.0.1/crypto/provider_conf.c 2022-05-12 12:49:17.468318373 +0200
|
||||
@@ -136,58 +136,18 @@ static int prov_already_activated(const
|
||||
return 0;
|
||||
}
|
||||
From 2c110cf5551a3869514e697d8dc06682b62ca57d Mon Sep 17 00:00:00 2001
|
||||
From: Dmitry Belyavskiy <dbelyavs@redhat.com>
|
||||
Date: Mon, 21 Aug 2023 11:59:02 +0200
|
||||
Subject: [PATCH 16/48] 0032-Force-fips.patch
|
||||
|
||||
Patch-name: 0032-Force-fips.patch
|
||||
Patch-id: 32
|
||||
Patch-status: |
|
||||
# We load FIPS provider and set FIPS properties implicitly
|
||||
---
|
||||
crypto/provider_conf.c | 28 +++++++++++++++++++++++++++-
|
||||
1 file changed, 27 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/crypto/provider_conf.c b/crypto/provider_conf.c
|
||||
index 058fb58837..5274265a70 100644
|
||||
--- a/crypto/provider_conf.c
|
||||
+++ b/crypto/provider_conf.c
|
||||
@@ -10,6 +10,8 @@
|
||||
#include <string.h>
|
||||
#include <openssl/trace.h>
|
||||
#include <openssl/err.h>
|
||||
+#include <openssl/evp.h>
|
||||
+#include <unistd.h>
|
||||
#include <openssl/conf.h>
|
||||
#include <openssl/safestack.h>
|
||||
#include <openssl/provider.h>
|
||||
@@ -169,7 +171,7 @@ static int provider_conf_activate(OSSL_LIB_CTX *libctx, const char *name,
|
||||
if (path != NULL)
|
||||
ossl_provider_set_module_path(prov, path);
|
||||
|
||||
-static int provider_conf_load(OSSL_LIB_CTX *libctx, const char *name,
|
||||
- const char *value, const CONF *cnf)
|
||||
+static int provider_conf_activate(OSSL_LIB_CTX *libctx,const char *name,
|
||||
+ const char *value, const char *path,
|
||||
+ int soft, const CONF *cnf)
|
||||
{
|
||||
- int i;
|
||||
- STACK_OF(CONF_VALUE) *ecmds;
|
||||
- int soft = 0;
|
||||
- OSSL_PROVIDER *prov = NULL, *actual = NULL;
|
||||
- const char *path = NULL;
|
||||
- long activate = 0;
|
||||
int ok = 0;
|
||||
-
|
||||
- name = skip_dot(name);
|
||||
- OSSL_TRACE1(CONF, "Configuring provider %s\n", name);
|
||||
- /* Value is a section containing PROVIDER commands */
|
||||
- ecmds = NCONF_get_section(cnf, value);
|
||||
-
|
||||
- if (!ecmds) {
|
||||
- ERR_raise_data(ERR_LIB_CRYPTO, CRYPTO_R_PROVIDER_SECTION_ERROR,
|
||||
- "section=%s not found", value);
|
||||
- return 0;
|
||||
- }
|
||||
-
|
||||
- /* Find the needed data first */
|
||||
- for (i = 0; i < sk_CONF_VALUE_num(ecmds); i++) {
|
||||
- CONF_VALUE *ecmd = sk_CONF_VALUE_value(ecmds, i);
|
||||
- const char *confname = skip_dot(ecmd->name);
|
||||
- const char *confvalue = ecmd->value;
|
||||
-
|
||||
- OSSL_TRACE2(CONF, "Provider command: %s = %s\n",
|
||||
- confname, confvalue);
|
||||
-
|
||||
- /* First handle some special pseudo confs */
|
||||
-
|
||||
- /* Override provider name to use */
|
||||
- if (strcmp(confname, "identity") == 0)
|
||||
- name = confvalue;
|
||||
- else if (strcmp(confname, "soft_load") == 0)
|
||||
- soft = 1;
|
||||
- /* Load a dynamic PROVIDER */
|
||||
- else if (strcmp(confname, "module") == 0)
|
||||
- path = confvalue;
|
||||
- else if (strcmp(confname, "activate") == 0)
|
||||
- activate = 1;
|
||||
- }
|
||||
-
|
||||
- if (activate) {
|
||||
- PROVIDER_CONF_GLOBAL *pcgbl
|
||||
- = ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_PROVIDER_CONF_INDEX,
|
||||
- &provider_conf_ossl_ctx_method);
|
||||
+ OSSL_PROVIDER *prov = NULL, *actual = NULL;
|
||||
+ PROVIDER_CONF_GLOBAL *pcgbl
|
||||
+ = ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_PROVIDER_CONF_INDEX,
|
||||
+ &provider_conf_ossl_ctx_method);
|
||||
- ok = provider_conf_params(prov, NULL, NULL, value, cnf);
|
||||
+ ok = cnf ? provider_conf_params(prov, NULL, NULL, value, cnf) : 1;
|
||||
|
||||
if (pcgbl == NULL || !CRYPTO_THREAD_write_lock(pcgbl->lock)) {
|
||||
- ERR_raise(ERR_LIB_CRYPTO, ERR_R_INTERNAL_ERROR);
|
||||
+ ERR_raise(ERR_LIB_CRYPTO, ERR_R_INTERNAL_ERROR);
|
||||
return 0;
|
||||
}
|
||||
if (!prov_already_activated(name, pcgbl->activated_providers)) {
|
||||
@@ -216,7 +176,7 @@ static int provider_conf_load(OSSL_LIB_C
|
||||
if (path != NULL)
|
||||
ossl_provider_set_module_path(prov, path);
|
||||
|
||||
- ok = provider_conf_params(prov, NULL, NULL, value, cnf);
|
||||
+ ok = cnf ? provider_conf_params(prov, NULL, NULL, value, cnf) : 1;
|
||||
|
||||
if (ok) {
|
||||
if (!ossl_provider_activate(prov, 1, 0)) {
|
||||
@@ -244,8 +204,59 @@ static int provider_conf_load(OSSL_LIB_C
|
||||
}
|
||||
if (!ok)
|
||||
ossl_provider_free(prov);
|
||||
+ } else { /* No reason to activate the provider twice, returning OK */
|
||||
+ ok = 1;
|
||||
}
|
||||
CRYPTO_THREAD_unlock(pcgbl->lock);
|
||||
+ return ok;
|
||||
+}
|
||||
+
|
||||
+static int provider_conf_load(OSSL_LIB_CTX *libctx, const char *name,
|
||||
+ const char *value, const CONF *cnf)
|
||||
+{
|
||||
+ int i;
|
||||
+ STACK_OF(CONF_VALUE) *ecmds;
|
||||
+ int soft = 0;
|
||||
+ const char *path = NULL;
|
||||
+ long activate = 0;
|
||||
+ int ok = 0;
|
||||
+
|
||||
+ name = skip_dot(name);
|
||||
+ OSSL_TRACE1(CONF, "Configuring provider %s\n", name);
|
||||
+ /* Value is a section containing PROVIDER commands */
|
||||
+ ecmds = NCONF_get_section(cnf, value);
|
||||
+
|
||||
+ if (!ecmds) {
|
||||
+ ERR_raise_data(ERR_LIB_CRYPTO, CRYPTO_R_PROVIDER_SECTION_ERROR,
|
||||
+ "section=%s not found", value);
|
||||
+ return 0;
|
||||
+ }
|
||||
+
|
||||
+ /* Find the needed data first */
|
||||
+ for (i = 0; i < sk_CONF_VALUE_num(ecmds); i++) {
|
||||
+ CONF_VALUE *ecmd = sk_CONF_VALUE_value(ecmds, i);
|
||||
+ const char *confname = skip_dot(ecmd->name);
|
||||
+ const char *confvalue = ecmd->value;
|
||||
+
|
||||
+ OSSL_TRACE2(CONF, "Provider command: %s = %s\n",
|
||||
+ confname, confvalue);
|
||||
+
|
||||
+ /* First handle some special pseudo confs */
|
||||
+
|
||||
+ /* Override provider name to use */
|
||||
+ if (strcmp(confname, "identity") == 0)
|
||||
+ name = confvalue;
|
||||
+ else if (strcmp(confname, "soft_load") == 0)
|
||||
+ soft = 1;
|
||||
+ /* Load a dynamic PROVIDER */
|
||||
+ else if (strcmp(confname, "module") == 0)
|
||||
+ path = confvalue;
|
||||
+ else if (strcmp(confname, "activate") == 0)
|
||||
+ activate = 1;
|
||||
+ }
|
||||
+
|
||||
+ if (activate) {
|
||||
+ ok = provider_conf_activate(libctx, name, value, path, soft, cnf);
|
||||
} else {
|
||||
OSSL_PROVIDER_INFO entry;
|
||||
|
||||
@@ -306,6 +317,19 @@ static int provider_conf_init(CONF_IMODU
|
||||
if (ok) {
|
||||
if (!ossl_provider_activate(prov, 1, 0)) {
|
||||
@@ -309,6 +311,30 @@ static int provider_conf_init(CONF_IMODULE *md, const CONF *cnf)
|
||||
return 0;
|
||||
}
|
||||
|
||||
+ if (ossl_get_kernel_fips_flag() != 0) { /* XXX from provider_conf_load */
|
||||
+ OSSL_LIB_CTX *libctx = NCONF_get0_libctx((CONF *)cnf);
|
||||
+ PROVIDER_CONF_GLOBAL *pcgbl
|
||||
+ = ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_PROVIDER_CONF_INDEX,
|
||||
+ &provider_conf_ossl_ctx_method);
|
||||
+ if (provider_conf_activate(libctx, "fips", NULL, NULL, 0, NULL) != 1)
|
||||
+ return 0;
|
||||
+# define FIPS_LOCAL_CONF OPENSSLDIR "/fips_local.cnf"
|
||||
+
|
||||
+ if (access(FIPS_LOCAL_CONF, R_OK) == 0) {
|
||||
+ CONF *fips_conf = NCONF_new_ex(libctx, NCONF_default());
|
||||
+ if (NCONF_load(fips_conf, FIPS_LOCAL_CONF, NULL) <= 0)
|
||||
+ return 0;
|
||||
+
|
||||
+ if (provider_conf_load(libctx, "fips", "fips_sect", fips_conf) != 1) {
|
||||
+ NCONF_free(fips_conf);
|
||||
+ return 0;
|
||||
+ }
|
||||
+ NCONF_free(fips_conf);
|
||||
+ } else {
|
||||
+ if (provider_conf_activate(libctx, "fips", NULL, NULL, 0, NULL) != 1)
|
||||
+ return 0;
|
||||
+ }
|
||||
+ if (provider_conf_activate(libctx, "base", NULL, NULL, 0, NULL) != 1)
|
||||
+ return 0;
|
||||
+ if (EVP_default_properties_enable_fips(libctx, 1) != 1)
|
||||
|
@ -163,3 +64,6 @@ diff -up openssl-3.0.1/crypto/provider_conf.c.fipsact openssl-3.0.1/crypto/provi
|
|||
return 1;
|
||||
}
|
||||
|
||||
--
|
||||
2.41.0
|
||||
|
||||
|
|
|
@ -1,9 +1,32 @@
|
|||
diff -up openssl-3.0.0/providers/fips/self_test.c.embed-hmac openssl-3.0.0/providers/fips/self_test.c
|
||||
--- openssl-3.0.0/providers/fips/self_test.c.embed-hmac 2021-11-16 13:57:05.127171056 +0100
|
||||
+++ openssl-3.0.0/providers/fips/self_test.c 2021-11-16 14:07:21.963412455 +0100
|
||||
@@ -171,11 +171,27 @@ DEP_FINI_ATTRIBUTE void cleanup(void)
|
||||
From e364a858262c8f563954544cc81e66f1b3b8db8c Mon Sep 17 00:00:00 2001
|
||||
From: rpm-build <rpm-build>
|
||||
Date: Thu, 19 Oct 2023 13:12:40 +0200
|
||||
Subject: [PATCH 16/46] 0033-FIPS-embed-hmac.patch
|
||||
|
||||
Patch-name: 0033-FIPS-embed-hmac.patch
|
||||
Patch-id: 33
|
||||
Patch-status: |
|
||||
# # Embed HMAC into the fips.so
|
||||
From-dist-git-commit: 5c67b5adc311af297f425c09e3e1ac7ca8483911
|
||||
---
|
||||
providers/fips/self_test.c | 70 ++++++++++++++++++++++++---
|
||||
test/fipsmodule.cnf | 2 +
|
||||
test/recipes/00-prep_fipsmodule_cnf.t | 2 +-
|
||||
test/recipes/01-test_fipsmodule_cnf.t | 2 +-
|
||||
test/recipes/03-test_fipsinstall.t | 2 +-
|
||||
test/recipes/30-test_defltfips.t | 2 +-
|
||||
test/recipes/80-test_ssl_new.t | 2 +-
|
||||
test/recipes/90-test_sslapi.t | 2 +-
|
||||
8 files changed, 71 insertions(+), 13 deletions(-)
|
||||
create mode 100644 test/fipsmodule.cnf
|
||||
|
||||
diff --git a/providers/fips/self_test.c b/providers/fips/self_test.c
|
||||
index b8dc9817b2..e3a629018a 100644
|
||||
--- a/providers/fips/self_test.c
|
||||
+++ b/providers/fips/self_test.c
|
||||
@@ -230,11 +230,27 @@ err:
|
||||
return ok;
|
||||
}
|
||||
#endif
|
||||
|
||||
+#define HMAC_LEN 32
|
||||
+/*
|
||||
|
@ -29,13 +52,7 @@ diff -up openssl-3.0.0/providers/fips/self_test.c.embed-hmac openssl-3.0.0/provi
|
|||
static int verify_integrity(OSSL_CORE_BIO *bio, OSSL_FUNC_BIO_read_ex_fn read_ex_cb,
|
||||
unsigned char *expected, size_t expected_len,
|
||||
OSSL_LIB_CTX *libctx, OSSL_SELF_TEST *ev,
|
||||
@@ -183,14 +199,26 @@ static int verify_integrity(OSSL_CORE_BI
|
||||
{
|
||||
int ret = 0, status;
|
||||
unsigned char out[MAX_MD_SIZE];
|
||||
- unsigned char buf[INTEGRITY_BUF_SIZE];
|
||||
+ unsigned char buf[INTEGRITY_BUF_SIZE+HMAC_LEN];
|
||||
size_t bytes_read = 0, out_len = 0;
|
||||
@@ -247,12 +263,23 @@ static int verify_integrity(OSSL_CORE_BIO *bio, OSSL_FUNC_BIO_read_ex_fn read_ex
|
||||
EVP_MAC *mac = NULL;
|
||||
EVP_MAC_CTX *ctx = NULL;
|
||||
OSSL_PARAM params[2], *p = params;
|
||||
|
@ -44,7 +61,9 @@ diff -up openssl-3.0.0/providers/fips/self_test.c.embed-hmac openssl-3.0.0/provi
|
|||
+ struct link_map *lm = NULL;
|
||||
+ unsigned long paddr;
|
||||
+ unsigned long off = 0;
|
||||
+ int have_rest = 0;
|
||||
|
||||
if (!integrity_self_test(ev, libctx))
|
||||
goto err;
|
||||
|
||||
OSSL_SELF_TEST_onbegin(ev, event_type, OSSL_SELF_TEST_DESC_INTEGRITY_HMAC);
|
||||
|
||||
|
@ -57,65 +76,61 @@ diff -up openssl-3.0.0/providers/fips/self_test.c.embed-hmac openssl-3.0.0/provi
|
|||
mac = EVP_MAC_fetch(libctx, MAC_NAME, NULL);
|
||||
if (mac == NULL)
|
||||
goto err;
|
||||
@@ -204,12 +233,53 @@ static int verify_integrity(OSSL_CORE_BI
|
||||
@@ -266,13 +293,42 @@ static int verify_integrity(OSSL_CORE_BIO *bio, OSSL_FUNC_BIO_read_ex_fn read_ex
|
||||
if (!EVP_MAC_init(ctx, fixed_key, sizeof(fixed_key), params))
|
||||
goto err;
|
||||
|
||||
+ status = read_ex_cb(bio, buf, HMAC_LEN, &bytes_read);
|
||||
+ if (status != 1 || bytes_read != HMAC_LEN)
|
||||
+ goto err;
|
||||
+ off += HMAC_LEN;
|
||||
+
|
||||
while (1) {
|
||||
- while (1) {
|
||||
- status = read_ex_cb(bio, buf, sizeof(buf), &bytes_read);
|
||||
- if (status != 1)
|
||||
+ status = read_ex_cb(bio, buf+HMAC_LEN, INTEGRITY_BUF_SIZE, &bytes_read);
|
||||
+ if (status != 1) {
|
||||
+ have_rest = 1;
|
||||
+ while ((off + INTEGRITY_BUF_SIZE) <= paddr) {
|
||||
+ status = read_ex_cb(bio, buf, INTEGRITY_BUF_SIZE, &bytes_read);
|
||||
+ if (status != 1)
|
||||
+ break;
|
||||
+ }
|
||||
+
|
||||
+ if (bytes_read == INTEGRITY_BUF_SIZE) { /* Full block */
|
||||
+ /* Logic:
|
||||
+ * We have HMAC_LEN (read before) + INTEGRITY_BUF_SIZE (read now) in buffer
|
||||
+ * We calculate HMAC from first INTEGRITY_BUF_SIZE bytes
|
||||
+ * and move last HMAC_LEN bytes to the beginning of the buffer
|
||||
+ *
|
||||
+ * If we have read (a part of) buffer fips_hmac_container
|
||||
+ * we should replace it with zeros.
|
||||
+ * If it is inside our current buffer, we will update now.
|
||||
+ * If it intersects the upper bound, we will clean up on the next step.
|
||||
+ */
|
||||
+ if (off - HMAC_LEN <= paddr && paddr <= off + bytes_read)
|
||||
+ memset (buf + HMAC_LEN + paddr - off, 0, HMAC_LEN);
|
||||
+ off += bytes_read;
|
||||
+
|
||||
+ if (!EVP_MAC_update(ctx, buf, bytes_read))
|
||||
+ goto err;
|
||||
+ memcpy (buf, buf+INTEGRITY_BUF_SIZE, HMAC_LEN);
|
||||
+ } else { /* Final block */
|
||||
+ /* Logic is basically the same as in previous branch
|
||||
+ * but we calculate HMAC from HMAC_LEN (rest of previous step)
|
||||
+ * and bytes_read read on this step
|
||||
+ * */
|
||||
+ if (off - HMAC_LEN <= paddr && paddr <= off + bytes_read)
|
||||
+ memset (buf + HMAC_LEN + paddr - off, 0, HMAC_LEN);
|
||||
+ if (!EVP_MAC_update(ctx, buf, bytes_read+HMAC_LEN))
|
||||
+ goto err;
|
||||
+ off += bytes_read;
|
||||
break;
|
||||
- if (!EVP_MAC_update(ctx, buf, bytes_read))
|
||||
+ }
|
||||
+ if (!EVP_MAC_update(ctx, buf, bytes_read))
|
||||
+ goto err;
|
||||
+ off += bytes_read;
|
||||
+ }
|
||||
+ if (have_rest) {
|
||||
+ if (!EVP_MAC_update(ctx, buf, HMAC_LEN))
|
||||
+
|
||||
+ if (off + INTEGRITY_BUF_SIZE > paddr) {
|
||||
+ int delta = paddr - off;
|
||||
+ status = read_ex_cb(bio, buf, delta, &bytes_read);
|
||||
+ if (status != 1)
|
||||
+ goto err;
|
||||
+ if (!EVP_MAC_update(ctx, buf, bytes_read))
|
||||
+ goto err;
|
||||
+ off += bytes_read;
|
||||
+
|
||||
+ status = read_ex_cb(bio, buf, HMAC_LEN, &bytes_read);
|
||||
+ memset(buf, 0, HMAC_LEN);
|
||||
+ if (status != 1)
|
||||
+ goto err;
|
||||
+ if (!EVP_MAC_update(ctx, buf, bytes_read))
|
||||
+ goto err;
|
||||
+ off += bytes_read;
|
||||
+ }
|
||||
+
|
||||
+ while (bytes_read > 0) {
|
||||
+ status = read_ex_cb(bio, buf, INTEGRITY_BUF_SIZE, &bytes_read);
|
||||
if (status != 1)
|
||||
break;
|
||||
if (!EVP_MAC_update(ctx, buf, bytes_read))
|
||||
goto err;
|
||||
+ off += HMAC_LEN;
|
||||
+ off += bytes_read;
|
||||
}
|
||||
+
|
||||
if (!EVP_MAC_final(ctx, out, &out_len, sizeof(out)))
|
||||
goto err;
|
||||
@@ -284,8 +358,7 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS
|
||||
CRYPTO_THREAD_unlock(fips_state_lock);
|
||||
|
||||
@@ -282,6 +338,7 @@ static int verify_integrity(OSSL_CORE_BIO *bio, OSSL_FUNC_BIO_read_ex_fn read_ex
|
||||
goto err;
|
||||
ret = 1;
|
||||
err:
|
||||
+ OPENSSL_cleanse(out, sizeof(out));
|
||||
OSSL_SELF_TEST_onend(ev, ret);
|
||||
EVP_MAC_CTX_free(ctx);
|
||||
EVP_MAC_free(mac);
|
||||
@@ -335,8 +392,7 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS *st, int on_demand_test)
|
||||
return 0;
|
||||
}
|
||||
|
||||
- if (st == NULL
|
||||
|
@ -124,7 +139,7 @@ diff -up openssl-3.0.0/providers/fips/self_test.c.embed-hmac openssl-3.0.0/provi
|
|||
ERR_raise(ERR_LIB_PROV, PROV_R_MISSING_CONFIG_DATA);
|
||||
goto end;
|
||||
}
|
||||
@@ -294,8 +367,9 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS
|
||||
@@ -345,8 +401,9 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS *st, int on_demand_test)
|
||||
if (ev == NULL)
|
||||
goto end;
|
||||
|
||||
|
@ -136,18 +151,27 @@ diff -up openssl-3.0.0/providers/fips/self_test.c.embed-hmac openssl-3.0.0/provi
|
|||
if (module_checksum == NULL) {
|
||||
ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_CONFIG_DATA);
|
||||
goto end;
|
||||
@@ -357,7 +431,6 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS
|
||||
ok = 1;
|
||||
@@ -420,7 +477,6 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS *st, int on_demand_test)
|
||||
end:
|
||||
EVP_RAND_free(testrand);
|
||||
OSSL_SELF_TEST_free(ev);
|
||||
- OPENSSL_free(module_checksum);
|
||||
OPENSSL_free(indicator_checksum);
|
||||
|
||||
if (st != NULL) {
|
||||
diff -ruN openssl-3.0.0/test/recipes/00-prep_fipsmodule_cnf.t openssl-3.0.0-xxx/test/recipes/00-prep_fipsmodule_cnf.t
|
||||
--- openssl-3.0.0/test/recipes/00-prep_fipsmodule_cnf.t 2021-09-07 13:46:32.000000000 +0200
|
||||
+++ openssl-3.0.0-xxx/test/recipes/00-prep_fipsmodule_cnf.t 2021-11-18 09:39:53.386817874 +0100
|
||||
@@ -20,7 +20,7 @@
|
||||
diff --git a/test/fipsmodule.cnf b/test/fipsmodule.cnf
|
||||
new file mode 100644
|
||||
index 0000000000..f05d0dedbe
|
||||
--- /dev/null
|
||||
+++ b/test/fipsmodule.cnf
|
||||
@@ -0,0 +1,2 @@
|
||||
+[fips_sect]
|
||||
+activate = 1
|
||||
diff --git a/test/recipes/00-prep_fipsmodule_cnf.t b/test/recipes/00-prep_fipsmodule_cnf.t
|
||||
index 4e3a6d85e8..e8255ba974 100644
|
||||
--- a/test/recipes/00-prep_fipsmodule_cnf.t
|
||||
+++ b/test/recipes/00-prep_fipsmodule_cnf.t
|
||||
@@ -20,7 +20,7 @@ use lib srctop_dir('Configurations');
|
||||
use lib bldtop_dir('.');
|
||||
use platform;
|
||||
|
||||
|
@ -156,10 +180,11 @@ diff -ruN openssl-3.0.0/test/recipes/00-prep_fipsmodule_cnf.t openssl-3.0.0-xxx/
|
|||
plan skip_all => "FIPS module config file only supported in a fips build"
|
||||
if $no_check;
|
||||
|
||||
diff -ruN openssl-3.0.0/test/recipes/01-test_fipsmodule_cnf.t openssl-3.0.0-xxx/test/recipes/01-test_fipsmodule_cnf.t
|
||||
--- openssl-3.0.0/test/recipes/01-test_fipsmodule_cnf.t 2021-09-07 13:46:32.000000000 +0200
|
||||
+++ openssl-3.0.0-xxx/test/recipes/01-test_fipsmodule_cnf.t 2021-11-18 09:59:02.315619486 +0100
|
||||
@@ -23,7 +23,7 @@
|
||||
diff --git a/test/recipes/01-test_fipsmodule_cnf.t b/test/recipes/01-test_fipsmodule_cnf.t
|
||||
index ce594817d5..00cebacff8 100644
|
||||
--- a/test/recipes/01-test_fipsmodule_cnf.t
|
||||
+++ b/test/recipes/01-test_fipsmodule_cnf.t
|
||||
@@ -23,7 +23,7 @@ use lib srctop_dir('Configurations');
|
||||
use lib bldtop_dir('.');
|
||||
use platform;
|
||||
|
||||
|
@ -168,34 +193,37 @@ diff -ruN openssl-3.0.0/test/recipes/01-test_fipsmodule_cnf.t openssl-3.0.0-xxx/
|
|||
plan skip_all => "Test only supported in a fips build"
|
||||
if $no_check;
|
||||
plan tests => 1;
|
||||
diff -ruN openssl-3.0.0/test/recipes/03-test_fipsinstall.t openssl-3.0.0-xxx/test/recipes/03-test_fipsinstall.t
|
||||
--- openssl-3.0.0/test/recipes/03-test_fipsinstall.t 2021-09-07 13:46:32.000000000 +0200
|
||||
+++ openssl-3.0.0-xxx/test/recipes/03-test_fipsinstall.t 2021-11-18 09:59:55.365072074 +0100
|
||||
@@ -22,7 +22,7 @@
|
||||
diff --git a/test/recipes/03-test_fipsinstall.t b/test/recipes/03-test_fipsinstall.t
|
||||
index b8b136d110..8242f4ebc3 100644
|
||||
--- a/test/recipes/03-test_fipsinstall.t
|
||||
+++ b/test/recipes/03-test_fipsinstall.t
|
||||
@@ -22,7 +22,7 @@ use lib srctop_dir('Configurations');
|
||||
use lib bldtop_dir('.');
|
||||
use platform;
|
||||
|
||||
-plan skip_all => "Test only supported in a fips build" if disabled("fips");
|
||||
+plan skip_all => "Test only supported in a fips build" if 1;
|
||||
|
||||
plan tests => 29;
|
||||
|
||||
diff -ruN openssl-3.0.0/test/recipes/30-test_defltfips.t openssl-3.0.0-xxx/test/recipes/30-test_defltfips.t
|
||||
--- openssl-3.0.0/test/recipes/30-test_defltfips.t 2021-09-07 13:46:32.000000000 +0200
|
||||
+++ openssl-3.0.0-xxx/test/recipes/30-test_defltfips.t 2021-11-18 10:22:54.179659682 +0100
|
||||
@@ -21,7 +21,7 @@
|
||||
use lib srctop_dir('Configurations');
|
||||
use lib bldtop_dir('.');
|
||||
# Compatible options for pedantic FIPS compliance
|
||||
my @pedantic_okay =
|
||||
diff --git a/test/recipes/30-test_defltfips.t b/test/recipes/30-test_defltfips.t
|
||||
index c8f145405b..56a2ec5dc4 100644
|
||||
--- a/test/recipes/30-test_defltfips.t
|
||||
+++ b/test/recipes/30-test_defltfips.t
|
||||
@@ -24,7 +24,7 @@ use lib bldtop_dir('.');
|
||||
plan skip_all => "Configuration loading is turned off"
|
||||
if disabled("autoload-config");
|
||||
|
||||
-my $no_fips = disabled('fips') || ($ENV{NO_FIPS} // 0);
|
||||
+my $no_fips = 1; #disabled('fips') || ($ENV{NO_FIPS} // 0);
|
||||
|
||||
plan tests =>
|
||||
($no_fips ? 1 : 5);
|
||||
diff -ruN openssl-3.0.0/test/recipes/80-test_ssl_new.t openssl-3.0.0-xxx/test/recipes/80-test_ssl_new.t
|
||||
--- openssl-3.0.0/test/recipes/80-test_ssl_new.t 2021-09-07 13:46:32.000000000 +0200
|
||||
+++ openssl-3.0.0-xxx/test/recipes/80-test_ssl_new.t 2021-11-18 10:18:53.391721164 +0100
|
||||
@@ -23,7 +23,7 @@
|
||||
diff --git a/test/recipes/80-test_ssl_new.t b/test/recipes/80-test_ssl_new.t
|
||||
index 0c6d6402d9..e45f9cb560 100644
|
||||
--- a/test/recipes/80-test_ssl_new.t
|
||||
+++ b/test/recipes/80-test_ssl_new.t
|
||||
@@ -27,7 +27,7 @@ setup("test_ssl_new");
|
||||
use lib srctop_dir('Configurations');
|
||||
use lib bldtop_dir('.');
|
||||
|
||||
|
@ -204,20 +232,19 @@ diff -ruN openssl-3.0.0/test/recipes/80-test_ssl_new.t openssl-3.0.0-xxx/test/re
|
|||
|
||||
$ENV{TEST_CERTS_DIR} = srctop_dir("test", "certs");
|
||||
|
||||
diff -ruN openssl-3.0.0/test/recipes/90-test_sslapi.t openssl-3.0.0-xxx/test/recipes/90-test_sslapi.t
|
||||
--- openssl-3.0.0/test/recipes/90-test_sslapi.t 2021-11-18 10:32:17.734196705 +0100
|
||||
+++ openssl-3.0.0-xxx/test/recipes/90-test_sslapi.t 2021-11-18 10:18:30.695538445 +0100
|
||||
@@ -18,7 +18,7 @@
|
||||
diff --git a/test/recipes/90-test_sslapi.t b/test/recipes/90-test_sslapi.t
|
||||
index 9e9e32b51e..1a1a7159b5 100644
|
||||
--- a/test/recipes/90-test_sslapi.t
|
||||
+++ b/test/recipes/90-test_sslapi.t
|
||||
@@ -17,7 +17,7 @@ setup("test_sslapi");
|
||||
use lib srctop_dir('Configurations');
|
||||
use lib bldtop_dir('.');
|
||||
|
||||
-my $no_fips = disabled('fips') || ($ENV{NO_FIPS} // 0);
|
||||
+my $no_fips = 1; #disabled('fips') || ($ENV{NO_FIPS} // 0);
|
||||
my $fipsmodcfg_filename = "fipsmodule.cnf";
|
||||
my $fipsmodcfg = bldtop_file("test", $fipsmodcfg_filename);
|
||||
|
||||
plan skip_all => "No TLS/SSL protocols are supported by this OpenSSL build"
|
||||
if alldisabled(grep { $_ ne "ssl3" } available_protocols("tls"));
|
||||
--- /dev/null 2021-11-16 15:27:32.915000000 +0100
|
||||
+++ openssl-3.0.0/test/fipsmodule.cnf 2021-11-18 11:15:34.538060408 +0100
|
||||
@@ -0,0 +1,2 @@
|
||||
+[fips_sect]
|
||||
+activate = 1
|
||||
--
|
||||
2.41.0
|
||||
|
||||
|
|
|
@ -1,7 +1,27 @@
|
|||
diff -up openssl-3.0.0/apps/fipsinstall.c.xxx openssl-3.0.0/apps/fipsinstall.c
|
||||
--- openssl-3.0.0/apps/fipsinstall.c.xxx 2021-11-22 13:09:28.232560235 +0100
|
||||
+++ openssl-3.0.0/apps/fipsinstall.c 2021-11-22 13:12:22.272058910 +0100
|
||||
@@ -311,6 +311,9 @@ int fipsinstall_main(int argc, char **ar
|
||||
From a9825123e7ab3474d2794a5706d9bed047959c9c Mon Sep 17 00:00:00 2001
|
||||
From: rpm-build <rpm-build>
|
||||
Date: Mon, 31 Jul 2023 09:41:28 +0200
|
||||
Subject: [PATCH 18/35] 0034.fipsinstall_disable.patch
|
||||
|
||||
Patch-name: 0034.fipsinstall_disable.patch
|
||||
Patch-id: 34
|
||||
Patch-status: |
|
||||
# Comment out fipsinstall command-line utility
|
||||
From-dist-git-commit: 9409bc7044cf4b5773639cce20f51399888c45fd
|
||||
---
|
||||
apps/fipsinstall.c | 3 +
|
||||
doc/man1/openssl-fipsinstall.pod.in | 272 +---------------------------
|
||||
doc/man1/openssl.pod | 4 -
|
||||
doc/man5/config.pod | 1 -
|
||||
doc/man5/fips_config.pod | 104 +----------
|
||||
doc/man7/OSSL_PROVIDER-FIPS.pod | 1 -
|
||||
6 files changed, 10 insertions(+), 375 deletions(-)
|
||||
|
||||
diff --git a/apps/fipsinstall.c b/apps/fipsinstall.c
|
||||
index e1ef645b60..db92cb5fb2 100644
|
||||
--- a/apps/fipsinstall.c
|
||||
+++ b/apps/fipsinstall.c
|
||||
@@ -375,6 +375,9 @@ int fipsinstall_main(int argc, char **argv)
|
||||
EVP_MAC *mac = NULL;
|
||||
CONF *conf = NULL;
|
||||
|
||||
|
@ -11,160 +31,11 @@ diff -up openssl-3.0.0/apps/fipsinstall.c.xxx openssl-3.0.0/apps/fipsinstall.c
|
|||
if ((opts = sk_OPENSSL_STRING_new_null()) == NULL)
|
||||
goto end;
|
||||
|
||||
diff -up openssl-3.0.0/doc/man1/openssl.pod.xxx openssl-3.0.0/doc/man1/openssl.pod
|
||||
--- openssl-3.0.0/doc/man1/openssl.pod.xxx 2021-11-22 13:18:51.081406990 +0100
|
||||
+++ openssl-3.0.0/doc/man1/openssl.pod 2021-11-22 13:19:02.897508738 +0100
|
||||
@@ -158,10 +158,6 @@ Engine (loadable module) information and
|
||||
|
||||
Error Number to Error String Conversion.
|
||||
|
||||
-=item B<fipsinstall>
|
||||
-
|
||||
-FIPS configuration installation.
|
||||
-
|
||||
=item B<gendsa>
|
||||
|
||||
Generation of DSA Private Key from Parameters. Superseded by
|
||||
diff -up openssl-3.0.0/doc/man5/config.pod.xxx openssl-3.0.0/doc/man5/config.pod
|
||||
--- openssl-3.0.0/doc/man5/config.pod.xxx 2021-11-22 13:24:51.359509501 +0100
|
||||
+++ openssl-3.0.0/doc/man5/config.pod 2021-11-22 13:26:02.360121820 +0100
|
||||
@@ -573,7 +573,6 @@ configuration files using that syntax wi
|
||||
=head1 SEE ALSO
|
||||
|
||||
L<openssl-x509(1)>, L<openssl-req(1)>, L<openssl-ca(1)>,
|
||||
-L<openssl-fipsinstall(1)>,
|
||||
L<ASN1_generate_nconf(3)>,
|
||||
L<EVP_set_default_properties(3)>,
|
||||
L<CONF_modules_load(3)>,
|
||||
diff -up openssl-3.0.0/doc/man5/fips_config.pod.xxx openssl-3.0.0/doc/man5/fips_config.pod
|
||||
--- openssl-3.0.0/doc/man5/fips_config.pod.xxx 2021-11-22 13:21:13.812636065 +0100
|
||||
+++ openssl-3.0.0/doc/man5/fips_config.pod 2021-11-22 13:24:12.278172847 +0100
|
||||
@@ -6,106 +6,10 @@ fips_config - OpenSSL FIPS configuration
|
||||
|
||||
=head1 DESCRIPTION
|
||||
|
||||
-A separate configuration file, using the OpenSSL L<config(5)> syntax,
|
||||
-is used to hold information about the FIPS module. This includes a digest
|
||||
-of the shared library file, and status about the self-testing.
|
||||
-This data is used automatically by the module itself for two
|
||||
-purposes:
|
||||
-
|
||||
-=over 4
|
||||
-
|
||||
-=item - Run the startup FIPS self-test known answer tests (KATS).
|
||||
-
|
||||
-This is normally done once, at installation time, but may also be set up to
|
||||
-run each time the module is used.
|
||||
-
|
||||
-=item - Verify the module's checksum.
|
||||
-
|
||||
-This is done each time the module is used.
|
||||
-
|
||||
-=back
|
||||
-
|
||||
-This file is generated by the L<openssl-fipsinstall(1)> program, and
|
||||
-used internally by the FIPS module during its initialization.
|
||||
-
|
||||
-The following options are supported. They should all appear in a section
|
||||
-whose name is identified by the B<fips> option in the B<providers>
|
||||
-section, as described in L<config(5)/Provider Configuration Module>.
|
||||
-
|
||||
-=over 4
|
||||
-
|
||||
-=item B<activate>
|
||||
-
|
||||
-If present, the module is activated. The value assigned to this name is not
|
||||
-significant.
|
||||
-
|
||||
-=item B<install-version>
|
||||
-
|
||||
-A version number for the fips install process. Should be 1.
|
||||
-
|
||||
-=item B<conditional-errors>
|
||||
-
|
||||
-The FIPS module normally enters an internal error mode if any self test fails.
|
||||
-Once this error mode is active, no services or cryptographic algorithms are
|
||||
-accessible from this point on.
|
||||
-Continuous tests are a subset of the self tests (e.g., a key pair test during key
|
||||
-generation, or the CRNG output test).
|
||||
-Setting this value to C<0> allows the error mode to not be triggered if any
|
||||
-continuous test fails. The default value of C<1> will trigger the error mode.
|
||||
-Regardless of the value, the operation (e.g., key generation) that called the
|
||||
-continuous test will return an error code if its continuous test fails. The
|
||||
-operation may then be retried if the error mode has not been triggered.
|
||||
-
|
||||
-=item B<security-checks>
|
||||
-
|
||||
-This indicates if run-time checks related to enforcement of security parameters
|
||||
-such as minimum security strength of keys and approved curve names are used.
|
||||
-A value of '1' will perform the checks, otherwise if the value is '0' the checks
|
||||
-are not performed and FIPS compliance must be done by procedures documented in
|
||||
-the relevant Security Policy.
|
||||
-
|
||||
-=item B<module-mac>
|
||||
-
|
||||
-The calculated MAC of the FIPS provider file.
|
||||
-
|
||||
-=item B<install-status>
|
||||
-
|
||||
-An indicator that the self-tests were successfully run.
|
||||
-This should only be written after the module has
|
||||
-successfully passed its self tests during installation.
|
||||
-If this field is not present, then the self tests will run when the module
|
||||
-loads.
|
||||
-
|
||||
-=item B<install-mac>
|
||||
-
|
||||
-A MAC of the value of the B<install-status> option, to prevent accidental
|
||||
-changes to that value.
|
||||
-It is written-to at the same time as B<install-status> is updated.
|
||||
-
|
||||
-=back
|
||||
-
|
||||
-For example:
|
||||
-
|
||||
- [fips_sect]
|
||||
- activate = 1
|
||||
- install-version = 1
|
||||
- conditional-errors = 1
|
||||
- security-checks = 1
|
||||
- module-mac = 41:D0:FA:C2:5D:41:75:CD:7D:C3:90:55:6F:A4:DC
|
||||
- install-mac = FE:10:13:5A:D3:B4:C7:82:1B:1E:17:4C:AC:84:0C
|
||||
- install-status = INSTALL_SELF_TEST_KATS_RUN
|
||||
-
|
||||
-=head1 NOTES
|
||||
-
|
||||
-When using the FIPS provider, it is recommended that the
|
||||
-B<config_diagnostics> option is enabled to prevent accidental use of
|
||||
-non-FIPS validated algorithms via broken or mistaken configuration.
|
||||
-See L<config(5)>.
|
||||
-
|
||||
-=head1 SEE ALSO
|
||||
-
|
||||
-L<config(5)>
|
||||
-L<openssl-fipsinstall(1)>
|
||||
+This command is disabled in Red Hat Enterprise Linux. The FIPS provider is
|
||||
+automatically loaded when the system is booted in FIPS mode, or when the
|
||||
+environment variable B<OPENSSL_FORCE_FIPS_MODE> is set. See the documentation
|
||||
+for more information.
|
||||
|
||||
=head1 COPYRIGHT
|
||||
|
||||
diff -up openssl-3.0.0/doc/man7/OSSL_PROVIDER-FIPS.pod.xxx openssl-3.0.0/doc/man7/OSSL_PROVIDER-FIPS.pod
|
||||
--- openssl-3.0.0/doc/man7/OSSL_PROVIDER-FIPS.pod.xxx 2021-11-22 13:18:13.850086386 +0100
|
||||
+++ openssl-3.0.0/doc/man7/OSSL_PROVIDER-FIPS.pod 2021-11-22 13:18:24.607179038 +0100
|
||||
@@ -388,7 +388,6 @@ A simple self test callback is shown bel
|
||||
|
||||
=head1 SEE ALSO
|
||||
|
||||
-L<openssl-fipsinstall(1)>,
|
||||
L<fips_config(5)>,
|
||||
L<OSSL_SELF_TEST_set_callback(3)>,
|
||||
L<OSSL_SELF_TEST_new(3)>,
|
||||
diff -up openssl-3.0.1/doc/man1/openssl-fipsinstall.pod.in.embed-hmac openssl-3.0.1/doc/man1/openssl-fipsinstall.pod.in
|
||||
--- openssl-3.0.1/doc/man1/openssl-fipsinstall.pod.in.embed-hmac 2022-01-11 13:26:33.279906225 +0100
|
||||
+++ openssl-3.0.1/doc/man1/openssl-fipsinstall.pod.in 2022-01-11 13:33:18.757994419 +0100
|
||||
@@ -8,236 +8,11 @@ openssl-fipsinstall - perform FIPS confi
|
||||
diff --git a/doc/man1/openssl-fipsinstall.pod.in b/doc/man1/openssl-fipsinstall.pod.in
|
||||
index b1768b7f91..b6b00e27d8 100644
|
||||
--- a/doc/man1/openssl-fipsinstall.pod.in
|
||||
+++ b/doc/man1/openssl-fipsinstall.pod.in
|
||||
@@ -8,275 +8,9 @@ openssl-fipsinstall - perform FIPS configuration installation
|
||||
=head1 SYNOPSIS
|
||||
|
||||
B<openssl fipsinstall>
|
||||
|
@ -179,14 +50,18 @@ diff -up openssl-3.0.1/doc/man1/openssl-fipsinstall.pod.in.embed-hmac openssl-3.
|
|||
-[B<-macopt> I<nm>:I<v>]
|
||||
-[B<-noout>]
|
||||
-[B<-quiet>]
|
||||
-[B<-pedantic>]
|
||||
-[B<-no_conditional_errors>]
|
||||
-[B<-no_security_checks>]
|
||||
-[B<-ems_check>]
|
||||
-[B<-no_drbg_truncated_digests>]
|
||||
-[B<-self_test_onload>]
|
||||
-[B<-self_test_oninstall>]
|
||||
-[B<-corrupt_desc> I<selftest_description>]
|
||||
-[B<-corrupt_type> I<selftest_type>]
|
||||
-[B<-config> I<parent_config>]
|
||||
|
||||
=head1 DESCRIPTION
|
||||
-
|
||||
-=head1 DESCRIPTION
|
||||
-
|
||||
-This command is used to generate a FIPS module configuration file.
|
||||
-This configuration file can be used each time a FIPS module is loaded
|
||||
|
@ -315,6 +190,14 @@ diff -up openssl-3.0.1/doc/man1/openssl-fipsinstall.pod.in.embed-hmac openssl-3.
|
|||
-
|
||||
-Disable logging of the self tests.
|
||||
-
|
||||
-=item B<-pedantic>
|
||||
-
|
||||
-Configure the module so that it is strictly FIPS compliant rather
|
||||
-than being backwards compatible. This enables conditional errors,
|
||||
-security checks etc. Note that any previous configuration options will
|
||||
-be overwritten and any subsequent configuration options that violate
|
||||
-FIPS compliance will result in an error.
|
||||
-
|
||||
-=item B<-no_conditional_errors>
|
||||
-
|
||||
-Configure the module to not enter an error state if a conditional self test
|
||||
|
@ -324,6 +207,20 @@ diff -up openssl-3.0.1/doc/man1/openssl-fipsinstall.pod.in.embed-hmac openssl-3.
|
|||
-
|
||||
-Configure the module to not perform run-time security checks as described above.
|
||||
-
|
||||
-Enabling the configuration option "no-fips-securitychecks" provides another way to
|
||||
-turn off the check at compile time.
|
||||
-
|
||||
-=item B<-ems_check>
|
||||
-
|
||||
-Configure the module to enable a run-time Extended Master Secret (EMS) check
|
||||
-when using the TLS1_PRF KDF algorithm. This check is disabled by default.
|
||||
-See RFC 7627 for information related to EMS.
|
||||
-
|
||||
-=item B<-no_drbg_truncated_digests>
|
||||
-
|
||||
-Configure the module to not allow truncated digests to be used with Hash and
|
||||
-HMAC DRBGs. See FIPS 140-3 IG D.R for details.
|
||||
-
|
||||
-=item B<-self_test_onload>
|
||||
-
|
||||
-Do not write the two fields related to the "test status indicator" and
|
||||
|
@ -334,6 +231,14 @@ diff -up openssl-3.0.1/doc/man1/openssl-fipsinstall.pod.in.embed-hmac openssl-3.
|
|||
-could possibly then add the 2 fields into the configuration using some other
|
||||
-mechanism.
|
||||
-
|
||||
-This is the default.
|
||||
-
|
||||
-=item B<-self_test_oninstall>
|
||||
-
|
||||
-The converse of B<-self_test_oninstall>. The two fields related to the
|
||||
-"test status indicator" and "MAC status indicator" are written to the
|
||||
-output configuration file.
|
||||
-
|
||||
-=item B<-quiet>
|
||||
-
|
||||
-Do not output pass/fail messages. Implies B<-noout>.
|
||||
|
@ -369,6 +274,11 @@ diff -up openssl-3.0.1/doc/man1/openssl-fipsinstall.pod.in.embed-hmac openssl-3.
|
|||
-For normal usage the base configuration file should use the default provider
|
||||
-when generating the fips configuration file.
|
||||
-
|
||||
-The B<-self_test_oninstall> option was added and the
|
||||
-B<-self_test_onload> option was made the default in OpenSSL 3.1.
|
||||
-
|
||||
-The command and all remaining options were added in OpenSSL 3.0.
|
||||
-
|
||||
-=head1 EXAMPLES
|
||||
-
|
||||
-Calculate the mac of a FIPS module F<fips.so> and run a FIPS self test
|
||||
|
@ -404,3 +314,160 @@ diff -up openssl-3.0.1/doc/man1/openssl-fipsinstall.pod.in.embed-hmac openssl-3.
|
|||
|
||||
=head1 COPYRIGHT
|
||||
|
||||
diff --git a/doc/man1/openssl.pod b/doc/man1/openssl.pod
|
||||
index d9c22a580f..d5ec3b9a6a 100644
|
||||
--- a/doc/man1/openssl.pod
|
||||
+++ b/doc/man1/openssl.pod
|
||||
@@ -135,10 +135,6 @@ Engine (loadable module) information and manipulation.
|
||||
|
||||
Error Number to Error String Conversion.
|
||||
|
||||
-=item B<fipsinstall>
|
||||
-
|
||||
-FIPS configuration installation.
|
||||
-
|
||||
=item B<gendsa>
|
||||
|
||||
Generation of DSA Private Key from Parameters. Superseded by
|
||||
diff --git a/doc/man5/config.pod b/doc/man5/config.pod
|
||||
index 714a10437b..bd05736220 100644
|
||||
--- a/doc/man5/config.pod
|
||||
+++ b/doc/man5/config.pod
|
||||
@@ -573,7 +573,6 @@ configuration files using that syntax will have to be modified.
|
||||
=head1 SEE ALSO
|
||||
|
||||
L<openssl-x509(1)>, L<openssl-req(1)>, L<openssl-ca(1)>,
|
||||
-L<openssl-fipsinstall(1)>,
|
||||
L<ASN1_generate_nconf(3)>,
|
||||
L<EVP_set_default_properties(3)>,
|
||||
L<CONF_modules_load(3)>,
|
||||
diff --git a/doc/man5/fips_config.pod b/doc/man5/fips_config.pod
|
||||
index 2255464304..1c15e32a5c 100644
|
||||
--- a/doc/man5/fips_config.pod
|
||||
+++ b/doc/man5/fips_config.pod
|
||||
@@ -6,106 +6,10 @@ fips_config - OpenSSL FIPS configuration
|
||||
|
||||
=head1 DESCRIPTION
|
||||
|
||||
-A separate configuration file, using the OpenSSL L<config(5)> syntax,
|
||||
-is used to hold information about the FIPS module. This includes a digest
|
||||
-of the shared library file, and status about the self-testing.
|
||||
-This data is used automatically by the module itself for two
|
||||
-purposes:
|
||||
-
|
||||
-=over 4
|
||||
-
|
||||
-=item - Run the startup FIPS self-test known answer tests (KATS).
|
||||
-
|
||||
-This is normally done once, at installation time, but may also be set up to
|
||||
-run each time the module is used.
|
||||
-
|
||||
-=item - Verify the module's checksum.
|
||||
-
|
||||
-This is done each time the module is used.
|
||||
-
|
||||
-=back
|
||||
-
|
||||
-This file is generated by the L<openssl-fipsinstall(1)> program, and
|
||||
-used internally by the FIPS module during its initialization.
|
||||
-
|
||||
-The following options are supported. They should all appear in a section
|
||||
-whose name is identified by the B<fips> option in the B<providers>
|
||||
-section, as described in L<config(5)/Provider Configuration Module>.
|
||||
-
|
||||
-=over 4
|
||||
-
|
||||
-=item B<activate>
|
||||
-
|
||||
-If present, the module is activated. The value assigned to this name is not
|
||||
-significant.
|
||||
-
|
||||
-=item B<install-version>
|
||||
-
|
||||
-A version number for the fips install process. Should be 1.
|
||||
-
|
||||
-=item B<conditional-errors>
|
||||
-
|
||||
-The FIPS module normally enters an internal error mode if any self test fails.
|
||||
-Once this error mode is active, no services or cryptographic algorithms are
|
||||
-accessible from this point on.
|
||||
-Continuous tests are a subset of the self tests (e.g., a key pair test during key
|
||||
-generation, or the CRNG output test).
|
||||
-Setting this value to C<0> allows the error mode to not be triggered if any
|
||||
-continuous test fails. The default value of C<1> will trigger the error mode.
|
||||
-Regardless of the value, the operation (e.g., key generation) that called the
|
||||
-continuous test will return an error code if its continuous test fails. The
|
||||
-operation may then be retried if the error mode has not been triggered.
|
||||
-
|
||||
-=item B<security-checks>
|
||||
-
|
||||
-This indicates if run-time checks related to enforcement of security parameters
|
||||
-such as minimum security strength of keys and approved curve names are used.
|
||||
-A value of '1' will perform the checks, otherwise if the value is '0' the checks
|
||||
-are not performed and FIPS compliance must be done by procedures documented in
|
||||
-the relevant Security Policy.
|
||||
-
|
||||
-=item B<module-mac>
|
||||
-
|
||||
-The calculated MAC of the FIPS provider file.
|
||||
-
|
||||
-=item B<install-status>
|
||||
-
|
||||
-An indicator that the self-tests were successfully run.
|
||||
-This should only be written after the module has
|
||||
-successfully passed its self tests during installation.
|
||||
-If this field is not present, then the self tests will run when the module
|
||||
-loads.
|
||||
-
|
||||
-=item B<install-mac>
|
||||
-
|
||||
-A MAC of the value of the B<install-status> option, to prevent accidental
|
||||
-changes to that value.
|
||||
-It is written-to at the same time as B<install-status> is updated.
|
||||
-
|
||||
-=back
|
||||
-
|
||||
-For example:
|
||||
-
|
||||
- [fips_sect]
|
||||
- activate = 1
|
||||
- install-version = 1
|
||||
- conditional-errors = 1
|
||||
- security-checks = 1
|
||||
- module-mac = 41:D0:FA:C2:5D:41:75:CD:7D:C3:90:55:6F:A4:DC
|
||||
- install-mac = FE:10:13:5A:D3:B4:C7:82:1B:1E:17:4C:AC:84:0C
|
||||
- install-status = INSTALL_SELF_TEST_KATS_RUN
|
||||
-
|
||||
-=head1 NOTES
|
||||
-
|
||||
-When using the FIPS provider, it is recommended that the
|
||||
-B<config_diagnostics> option is enabled to prevent accidental use of
|
||||
-non-FIPS validated algorithms via broken or mistaken configuration.
|
||||
-See L<config(5)>.
|
||||
-
|
||||
-=head1 SEE ALSO
|
||||
-
|
||||
-L<config(5)>
|
||||
-L<openssl-fipsinstall(1)>
|
||||
+This command is disabled in Red Hat Enterprise Linux. The FIPS provider is
|
||||
+automatically loaded when the system is booted in FIPS mode, or when the
|
||||
+environment variable B<OPENSSL_FORCE_FIPS_MODE> is set. See the documentation
|
||||
+for more information.
|
||||
|
||||
=head1 HISTORY
|
||||
|
||||
diff --git a/doc/man7/OSSL_PROVIDER-FIPS.pod b/doc/man7/OSSL_PROVIDER-FIPS.pod
|
||||
index 4f908888ba..ef00247770 100644
|
||||
--- a/doc/man7/OSSL_PROVIDER-FIPS.pod
|
||||
+++ b/doc/man7/OSSL_PROVIDER-FIPS.pod
|
||||
@@ -444,7 +444,6 @@ want to operate in a FIPS approved manner. The algorithms are:
|
||||
|
||||
=head1 SEE ALSO
|
||||
|
||||
-L<openssl-fipsinstall(1)>,
|
||||
L<fips_config(5)>,
|
||||
L<OSSL_SELF_TEST_set_callback(3)>,
|
||||
L<OSSL_SELF_TEST_new(3)>,
|
||||
--
|
||||
2.41.0
|
||||
|
||||
|
|
|
@ -1,7 +1,22 @@
|
|||
diff -up openssl-3.0.0/apps/speed.c.beldmit openssl-3.0.0/apps/speed.c
|
||||
--- openssl-3.0.0/apps/speed.c.beldmit 2021-12-21 15:14:04.210431584 +0100
|
||||
+++ openssl-3.0.0/apps/speed.c 2021-12-21 15:46:05.554085125 +0100
|
||||
@@ -547,6 +547,9 @@ static int EVP_MAC_loop(int algindex, vo
|
||||
From 213f38dc580d39f2cb46592b5e6db585fc6a650f Mon Sep 17 00:00:00 2001
|
||||
From: rpm-build <rpm-build>
|
||||
Date: Mon, 31 Jul 2023 09:41:28 +0200
|
||||
Subject: [PATCH 19/35] 0035-speed-skip-unavailable-dgst.patch
|
||||
|
||||
Patch-name: 0035-speed-skip-unavailable-dgst.patch
|
||||
Patch-id: 35
|
||||
Patch-status: |
|
||||
# Skip unavailable algorithms running `openssl speed`
|
||||
From-dist-git-commit: 9409bc7044cf4b5773639cce20f51399888c45fd
|
||||
---
|
||||
apps/speed.c | 3 +++
|
||||
1 file changed, 3 insertions(+)
|
||||
|
||||
diff --git a/apps/speed.c b/apps/speed.c
|
||||
index d527f12f18..2ff3eb53bd 100644
|
||||
--- a/apps/speed.c
|
||||
+++ b/apps/speed.c
|
||||
@@ -610,6 +610,9 @@ static int EVP_MAC_loop(int algindex, void *args)
|
||||
for (count = 0; COND(c[algindex][testnum]); count++) {
|
||||
size_t outl;
|
||||
|
||||
|
@ -11,16 +26,6 @@ diff -up openssl-3.0.0/apps/speed.c.beldmit openssl-3.0.0/apps/speed.c
|
|||
if (!EVP_MAC_init(mctx, NULL, 0, NULL)
|
||||
|| !EVP_MAC_update(mctx, buf, lengths[testnum])
|
||||
|| !EVP_MAC_final(mctx, mac, &outl, sizeof(mac)))
|
||||
@@ -1922,8 +1925,10 @@ int speed_main(int argc, char **argv)
|
||||
if (loopargs[i].mctx == NULL)
|
||||
goto end;
|
||||
|
||||
- if (!EVP_MAC_CTX_set_params(loopargs[i].mctx, params))
|
||||
- goto end;
|
||||
+ if (!EVP_MAC_CTX_set_params(loopargs[i].mctx, params)) {
|
||||
+ EVP_MAC_CTX_free(loopargs[i].mctx);
|
||||
+ loopargs[i].mctx = NULL;
|
||||
+ }
|
||||
}
|
||||
for (testnum = 0; testnum < size_num; testnum++) {
|
||||
print_message(names[D_HMAC], c[D_HMAC][testnum], lengths[testnum],
|
||||
--
|
||||
2.41.0
|
||||
|
||||
|
|
|
@ -1,7 +1,26 @@
|
|||
diff -up openssl-3.0.1/crypto/dh/dh_key.c.fips3 openssl-3.0.1/crypto/dh/dh_key.c
|
||||
--- openssl-3.0.1/crypto/dh/dh_key.c.fips3 2022-07-18 16:01:41.159543735 +0200
|
||||
+++ openssl-3.0.1/crypto/dh/dh_key.c 2022-07-18 16:24:30.251388248 +0200
|
||||
@@ -43,6 +43,9 @@ int ossl_dh_compute_key(unsigned char *k
|
||||
From b300beb172d5813b01b93bfd62fe191f8187fe1e Mon Sep 17 00:00:00 2001
|
||||
From: Dmitry Belyavskiy <dbelyavs@redhat.com>
|
||||
Date: Mon, 21 Aug 2023 12:05:23 +0200
|
||||
Subject: [PATCH 20/48] 0044-FIPS-140-3-keychecks.patch
|
||||
|
||||
Patch-name: 0044-FIPS-140-3-keychecks.patch
|
||||
Patch-id: 44
|
||||
Patch-status: |
|
||||
# Extra public/private key checks required by FIPS-140-3
|
||||
---
|
||||
crypto/dh/dh_key.c | 26 ++++++++++
|
||||
.../implementations/exchange/ecdh_exch.c | 19 ++++++++
|
||||
providers/implementations/keymgmt/ec_kmgmt.c | 24 +++++++++-
|
||||
providers/implementations/keymgmt/rsa_kmgmt.c | 18 +++++++
|
||||
.../implementations/signature/ecdsa_sig.c | 37 +++++++++++++--
|
||||
providers/implementations/signature/rsa_sig.c | 47 +++++++++++++++++--
|
||||
6 files changed, 162 insertions(+), 9 deletions(-)
|
||||
|
||||
diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c
|
||||
index 4e9705beef..83773cceea 100644
|
||||
--- a/crypto/dh/dh_key.c
|
||||
+++ b/crypto/dh/dh_key.c
|
||||
@@ -43,6 +43,9 @@ int ossl_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
|
||||
BN_MONT_CTX *mont = NULL;
|
||||
BIGNUM *z = NULL, *pminus1;
|
||||
int ret = -1;
|
||||
|
@ -11,7 +30,7 @@ diff -up openssl-3.0.1/crypto/dh/dh_key.c.fips3 openssl-3.0.1/crypto/dh/dh_key.c
|
|||
|
||||
if (BN_num_bits(dh->params.p) > OPENSSL_DH_MAX_MODULUS_BITS) {
|
||||
ERR_raise(ERR_LIB_DH, DH_R_MODULUS_TOO_LARGE);
|
||||
@@ -54,6 +57,13 @@ int ossl_dh_compute_key(unsigned char *k
|
||||
@@ -54,6 +57,13 @@ int ossl_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
@ -35,7 +54,7 @@ diff -up openssl-3.0.1/crypto/dh/dh_key.c.fips3 openssl-3.0.1/crypto/dh/dh_key.c
|
|||
|
||||
if (BN_num_bits(dh->params.p) > OPENSSL_DH_MAX_MODULUS_BITS) {
|
||||
ERR_raise(ERR_LIB_DH, DH_R_MODULUS_TOO_LARGE);
|
||||
@@ -354,8 +367,23 @@ static int generate_key(DH *dh)
|
||||
@@ -354,8 +367,21 @@ static int generate_key(DH *dh)
|
||||
if (!ossl_dh_generate_public_key(ctx, dh, priv_key, pub_key))
|
||||
goto err;
|
||||
|
||||
|
@ -50,20 +69,18 @@ diff -up openssl-3.0.1/crypto/dh/dh_key.c.fips3 openssl-3.0.1/crypto/dh/dh_key.c
|
|||
dh->priv_key = priv_key;
|
||||
+#ifdef FIPS_MODULE
|
||||
+ if (ossl_dh_check_pairwise(dh) <= 0) {
|
||||
+ dh->pub_key = dh->priv_key = NULL;
|
||||
+ ERR_raise(ERR_LIB_DH, DH_R_CHECK_PUBKEY_INVALID);
|
||||
+ goto err;
|
||||
+ abort();
|
||||
+ }
|
||||
+#endif
|
||||
+
|
||||
dh->dirty_cnt++;
|
||||
ok = 1;
|
||||
err:
|
||||
diff -up openssl-3.0.1/crypto/ec/ec_key.c.fips3 openssl-3.0.1/crypto/ec/ec_key.c
|
||||
diff -up openssl-3.0.1/providers/implementations/exchange/ecdh_exch.c.fips3 openssl-3.0.1/providers/implementations/exchange/ecdh_exch.c
|
||||
--- openssl-3.0.1/providers/implementations/exchange/ecdh_exch.c.fips3 2022-07-25 13:42:46.814952053 +0200
|
||||
+++ openssl-3.0.1/providers/implementations/exchange/ecdh_exch.c 2022-07-25 13:52:12.292065706 +0200
|
||||
@@ -488,6 +488,25 @@ int ecdh_plain_derive(void *vpecdhctx, u
|
||||
diff --git a/providers/implementations/exchange/ecdh_exch.c b/providers/implementations/exchange/ecdh_exch.c
|
||||
index 43caedb6df..73873f9758 100644
|
||||
--- a/providers/implementations/exchange/ecdh_exch.c
|
||||
+++ b/providers/implementations/exchange/ecdh_exch.c
|
||||
@@ -489,6 +489,25 @@ int ecdh_plain_derive(void *vpecdhctx, unsigned char *secret,
|
||||
}
|
||||
|
||||
ppubkey = EC_KEY_get0_public_key(pecdhctx->peerk);
|
||||
|
@ -89,99 +106,283 @@ diff -up openssl-3.0.1/providers/implementations/exchange/ecdh_exch.c.fips3 open
|
|||
|
||||
retlen = ECDH_compute_key(secret, size, ppubkey, privk, NULL);
|
||||
|
||||
diff -up openssl-3.0.1/crypto/ec/ec_key.c.fips3 openssl-3.0.1/crypto/ec/ec_key.c
|
||||
--- openssl-3.0.1/crypto/ec/ec_key.c.fips3 2022-07-25 14:03:34.420222507 +0200
|
||||
+++ openssl-3.0.1/crypto/ec/ec_key.c 2022-07-25 14:09:00.728164294 +0200
|
||||
@@ -336,6 +336,11 @@ static int ec_generate_key(EC_KEY *eckey
|
||||
|
||||
OSSL_SELF_TEST_get_callback(eckey->libctx, &cb, &cbarg);
|
||||
ok = ecdsa_keygen_pairwise_test(eckey, cb, cbarg);
|
||||
+
|
||||
diff --git a/providers/implementations/keymgmt/ec_kmgmt.c b/providers/implementations/keymgmt/ec_kmgmt.c
|
||||
index a37cbbdba8..bca3f3c674 100644
|
||||
--- a/providers/implementations/keymgmt/ec_kmgmt.c
|
||||
+++ b/providers/implementations/keymgmt/ec_kmgmt.c
|
||||
@@ -989,8 +989,17 @@ struct ec_gen_ctx {
|
||||
int selection;
|
||||
int ecdh_mode;
|
||||
EC_GROUP *gen_group;
|
||||
+#ifdef FIPS_MODULE
|
||||
+ ok &= ossl_ec_key_public_check(eckey, ctx);
|
||||
+ ok &= ossl_ec_key_pairwise_check(eckey, ctx);
|
||||
+#endif /* FIPS_MODULE */
|
||||
}
|
||||
err:
|
||||
/* Step (9): If there is an error return an invalid keypair. */
|
||||
diff -up openssl-3.0.1/crypto/rsa/rsa_gen.c.fips3 openssl-3.0.1/crypto/rsa/rsa_gen.c
|
||||
--- openssl-3.0.1/crypto/rsa/rsa_gen.c.fips3 2022-07-25 17:02:17.807271297 +0200
|
||||
+++ openssl-3.0.1/crypto/rsa/rsa_gen.c 2022-07-25 17:18:24.931959649 +0200
|
||||
@@ -23,6 +23,7 @@
|
||||
#include <time.h>
|
||||
#include "internal/cryptlib.h"
|
||||
#include <openssl/bn.h>
|
||||
+#include <openssl/obj_mac.h>
|
||||
#include <openssl/self_test.h>
|
||||
#include "prov/providercommon.h"
|
||||
#include "rsa_local.h"
|
||||
@@ -476,52 +476,43 @@ static int rsa_keygen(OSSL_LIB_CTX *libc
|
||||
static int rsa_keygen_pairwise_test(RSA *rsa, OSSL_CALLBACK *cb, void *cbarg)
|
||||
{
|
||||
int ret = 0;
|
||||
- unsigned int ciphertxt_len;
|
||||
- unsigned char *ciphertxt = NULL;
|
||||
- const unsigned char plaintxt[16] = {0};
|
||||
- unsigned char *decoded = NULL;
|
||||
- unsigned int decoded_len;
|
||||
- unsigned int plaintxt_len = (unsigned int)sizeof(plaintxt_len);
|
||||
- int padding = RSA_PKCS1_PADDING;
|
||||
+ unsigned int signature_len;
|
||||
+ unsigned char *signature = NULL;
|
||||
OSSL_SELF_TEST *st = NULL;
|
||||
+ static const unsigned char dgst[] = {
|
||||
+ 0x7f, 0x83, 0xb1, 0x65, 0x7f, 0xf1, 0xfc, 0x53, 0xb9, 0x2d, 0xc1, 0x81,
|
||||
+ 0x48, 0xa1, 0xd6, 0x5d, 0xfc, 0x2d, 0x4b, 0x1f, 0xa3, 0xd6, 0x77, 0x28,
|
||||
+ 0x4a, 0xdd, 0xd2, 0x00, 0x12, 0x6d, 0x90, 0x69
|
||||
+ };
|
||||
+ void *ecdsa_sig_ctx;
|
||||
+#endif
|
||||
};
|
||||
|
||||
st = OSSL_SELF_TEST_new(cb, cbarg);
|
||||
if (st == NULL)
|
||||
goto err;
|
||||
OSSL_SELF_TEST_onbegin(st, OSSL_SELF_TEST_TYPE_PCT,
|
||||
+ /* No special name for RSA signature PCT*/
|
||||
OSSL_SELF_TEST_DESC_PCT_RSA_PKCS1);
|
||||
|
||||
- ciphertxt_len = RSA_size(rsa);
|
||||
+ signature_len = RSA_size(rsa);
|
||||
- /*
|
||||
- * RSA_private_encrypt() and RSA_private_decrypt() requires the 'to'
|
||||
- * parameter to be a maximum of RSA_size() - allocate space for both.
|
||||
- */
|
||||
- ciphertxt = OPENSSL_zalloc(ciphertxt_len * 2);
|
||||
- if (ciphertxt == NULL)
|
||||
+ signature = OPENSSL_zalloc(signature_len);
|
||||
+ if (signature == NULL)
|
||||
goto err;
|
||||
- decoded = ciphertxt + ciphertxt_len;
|
||||
|
||||
- ciphertxt_len = RSA_public_encrypt(plaintxt_len, plaintxt, ciphertxt, rsa,
|
||||
- padding);
|
||||
- if (ciphertxt_len <= 0)
|
||||
+ if (RSA_sign(NID_sha256, dgst, sizeof(dgst), signature, &signature_len, rsa) <= 0)
|
||||
goto err;
|
||||
- if (ciphertxt_len == plaintxt_len
|
||||
- && memcmp(ciphertxt, plaintxt, plaintxt_len) == 0)
|
||||
+#ifdef FIPS_MODULE
|
||||
+void *ecdsa_newctx(void *provctx, const char *propq);
|
||||
+void ecdsa_freectx(void *vctx);
|
||||
+int do_ec_pct(void *, const char *, void *);
|
||||
+#endif
|
||||
+
|
||||
+ if (signature_len <= 0)
|
||||
goto err;
|
||||
|
||||
- OSSL_SELF_TEST_oncorrupt_byte(st, ciphertxt);
|
||||
+ OSSL_SELF_TEST_oncorrupt_byte(st, signature);
|
||||
|
||||
- decoded_len = RSA_private_decrypt(ciphertxt_len, ciphertxt, decoded, rsa,
|
||||
- padding);
|
||||
- if (decoded_len != plaintxt_len
|
||||
- || memcmp(decoded, plaintxt, decoded_len) != 0)
|
||||
+ if (RSA_verify(NID_sha256, dgst, sizeof(dgst), signature, signature_len, rsa) <= 0)
|
||||
goto err;
|
||||
|
||||
ret = 1;
|
||||
err:
|
||||
OSSL_SELF_TEST_onend(st, ret);
|
||||
OSSL_SELF_TEST_free(st);
|
||||
- OPENSSL_free(ciphertxt);
|
||||
+ OPENSSL_free(signature);
|
||||
|
||||
return ret;
|
||||
static void *ec_gen_init(void *provctx, int selection,
|
||||
const OSSL_PARAM params[])
|
||||
{
|
||||
@@ -1009,6 +1018,10 @@ static void *ec_gen_init(void *provctx, int selection,
|
||||
gctx = NULL;
|
||||
}
|
||||
}
|
||||
+#ifdef FIPS_MODULE
|
||||
+ if (gctx != NULL)
|
||||
+ gctx->ecdsa_sig_ctx = ecdsa_newctx(provctx, NULL);
|
||||
+#endif
|
||||
return gctx;
|
||||
}
|
||||
|
||||
@@ -1279,6 +1292,12 @@ static void *ec_gen(void *genctx, OSSL_CALLBACK *osslcb, void *cbarg)
|
||||
|
||||
if (gctx->ecdh_mode != -1)
|
||||
ret = ret && ossl_ec_set_ecdh_cofactor_mode(ec, gctx->ecdh_mode);
|
||||
+#ifdef FIPS_MODULE
|
||||
+ /* Pairwise consistency test */
|
||||
+ if ((gctx->selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0
|
||||
+ && do_ec_pct(gctx->ecdsa_sig_ctx, "sha256", ec) != 1)
|
||||
+ abort();
|
||||
+#endif
|
||||
|
||||
if (gctx->group_check != NULL)
|
||||
ret = ret && ossl_ec_set_check_group_type_from_name(ec, gctx->group_check);
|
||||
@@ -1348,7 +1367,10 @@ static void ec_gen_cleanup(void *genctx)
|
||||
|
||||
if (gctx == NULL)
|
||||
return;
|
||||
-
|
||||
+#ifdef FIPS_MODULE
|
||||
+ ecdsa_freectx(gctx->ecdsa_sig_ctx);
|
||||
+ gctx->ecdsa_sig_ctx = NULL;
|
||||
+#endif
|
||||
EC_GROUP_free(gctx->gen_group);
|
||||
BN_free(gctx->p);
|
||||
BN_free(gctx->a);
|
||||
diff --git a/providers/implementations/keymgmt/rsa_kmgmt.c b/providers/implementations/keymgmt/rsa_kmgmt.c
|
||||
index 3ba12c4889..ff49f8fcd8 100644
|
||||
--- a/providers/implementations/keymgmt/rsa_kmgmt.c
|
||||
+++ b/providers/implementations/keymgmt/rsa_kmgmt.c
|
||||
@@ -434,6 +434,7 @@ struct rsa_gen_ctx {
|
||||
#if defined(FIPS_MODULE) && !defined(OPENSSL_NO_ACVP_TESTS)
|
||||
/* ACVP test parameters */
|
||||
OSSL_PARAM *acvp_test_params;
|
||||
+ void *prov_rsa_ctx;
|
||||
#endif
|
||||
};
|
||||
|
||||
@@ -447,6 +448,12 @@ static int rsa_gencb(int p, int n, BN_GENCB *cb)
|
||||
return gctx->cb(params, gctx->cbarg);
|
||||
}
|
||||
|
||||
+#ifdef FIPS_MODULE
|
||||
+void *rsa_newctx(void *provctx, const char *propq);
|
||||
+void rsa_freectx(void *vctx);
|
||||
+int do_rsa_pct(void *, const char *, void *);
|
||||
+#endif
|
||||
+
|
||||
static void *gen_init(void *provctx, int selection, int rsa_type,
|
||||
const OSSL_PARAM params[])
|
||||
{
|
||||
@@ -474,6 +481,10 @@ static void *gen_init(void *provctx, int selection, int rsa_type,
|
||||
|
||||
if (!rsa_gen_set_params(gctx, params))
|
||||
goto err;
|
||||
+#ifdef FIPS_MODULE
|
||||
+ if (gctx != NULL)
|
||||
+ gctx->prov_rsa_ctx = rsa_newctx(provctx, NULL);
|
||||
+#endif
|
||||
return gctx;
|
||||
|
||||
err:
|
||||
@@ -630,6 +641,11 @@ static void *rsa_gen(void *genctx, OSSL_CALLBACK *osslcb, void *cbarg)
|
||||
|
||||
rsa = rsa_tmp;
|
||||
rsa_tmp = NULL;
|
||||
+#ifdef FIPS_MODULE
|
||||
+ /* Pairwise consistency test */
|
||||
+ if (do_rsa_pct(gctx->prov_rsa_ctx, "sha256", rsa) != 1)
|
||||
+ abort();
|
||||
+#endif
|
||||
err:
|
||||
BN_GENCB_free(gencb);
|
||||
RSA_free(rsa_tmp);
|
||||
@@ -645,6 +661,8 @@ static void rsa_gen_cleanup(void *genctx)
|
||||
#if defined(FIPS_MODULE) && !defined(OPENSSL_NO_ACVP_TESTS)
|
||||
ossl_rsa_acvp_test_gen_params_free(gctx->acvp_test_params);
|
||||
gctx->acvp_test_params = NULL;
|
||||
+ rsa_freectx(gctx->prov_rsa_ctx);
|
||||
+ gctx->prov_rsa_ctx = NULL;
|
||||
#endif
|
||||
BN_clear_free(gctx->pub_exp);
|
||||
OPENSSL_free(gctx);
|
||||
diff --git a/providers/implementations/signature/ecdsa_sig.c b/providers/implementations/signature/ecdsa_sig.c
|
||||
index 865d49d100..ebeb30e002 100644
|
||||
--- a/providers/implementations/signature/ecdsa_sig.c
|
||||
+++ b/providers/implementations/signature/ecdsa_sig.c
|
||||
@@ -32,7 +32,7 @@
|
||||
#include "crypto/ec.h"
|
||||
#include "prov/der_ec.h"
|
||||
|
||||
-static OSSL_FUNC_signature_newctx_fn ecdsa_newctx;
|
||||
+OSSL_FUNC_signature_newctx_fn ecdsa_newctx;
|
||||
static OSSL_FUNC_signature_sign_init_fn ecdsa_sign_init;
|
||||
static OSSL_FUNC_signature_verify_init_fn ecdsa_verify_init;
|
||||
static OSSL_FUNC_signature_sign_fn ecdsa_sign;
|
||||
@@ -43,7 +43,7 @@ static OSSL_FUNC_signature_digest_sign_final_fn ecdsa_digest_sign_final;
|
||||
static OSSL_FUNC_signature_digest_verify_init_fn ecdsa_digest_verify_init;
|
||||
static OSSL_FUNC_signature_digest_verify_update_fn ecdsa_digest_signverify_update;
|
||||
static OSSL_FUNC_signature_digest_verify_final_fn ecdsa_digest_verify_final;
|
||||
-static OSSL_FUNC_signature_freectx_fn ecdsa_freectx;
|
||||
+OSSL_FUNC_signature_freectx_fn ecdsa_freectx;
|
||||
static OSSL_FUNC_signature_dupctx_fn ecdsa_dupctx;
|
||||
static OSSL_FUNC_signature_get_ctx_params_fn ecdsa_get_ctx_params;
|
||||
static OSSL_FUNC_signature_gettable_ctx_params_fn ecdsa_gettable_ctx_params;
|
||||
@@ -104,7 +104,7 @@ typedef struct {
|
||||
#endif
|
||||
} PROV_ECDSA_CTX;
|
||||
|
||||
-static void *ecdsa_newctx(void *provctx, const char *propq)
|
||||
+void *ecdsa_newctx(void *provctx, const char *propq)
|
||||
{
|
||||
PROV_ECDSA_CTX *ctx;
|
||||
|
||||
@@ -370,7 +370,7 @@ int ecdsa_digest_verify_final(void *vctx, const unsigned char *sig,
|
||||
return ecdsa_verify(ctx, sig, siglen, digest, (size_t)dlen);
|
||||
}
|
||||
|
||||
-static void ecdsa_freectx(void *vctx)
|
||||
+void ecdsa_freectx(void *vctx)
|
||||
{
|
||||
PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
|
||||
|
||||
@@ -581,6 +581,35 @@ static const OSSL_PARAM *ecdsa_settable_ctx_md_params(void *vctx)
|
||||
return EVP_MD_settable_ctx_params(ctx->md);
|
||||
}
|
||||
|
||||
+#ifdef FIPS_MODULE
|
||||
+int do_ec_pct(void *vctx, const char *mdname, void *ec)
|
||||
+{
|
||||
+ static const unsigned char data[32];
|
||||
+ unsigned char sigbuf[256];
|
||||
+ size_t siglen = sizeof(sigbuf);
|
||||
+
|
||||
+ if (ecdsa_digest_sign_init(vctx, mdname, ec, NULL) <= 0)
|
||||
+ return 0;
|
||||
+
|
||||
+ if (ecdsa_digest_signverify_update(vctx, data, sizeof(data)) <= 0)
|
||||
+ return 0;
|
||||
+
|
||||
+ if (ecdsa_digest_sign_final(vctx, sigbuf, &siglen, sizeof(sigbuf)) <= 0)
|
||||
+ return 0;
|
||||
+
|
||||
+ if (ecdsa_digest_verify_init(vctx, mdname, ec, NULL) <= 0)
|
||||
+ return 0;
|
||||
+
|
||||
+ if (ecdsa_digest_signverify_update(vctx, data, sizeof(data)) <= 0)
|
||||
+ return 0;
|
||||
+
|
||||
+ if (ecdsa_digest_verify_final(vctx, sigbuf, siglen) <= 0)
|
||||
+ return 0;
|
||||
+
|
||||
+ return 1;
|
||||
+}
|
||||
+#endif
|
||||
+
|
||||
const OSSL_DISPATCH ossl_ecdsa_signature_functions[] = {
|
||||
{ OSSL_FUNC_SIGNATURE_NEWCTX, (void (*)(void))ecdsa_newctx },
|
||||
{ OSSL_FUNC_SIGNATURE_SIGN_INIT, (void (*)(void))ecdsa_sign_init },
|
||||
diff --git a/providers/implementations/signature/rsa_sig.c b/providers/implementations/signature/rsa_sig.c
|
||||
index cd5de6bd51..d4261e8f7d 100644
|
||||
--- a/providers/implementations/signature/rsa_sig.c
|
||||
+++ b/providers/implementations/signature/rsa_sig.c
|
||||
@@ -34,7 +34,7 @@
|
||||
|
||||
#define RSA_DEFAULT_DIGEST_NAME OSSL_DIGEST_NAME_SHA1
|
||||
|
||||
-static OSSL_FUNC_signature_newctx_fn rsa_newctx;
|
||||
+OSSL_FUNC_signature_newctx_fn rsa_newctx;
|
||||
static OSSL_FUNC_signature_sign_init_fn rsa_sign_init;
|
||||
static OSSL_FUNC_signature_verify_init_fn rsa_verify_init;
|
||||
static OSSL_FUNC_signature_verify_recover_init_fn rsa_verify_recover_init;
|
||||
@@ -47,7 +47,7 @@ static OSSL_FUNC_signature_digest_sign_final_fn rsa_digest_sign_final;
|
||||
static OSSL_FUNC_signature_digest_verify_init_fn rsa_digest_verify_init;
|
||||
static OSSL_FUNC_signature_digest_verify_update_fn rsa_digest_signverify_update;
|
||||
static OSSL_FUNC_signature_digest_verify_final_fn rsa_digest_verify_final;
|
||||
-static OSSL_FUNC_signature_freectx_fn rsa_freectx;
|
||||
+OSSL_FUNC_signature_freectx_fn rsa_freectx;
|
||||
static OSSL_FUNC_signature_dupctx_fn rsa_dupctx;
|
||||
static OSSL_FUNC_signature_get_ctx_params_fn rsa_get_ctx_params;
|
||||
static OSSL_FUNC_signature_gettable_ctx_params_fn rsa_gettable_ctx_params;
|
||||
@@ -170,7 +170,7 @@ static int rsa_check_parameters(PROV_RSA_CTX *prsactx, int min_saltlen)
|
||||
return 1;
|
||||
}
|
||||
|
||||
-static void *rsa_newctx(void *provctx, const char *propq)
|
||||
+void *rsa_newctx(void *provctx, const char *propq)
|
||||
{
|
||||
PROV_RSA_CTX *prsactx = NULL;
|
||||
char *propq_copy = NULL;
|
||||
@@ -977,7 +977,7 @@ int rsa_digest_verify_final(void *vprsactx, const unsigned char *sig,
|
||||
return rsa_verify(vprsactx, sig, siglen, digest, (size_t)dlen);
|
||||
}
|
||||
|
||||
-static void rsa_freectx(void *vprsactx)
|
||||
+void rsa_freectx(void *vprsactx)
|
||||
{
|
||||
PROV_RSA_CTX *prsactx = (PROV_RSA_CTX *)vprsactx;
|
||||
|
||||
@@ -1455,6 +1455,45 @@ static const OSSL_PARAM *rsa_settable_ctx_md_params(void *vprsactx)
|
||||
return EVP_MD_settable_ctx_params(prsactx->md);
|
||||
}
|
||||
|
||||
+#ifdef FIPS_MODULE
|
||||
+int do_rsa_pct(void *vctx, const char *mdname, void *rsa)
|
||||
+{
|
||||
+ static const unsigned char data[32];
|
||||
+ unsigned char *sigbuf = NULL;
|
||||
+ size_t siglen = 0;
|
||||
+ int ret = 0;
|
||||
+
|
||||
+ if (rsa_digest_sign_init(vctx, mdname, rsa, NULL) <= 0)
|
||||
+ return 0;
|
||||
+
|
||||
+ if (rsa_digest_signverify_update(vctx, data, sizeof(data)) <= 0)
|
||||
+ return 0;
|
||||
+
|
||||
+ if (rsa_digest_sign_final(vctx, NULL, &siglen, 0) <= 0)
|
||||
+ return 0;
|
||||
+
|
||||
+ if ((sigbuf = OPENSSL_malloc(siglen)) == NULL)
|
||||
+ return 0;
|
||||
+
|
||||
+ if (rsa_digest_sign_final(vctx, sigbuf, &siglen, siglen) <= 0)
|
||||
+ goto err;
|
||||
+
|
||||
+ if (rsa_digest_verify_init(vctx, mdname, rsa, NULL) <= 0)
|
||||
+ goto err;
|
||||
+
|
||||
+ if (rsa_digest_signverify_update(vctx, data, sizeof(data)) <= 0)
|
||||
+ goto err;
|
||||
+
|
||||
+ if (rsa_digest_verify_final(vctx, sigbuf, siglen) <= 0)
|
||||
+ goto err;
|
||||
+ ret = 1;
|
||||
+
|
||||
+ err:
|
||||
+ OPENSSL_free(sigbuf);
|
||||
+ return ret;
|
||||
+}
|
||||
+#endif
|
||||
+
|
||||
const OSSL_DISPATCH ossl_rsa_signature_functions[] = {
|
||||
{ OSSL_FUNC_SIGNATURE_NEWCTX, (void (*)(void))rsa_newctx },
|
||||
{ OSSL_FUNC_SIGNATURE_SIGN_INIT, (void (*)(void))rsa_sign_init },
|
||||
--
|
||||
2.41.0
|
||||
|
||||
|
|
File diff suppressed because it is too large
Load Diff
|
@ -1,7 +1,22 @@
|
|||
diff -up openssl-3.0.1/providers/fips/self_test.c.earlykats openssl-3.0.1/providers/fips/self_test.c
|
||||
--- openssl-3.0.1/providers/fips/self_test.c.earlykats 2022-01-19 13:10:00.635830783 +0100
|
||||
+++ openssl-3.0.1/providers/fips/self_test.c 2022-01-19 13:11:43.309342656 +0100
|
||||
@@ -362,6 +362,16 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS
|
||||
From ba6e65e2f7e7fe8d9cd62e1e7e345bc41dda424f Mon Sep 17 00:00:00 2001
|
||||
From: rpm-build <rpm-build>
|
||||
Date: Thu, 19 Oct 2023 13:12:40 +0200
|
||||
Subject: [PATCH 21/46] 0047-FIPS-early-KATS.patch
|
||||
|
||||
Patch-name: 0047-FIPS-early-KATS.patch
|
||||
Patch-id: 47
|
||||
Patch-status: |
|
||||
# # Execute KATS before HMAC verification
|
||||
From-dist-git-commit: 5c67b5adc311af297f425c09e3e1ac7ca8483911
|
||||
---
|
||||
providers/fips/self_test.c | 22 ++++++++++------------
|
||||
1 file changed, 10 insertions(+), 12 deletions(-)
|
||||
|
||||
diff --git a/providers/fips/self_test.c b/providers/fips/self_test.c
|
||||
index e3a629018a..3c09bd8638 100644
|
||||
--- a/providers/fips/self_test.c
|
||||
+++ b/providers/fips/self_test.c
|
||||
@@ -401,6 +401,16 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS *st, int on_demand_test)
|
||||
if (ev == NULL)
|
||||
goto end;
|
||||
|
||||
|
@ -18,11 +33,10 @@ diff -up openssl-3.0.1/providers/fips/self_test.c.earlykats openssl-3.0.1/provid
|
|||
module_checksum = fips_hmac_container;
|
||||
checksum_len = sizeof(fips_hmac_container);
|
||||
|
||||
@@ -411,18 +421,6 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS
|
||||
kats_already_passed = 1;
|
||||
@@ -451,18 +461,6 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS *st, int on_demand_test)
|
||||
}
|
||||
}
|
||||
-
|
||||
|
||||
- /*
|
||||
- * Only runs the KAT's during installation OR on_demand().
|
||||
- * NOTE: If the installation option 'self_test_onload' is chosen then this
|
||||
|
@ -34,6 +48,10 @@ diff -up openssl-3.0.1/providers/fips/self_test.c.earlykats openssl-3.0.1/provid
|
|||
- goto end;
|
||||
- }
|
||||
- }
|
||||
ok = 1;
|
||||
end:
|
||||
OSSL_SELF_TEST_free(ev);
|
||||
-
|
||||
/* Verify that the RNG has been restored properly */
|
||||
rng = ossl_rand_get0_private_noncreating(st->libctx);
|
||||
if (rng != NULL)
|
||||
--
|
||||
2.41.0
|
||||
|
||||
|
|
|
@ -1,60 +1,77 @@
|
|||
From b4f8964ad1903e24cd2ee07f42ce97c3047f4af4 Mon Sep 17 00:00:00 2001
|
||||
From: Clemens Lang <cllang@redhat.com>
|
||||
Date: Mon, 21 Feb 2022 17:24:44 +0100
|
||||
Subject: [PATCH] Allow disabling of SHA1 signatures
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
From 2e8388e06eafb703aeb315498915bf079561bdb5 Mon Sep 17 00:00:00 2001
|
||||
From: Dmitry Belyavskiy <dbelyavs@redhat.com>
|
||||
Date: Mon, 21 Aug 2023 13:07:07 +0200
|
||||
Subject: [PATCH 23/48] 0049-Allow-disabling-of-SHA1-signatures.patch
|
||||
|
||||
NOTE: This patch is ported from CentOS 9 / RHEL 9, where it defaults to
|
||||
denying SHA1 signatures. On Fedora, the default is – for now – to allow
|
||||
SHA1 signatures.
|
||||
|
||||
In order to phase out SHA1 signatures, introduce a new configuration
|
||||
option in the alg_section named 'rh-allow-sha1-signatures'. This option
|
||||
defaults to true. If set to false, any signature creation or
|
||||
verification operations that involve SHA1 as digest will fail.
|
||||
|
||||
This also affects TLS, where the signature_algorithms extension of any
|
||||
ClientHello message sent by OpenSSL will no longer include signatures
|
||||
with the SHA1 digest if rh-allow-sha1-signatures is false. For servers
|
||||
that request a client certificate, the same also applies for
|
||||
CertificateRequest messages sent by them.
|
||||
|
||||
For signatures created using the EVP_PKEY API, this is a best-effort
|
||||
check that will deny signatures in cases where the digest algorithm is
|
||||
known. This means, for example, that that following steps will still
|
||||
work:
|
||||
|
||||
$> openssl dgst -sha1 -binary -out sha1 infile
|
||||
$> openssl pkeyutl -inkey key.pem -sign -in sha1 -out sha1sig
|
||||
$> openssl pkeyutl -inkey key.pem -verify -sigfile sha1sig -in sha1
|
||||
|
||||
whereas these will not:
|
||||
|
||||
$> openssl dgst -sha1 -binary -out sha1 infile
|
||||
$> openssl pkeyutl -inkey kem.pem -sign -in sha1 -out sha1sig -pkeyopt digest:sha1
|
||||
$> openssl pkeyutl -inkey kem.pem -verify -sigfile sha1sig -in sha1 -pkeyopt digest:sha1
|
||||
|
||||
This happens because in the first case, OpenSSL's signature
|
||||
implementation does not know that it is signing a SHA1 hash (it could be
|
||||
signing arbitrary data).
|
||||
Patch-name: 0049-Allow-disabling-of-SHA1-signatures.patch
|
||||
Patch-id: 49
|
||||
Patch-status: |
|
||||
# Selectively disallow SHA1 signatures rhbz#2070977
|
||||
From-dist-git-commit: 9409bc7044cf4b5773639cce20f51399888c45fd
|
||||
---
|
||||
crypto/context.c | 14 ++++
|
||||
crypto/evp/evp_cnf.c | 13 +++
|
||||
crypto/evp/m_sigver.c | 85 +++++++++++++++++++
|
||||
crypto/evp/m_sigver.c | 79 +++++++++++++++++++
|
||||
crypto/evp/pmeth_lib.c | 15 ++++
|
||||
doc/man5/config.pod | 13 +++
|
||||
include/crypto/context.h | 3 +
|
||||
include/internal/cryptlib.h | 3 +-
|
||||
include/internal/sslconf.h | 4 +
|
||||
providers/common/securitycheck.c | 20 +++++
|
||||
providers/common/securitycheck_default.c | 9 +-
|
||||
providers/common/securitycheck_default.c | 9 ++-
|
||||
providers/implementations/signature/dsa_sig.c | 11 ++-
|
||||
.../implementations/signature/ecdsa_sig.c | 4 +
|
||||
providers/implementations/signature/rsa_sig.c | 20 ++++-
|
||||
ssl/t1_lib.c | 8 ++
|
||||
util/libcrypto.num | 2 +
|
||||
13 files changed, 198 insertions(+), 9 deletions(-)
|
||||
15 files changed, 209 insertions(+), 9 deletions(-)
|
||||
|
||||
diff --git a/crypto/context.c b/crypto/context.c
|
||||
index 51002ba79a..e697974c9d 100644
|
||||
--- a/crypto/context.c
|
||||
+++ b/crypto/context.c
|
||||
@@ -78,6 +78,8 @@ struct ossl_lib_ctx_st {
|
||||
void *fips_prov;
|
||||
#endif
|
||||
|
||||
+ void *legacy_digest_signatures;
|
||||
+
|
||||
unsigned int ischild:1;
|
||||
};
|
||||
|
||||
@@ -206,6 +208,10 @@ static int context_init(OSSL_LIB_CTX *ctx)
|
||||
goto err;
|
||||
#endif
|
||||
|
||||
+ ctx->legacy_digest_signatures = ossl_ctx_legacy_digest_signatures_new(ctx);
|
||||
+ if (ctx->legacy_digest_signatures == NULL)
|
||||
+ goto err;
|
||||
+
|
||||
/* Low priority. */
|
||||
#ifndef FIPS_MODULE
|
||||
ctx->child_provider = ossl_child_prov_ctx_new(ctx);
|
||||
@@ -334,6 +340,11 @@ static void context_deinit_objs(OSSL_LIB_CTX *ctx)
|
||||
}
|
||||
#endif
|
||||
|
||||
+ if (ctx->legacy_digest_signatures != NULL) {
|
||||
+ ossl_ctx_legacy_digest_signatures_free(ctx->legacy_digest_signatures);
|
||||
+ ctx->legacy_digest_signatures = NULL;
|
||||
+ }
|
||||
+
|
||||
/* Low priority. */
|
||||
#ifndef FIPS_MODULE
|
||||
if (ctx->child_provider != NULL) {
|
||||
@@ -625,6 +636,9 @@ void *ossl_lib_ctx_get_data(OSSL_LIB_CTX *ctx, int index)
|
||||
return ctx->fips_prov;
|
||||
#endif
|
||||
|
||||
+ case OSSL_LIB_CTX_LEGACY_DIGEST_SIGNATURES_INDEX:
|
||||
+ return ctx->legacy_digest_signatures;
|
||||
+
|
||||
default:
|
||||
return NULL;
|
||||
}
|
||||
diff --git a/crypto/evp/evp_cnf.c b/crypto/evp/evp_cnf.c
|
||||
index 0e7fe64cf9..b9d3b6d226 100644
|
||||
--- a/crypto/evp/evp_cnf.c
|
||||
|
@ -87,18 +104,20 @@ index 0e7fe64cf9..b9d3b6d226 100644
|
|||
ERR_raise_data(ERR_LIB_EVP, EVP_R_UNKNOWN_OPTION,
|
||||
"name=%s, value=%s", oval->name, oval->value);
|
||||
diff --git a/crypto/evp/m_sigver.c b/crypto/evp/m_sigver.c
|
||||
index 76a6814b42..8da2183ce0 100644
|
||||
index 630d339c35..6e4e9f5ae7 100644
|
||||
--- a/crypto/evp/m_sigver.c
|
||||
+++ b/crypto/evp/m_sigver.c
|
||||
@@ -16,6 +16,79 @@
|
||||
@@ -15,6 +15,73 @@
|
||||
#include "internal/provider.h"
|
||||
#include "internal/numbers.h" /* includes SIZE_MAX */
|
||||
#include "evp_local.h"
|
||||
|
||||
+#include "crypto/context.h"
|
||||
+
|
||||
+typedef struct ossl_legacy_digest_signatures_st {
|
||||
+ int allowed;
|
||||
+} OSSL_LEGACY_DIGEST_SIGNATURES;
|
||||
+
|
||||
+static void ossl_ctx_legacy_digest_signatures_free(void *vldsigs)
|
||||
+void ossl_ctx_legacy_digest_signatures_free(void *vldsigs)
|
||||
+{
|
||||
+ OSSL_LEGACY_DIGEST_SIGNATURES *ldsigs = vldsigs;
|
||||
+
|
||||
|
@ -107,7 +126,7 @@ index 76a6814b42..8da2183ce0 100644
|
|||
+ }
|
||||
+}
|
||||
+
|
||||
+static void *ossl_ctx_legacy_digest_signatures_new(OSSL_LIB_CTX *ctx)
|
||||
+void *ossl_ctx_legacy_digest_signatures_new(OSSL_LIB_CTX *ctx)
|
||||
+{
|
||||
+ OSSL_LEGACY_DIGEST_SIGNATURES* ldsigs = OPENSSL_zalloc(sizeof(OSSL_LEGACY_DIGEST_SIGNATURES));
|
||||
+ /* Warning: This patch differs from the same patch in CentOS and RHEL here,
|
||||
|
@ -117,12 +136,6 @@ index 76a6814b42..8da2183ce0 100644
|
|||
+ return ldsigs;
|
||||
+}
|
||||
+
|
||||
+static const OSSL_LIB_CTX_METHOD ossl_ctx_legacy_digest_signatures_method = {
|
||||
+ OSSL_LIB_CTX_METHOD_DEFAULT_PRIORITY,
|
||||
+ ossl_ctx_legacy_digest_signatures_new,
|
||||
+ ossl_ctx_legacy_digest_signatures_free,
|
||||
+};
|
||||
+
|
||||
+static OSSL_LEGACY_DIGEST_SIGNATURES *ossl_ctx_legacy_digest_signatures(
|
||||
+ OSSL_LIB_CTX *libctx, int loadconfig)
|
||||
+{
|
||||
|
@ -131,8 +144,7 @@ index 76a6814b42..8da2183ce0 100644
|
|||
+ return NULL;
|
||||
+#endif
|
||||
+
|
||||
+ return ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_LEGACY_DIGEST_SIGNATURES,
|
||||
+ &ossl_ctx_legacy_digest_signatures_method);
|
||||
+ return ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_LEGACY_DIGEST_SIGNATURES_INDEX);
|
||||
+}
|
||||
+
|
||||
+int ossl_ctx_legacy_digest_signatures_allowed(OSSL_LIB_CTX *libctx, int loadconfig)
|
||||
|
@ -166,11 +178,10 @@ index 76a6814b42..8da2183ce0 100644
|
|||
+ ldsigs->allowed = allow;
|
||||
+ return 1;
|
||||
+}
|
||||
+
|
||||
|
||||
#ifndef FIPS_MODULE
|
||||
|
||||
static int update(EVP_MD_CTX *ctx, const void *data, size_t datalen)
|
||||
@@ -258,6 +331,18 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
|
||||
@@ -251,6 +318,18 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -190,7 +201,7 @@ index 76a6814b42..8da2183ce0 100644
|
|||
if (signature->digest_verify_init == NULL) {
|
||||
ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
|
||||
diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c
|
||||
index 2b9c6c2351..3c5a1e6f5d 100644
|
||||
index ce6e1a1ccb..003926247b 100644
|
||||
--- a/crypto/evp/pmeth_lib.c
|
||||
+++ b/crypto/evp/pmeth_lib.c
|
||||
@@ -33,6 +33,7 @@
|
||||
|
@ -201,7 +212,7 @@ index 2b9c6c2351..3c5a1e6f5d 100644
|
|||
#include "evp_local.h"
|
||||
|
||||
#ifndef FIPS_MODULE
|
||||
@@ -946,6 +947,20 @@ static int evp_pkey_ctx_set_md(EVP_PKEY_CTX *ctx, const EVP_MD *md,
|
||||
@@ -958,6 +959,20 @@ static int evp_pkey_ctx_set_md(EVP_PKEY_CTX *ctx, const EVP_MD *md,
|
||||
return -2;
|
||||
}
|
||||
|
||||
|
@ -223,10 +234,10 @@ index 2b9c6c2351..3c5a1e6f5d 100644
|
|||
return EVP_PKEY_CTX_ctrl(ctx, -1, op, ctrl, 0, (void *)(md));
|
||||
|
||||
diff --git a/doc/man5/config.pod b/doc/man5/config.pod
|
||||
index 77a8055e81..0c9110d28a 100644
|
||||
index bd05736220..ed34ff4b9c 100644
|
||||
--- a/doc/man5/config.pod
|
||||
+++ b/doc/man5/config.pod
|
||||
@@ -296,6 +296,19 @@ Within the algorithm properties section, the following names have meaning:
|
||||
@@ -304,6 +304,19 @@ Within the algorithm properties section, the following names have meaning:
|
||||
The value may be anything that is acceptable as a property query
|
||||
string for EVP_set_default_properties().
|
||||
|
||||
|
@ -246,8 +257,19 @@ index 77a8055e81..0c9110d28a 100644
|
|||
=item B<fips_mode> (deprecated)
|
||||
|
||||
The value is a boolean that can be B<yes> or B<no>. If the value is
|
||||
diff --git a/include/crypto/context.h b/include/crypto/context.h
|
||||
index cc06c71be8..e9f74a414d 100644
|
||||
--- a/include/crypto/context.h
|
||||
+++ b/include/crypto/context.h
|
||||
@@ -39,3 +39,6 @@ void ossl_rand_crng_ctx_free(void *);
|
||||
void ossl_thread_event_ctx_free(void *);
|
||||
void ossl_fips_prov_ossl_ctx_free(void *);
|
||||
void ossl_release_default_drbg_ctx(void);
|
||||
+
|
||||
+void *ossl_ctx_legacy_digest_signatures_new(OSSL_LIB_CTX *);
|
||||
+void ossl_ctx_legacy_digest_signatures_free(void *);
|
||||
diff --git a/include/internal/cryptlib.h b/include/internal/cryptlib.h
|
||||
index 1291299b6e..e234341e6a 100644
|
||||
index ac50eb3bbd..3b115cc7df 100644
|
||||
--- a/include/internal/cryptlib.h
|
||||
+++ b/include/internal/cryptlib.h
|
||||
@@ -168,7 +168,8 @@ typedef struct ossl_ex_data_global_st {
|
||||
|
@ -255,11 +277,11 @@ index 1291299b6e..e234341e6a 100644
|
|||
# define OSSL_LIB_CTX_BIO_CORE_INDEX 17
|
||||
# define OSSL_LIB_CTX_CHILD_PROVIDER_INDEX 18
|
||||
-# define OSSL_LIB_CTX_MAX_INDEXES 19
|
||||
+# define OSSL_LIB_CTX_LEGACY_DIGEST_SIGNATURES 19
|
||||
+# define OSSL_LIB_CTX_LEGACY_DIGEST_SIGNATURES_INDEX 19
|
||||
+# define OSSL_LIB_CTX_MAX_INDEXES 20
|
||||
|
||||
# define OSSL_LIB_CTX_METHOD_LOW_PRIORITY -1
|
||||
# define OSSL_LIB_CTX_METHOD_DEFAULT_PRIORITY 0
|
||||
OSSL_LIB_CTX *ossl_lib_ctx_get_concrete(OSSL_LIB_CTX *ctx);
|
||||
int ossl_lib_ctx_is_default(OSSL_LIB_CTX *ctx);
|
||||
diff --git a/include/internal/sslconf.h b/include/internal/sslconf.h
|
||||
index fd7f7e3331..05464b0655 100644
|
||||
--- a/include/internal/sslconf.h
|
||||
|
@ -318,7 +340,7 @@ index 699ada7c52..e534ad0a5f 100644
|
|||
return 1;
|
||||
}
|
||||
diff --git a/providers/common/securitycheck_default.c b/providers/common/securitycheck_default.c
|
||||
index de7f0d3a0a..ce54a94fbc 100644
|
||||
index 246323493e..2ca7a59f39 100644
|
||||
--- a/providers/common/securitycheck_default.c
|
||||
+++ b/providers/common/securitycheck_default.c
|
||||
@@ -15,6 +15,7 @@
|
||||
|
@ -329,7 +351,7 @@ index de7f0d3a0a..ce54a94fbc 100644
|
|||
|
||||
/* Disable the security checks in the default provider */
|
||||
int ossl_securitycheck_enabled(OSSL_LIB_CTX *libctx)
|
||||
@@ -23,9 +24,10 @@ int ossl_securitycheck_enabled(OSSL_LIB_CTX *libctx)
|
||||
@@ -29,9 +30,10 @@ int ossl_tls1_prf_ems_check_enabled(OSSL_LIB_CTX *libctx)
|
||||
}
|
||||
|
||||
int ossl_digest_rsa_sign_get_md_nid(OSSL_LIB_CTX *ctx, const EVP_MD *md,
|
||||
|
@ -341,7 +363,7 @@ index de7f0d3a0a..ce54a94fbc 100644
|
|||
|
||||
static const OSSL_ITEM name_to_nid[] = {
|
||||
{ NID_md5, OSSL_DIGEST_NAME_MD5 },
|
||||
@@ -36,8 +38,11 @@ int ossl_digest_rsa_sign_get_md_nid(OSSL_LIB_CTX *ctx, const EVP_MD *md,
|
||||
@@ -42,8 +44,11 @@ int ossl_digest_rsa_sign_get_md_nid(OSSL_LIB_CTX *ctx, const EVP_MD *md,
|
||||
{ NID_ripemd160, OSSL_DIGEST_NAME_RIPEMD160 },
|
||||
};
|
||||
|
||||
|
@ -355,10 +377,10 @@ index de7f0d3a0a..ce54a94fbc 100644
|
|||
return mdnid;
|
||||
}
|
||||
diff --git a/providers/implementations/signature/dsa_sig.c b/providers/implementations/signature/dsa_sig.c
|
||||
index 28fd7c498e..fa3822f39f 100644
|
||||
index 70d0ea5d24..3c482e0181 100644
|
||||
--- a/providers/implementations/signature/dsa_sig.c
|
||||
+++ b/providers/implementations/signature/dsa_sig.c
|
||||
@@ -124,12 +124,17 @@ static int dsa_setup_md(PROV_DSA_CTX *ctx,
|
||||
@@ -123,12 +123,17 @@ static int dsa_setup_md(PROV_DSA_CTX *ctx,
|
||||
mdprops = ctx->propq;
|
||||
|
||||
if (mdname != NULL) {
|
||||
|
@ -380,7 +402,7 @@ index 28fd7c498e..fa3822f39f 100644
|
|||
if (md == NULL || md_nid < 0) {
|
||||
if (md == NULL)
|
||||
diff --git a/providers/implementations/signature/ecdsa_sig.c b/providers/implementations/signature/ecdsa_sig.c
|
||||
index 865d49d100..99b228e82c 100644
|
||||
index ebeb30e002..c874f87bd5 100644
|
||||
--- a/providers/implementations/signature/ecdsa_sig.c
|
||||
+++ b/providers/implementations/signature/ecdsa_sig.c
|
||||
@@ -237,7 +237,11 @@ static int ecdsa_setup_md(PROV_ECDSA_CTX *ctx, const char *mdname,
|
||||
|
@ -396,10 +418,10 @@ index 865d49d100..99b228e82c 100644
|
|||
sha1_allowed);
|
||||
if (md_nid < 0) {
|
||||
diff --git a/providers/implementations/signature/rsa_sig.c b/providers/implementations/signature/rsa_sig.c
|
||||
index 325e855333..bea397f0c1 100644
|
||||
index 2a5504d104..5f3a029566 100644
|
||||
--- a/providers/implementations/signature/rsa_sig.c
|
||||
+++ b/providers/implementations/signature/rsa_sig.c
|
||||
@@ -26,6 +26,7 @@
|
||||
@@ -25,6 +25,7 @@
|
||||
#include "internal/cryptlib.h"
|
||||
#include "internal/nelem.h"
|
||||
#include "internal/sizes.h"
|
||||
|
@ -407,15 +429,15 @@ index 325e855333..bea397f0c1 100644
|
|||
#include "crypto/rsa.h"
|
||||
#include "prov/providercommon.h"
|
||||
#include "prov/implementations.h"
|
||||
@@ -34,6 +35,7 @@
|
||||
@@ -33,6 +34,7 @@
|
||||
#include "prov/securitycheck.h"
|
||||
|
||||
#define RSA_DEFAULT_DIGEST_NAME OSSL_DIGEST_NAME_SHA1
|
||||
+#define RSA_DEFAULT_DIGEST_NAME_NONLEGACY OSSL_DIGEST_NAME_SHA2_256
|
||||
|
||||
static OSSL_FUNC_signature_newctx_fn rsa_newctx;
|
||||
OSSL_FUNC_signature_newctx_fn rsa_newctx;
|
||||
static OSSL_FUNC_signature_sign_init_fn rsa_sign_init;
|
||||
@@ -289,10 +291,15 @@ static int rsa_setup_md(PROV_RSA_CTX *ctx, const char *mdname,
|
||||
@@ -302,10 +304,15 @@ static int rsa_setup_md(PROV_RSA_CTX *ctx, const char *mdname,
|
||||
|
||||
if (mdname != NULL) {
|
||||
EVP_MD *md = EVP_MD_fetch(ctx->libctx, mdname, mdprops);
|
||||
|
@ -433,7 +455,7 @@ index 325e855333..bea397f0c1 100644
|
|||
|
||||
if (md == NULL
|
||||
|| md_nid <= 0
|
||||
@@ -1348,8 +1355,15 @@ static int rsa_set_ctx_params(void *vprsactx, const OSSL_PARAM params[])
|
||||
@@ -1396,8 +1403,15 @@ static int rsa_set_ctx_params(void *vprsactx, const OSSL_PARAM params[])
|
||||
prsactx->pad_mode = pad_mode;
|
||||
|
||||
if (prsactx->md == NULL && pmdname == NULL
|
||||
|
@ -451,7 +473,7 @@ index 325e855333..bea397f0c1 100644
|
|||
if (pmgf1mdname != NULL
|
||||
&& !rsa_setup_mgf1_md(prsactx, pmgf1mdname, pmgf1mdprops))
|
||||
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
|
||||
index 41fddf22a7..dcd487ec2e 100644
|
||||
index e6f4bcc045..8bc550ea5b 100644
|
||||
--- a/ssl/t1_lib.c
|
||||
+++ b/ssl/t1_lib.c
|
||||
@@ -20,6 +20,7 @@
|
||||
|
@ -462,7 +484,7 @@ index 41fddf22a7..dcd487ec2e 100644
|
|||
#include "internal/nelem.h"
|
||||
#include "internal/sizes.h"
|
||||
#include "internal/tlsgroups.h"
|
||||
@@ -1145,11 +1146,13 @@ int ssl_setup_sig_algs(SSL_CTX *ctx)
|
||||
@@ -1151,11 +1152,13 @@ int ssl_setup_sig_algs(SSL_CTX *ctx)
|
||||
= OPENSSL_malloc(sizeof(*lu) * OSSL_NELEM(sigalg_lookup_tbl));
|
||||
EVP_PKEY *tmpkey = EVP_PKEY_new();
|
||||
int ret = 0;
|
||||
|
@ -476,7 +498,7 @@ index 41fddf22a7..dcd487ec2e 100644
|
|||
for (i = 0, lu = sigalg_lookup_tbl;
|
||||
i < OSSL_NELEM(sigalg_lookup_tbl); lu++, i++) {
|
||||
EVP_PKEY_CTX *pctx;
|
||||
@@ -1169,6 +1172,11 @@ int ssl_setup_sig_algs(SSL_CTX *ctx)
|
||||
@@ -1175,6 +1178,11 @@ int ssl_setup_sig_algs(SSL_CTX *ctx)
|
||||
cache[i].enabled = 0;
|
||||
continue;
|
||||
}
|
||||
|
@ -489,15 +511,15 @@ index 41fddf22a7..dcd487ec2e 100644
|
|||
if (!EVP_PKEY_set_type(tmpkey, lu->sig)) {
|
||||
cache[i].enabled = 0;
|
||||
diff --git a/util/libcrypto.num b/util/libcrypto.num
|
||||
index 10b4e57d79..2d3c363bb0 100644
|
||||
index 9cb8a4dda2..feb660d030 100644
|
||||
--- a/util/libcrypto.num
|
||||
+++ b/util/libcrypto.num
|
||||
@@ -5426,3 +5426,5 @@ ASN1_item_d2i_ex 5552 3_0_0 EXIST::FUNCTION:
|
||||
OPENSSL_strcasecmp 5556 3_0_3 EXIST::FUNCTION:
|
||||
OPENSSL_strncasecmp 5557 3_0_3 EXIST::FUNCTION:
|
||||
@@ -5436,3 +5436,5 @@ EVP_CIPHER_CTX_dup 5563 3_1_0 EXIST::FUNCTION:
|
||||
BN_are_coprime 5564 3_1_0 EXIST::FUNCTION:
|
||||
OSSL_CMP_MSG_update_recipNonce 5565 3_0_9 EXIST::FUNCTION:CMP
|
||||
ossl_safe_getenv ? 3_0_0 EXIST::FUNCTION:
|
||||
+ossl_ctx_legacy_digest_signatures_allowed ? 3_0_1 EXIST::FUNCTION:
|
||||
+ossl_ctx_legacy_digest_signatures_allowed_set ? 3_0_1 EXIST::FUNCTION:
|
||||
--
|
||||
2.35.1
|
||||
2.41.0
|
||||
|
||||
|
|
|
@ -1,491 +0,0 @@
|
|||
From f6a2f59574788aadd0ce323ad8ebe4d0c470672e Mon Sep 17 00:00:00 2001
|
||||
From: Clemens Lang <cllang@redhat.com>
|
||||
Date: Wed, 17 Aug 2022 12:56:29 -0400
|
||||
Subject: [PATCH] Selectively disallow SHA1 signatures
|
||||
|
||||
For RHEL 9.0, we want to phase out SHA1. One of the steps to do that is
|
||||
disabling SHA1 signatures. Introduce a new configuration option in the
|
||||
alg_section named 'rh-allow-sha1-signatures'. This option defaults to
|
||||
false. If set to false (or unset), any signature creation or
|
||||
verification operations that involve SHA1 as digest will fail.
|
||||
|
||||
This also affects TLS, where the signature_algorithms extension of any
|
||||
ClientHello message sent by OpenSSL will no longer include signatures
|
||||
with the SHA1 digest if rh-allow-sha1-signatures is false. For servers
|
||||
that request a client certificate, the same also applies for
|
||||
CertificateRequest messages sent by them.
|
||||
|
||||
For signatures created using the EVP_PKEY API, this is a best-effort
|
||||
check that will deny signatures in cases where the digest algorithm is
|
||||
known. This means, for example, that that following steps will still
|
||||
work:
|
||||
|
||||
$> openssl dgst -sha1 -binary -out sha1 infile
|
||||
$> openssl pkeyutl -inkey key.pem -sign -in sha1 -out sha1sig
|
||||
$> openssl pkeyutl -inkey key.pem -verify -sigfile sha1sig -in sha1
|
||||
|
||||
whereas these will not:
|
||||
|
||||
$> openssl dgst -sha1 -binary -out sha1 infile
|
||||
$> openssl pkeyutl -inkey kem.pem -sign -in sha1 -out sha1sig -pkeyopt digest:sha1
|
||||
$> openssl pkeyutl -inkey kem.pem -verify -sigfile sha1sig -in sha1 -pkeyopt digest:sha1
|
||||
|
||||
This happens because in the first case, OpenSSL's signature
|
||||
implementation does not know that it is signing a SHA1 hash (it could be
|
||||
signing arbitrary data).
|
||||
|
||||
Resolves: rhbz#2031742
|
||||
|
||||
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
|
||||
---
|
||||
crypto/evp/evp_cnf.c | 13 ++++
|
||||
crypto/evp/m_sigver.c | 77 +++++++++++++++++++
|
||||
crypto/evp/pmeth_lib.c | 15 ++++
|
||||
doc/man5/config.pod | 11 +++
|
||||
include/internal/cryptlib.h | 3 +-
|
||||
include/internal/sslconf.h | 4 +
|
||||
providers/common/securitycheck.c | 20 +++++
|
||||
providers/common/securitycheck_default.c | 9 ++-
|
||||
providers/implementations/signature/dsa_sig.c | 11 ++-
|
||||
.../implementations/signature/ecdsa_sig.c | 4 +
|
||||
providers/implementations/signature/rsa_sig.c | 20 ++++-
|
||||
ssl/t1_lib.c | 8 ++
|
||||
util/libcrypto.num | 2 +
|
||||
13 files changed, 188 insertions(+), 9 deletions(-)
|
||||
|
||||
diff --git a/crypto/evp/evp_cnf.c b/crypto/evp/evp_cnf.c
|
||||
index 0e7fe64cf92e4b73b3bf873895e73fa9646df86d..b9d3b6d226ca07a65d972bb8505b7976a0d02572 100644
|
||||
--- a/crypto/evp/evp_cnf.c
|
||||
+++ b/crypto/evp/evp_cnf.c
|
||||
@@ -10,6 +10,7 @@
|
||||
#include <stdio.h>
|
||||
#include <openssl/crypto.h>
|
||||
#include "internal/cryptlib.h"
|
||||
+#include "internal/sslconf.h"
|
||||
#include <openssl/conf.h>
|
||||
#include <openssl/x509.h>
|
||||
#include <openssl/x509v3.h>
|
||||
@@ -57,6 +58,18 @@ static int alg_module_init(CONF_IMODULE *md, const CONF *cnf)
|
||||
ERR_raise(ERR_LIB_EVP, EVP_R_SET_DEFAULT_PROPERTY_FAILURE);
|
||||
return 0;
|
||||
}
|
||||
+ } else if (strcmp(oval->name, "rh-allow-sha1-signatures") == 0) {
|
||||
+ int m;
|
||||
+
|
||||
+ /* Detailed error already reported. */
|
||||
+ if (!X509V3_get_value_bool(oval, &m))
|
||||
+ return 0;
|
||||
+
|
||||
+ if (!ossl_ctx_legacy_digest_signatures_allowed_set(
|
||||
+ NCONF_get0_libctx((CONF *)cnf), m > 0, 0)) {
|
||||
+ ERR_raise(ERR_LIB_EVP, EVP_R_SET_DEFAULT_PROPERTY_FAILURE);
|
||||
+ return 0;
|
||||
+ }
|
||||
} else {
|
||||
ERR_raise_data(ERR_LIB_EVP, EVP_R_UNKNOWN_OPTION,
|
||||
"name=%s, value=%s", oval->name, oval->value);
|
||||
diff --git a/crypto/evp/m_sigver.c b/crypto/evp/m_sigver.c
|
||||
index 76a6814b424bec3479bdf61374f0178b9cd96ded..4b2f1fcfb886661d98460c240d542df2ccd5df13 100644
|
||||
--- a/crypto/evp/m_sigver.c
|
||||
+++ b/crypto/evp/m_sigver.c
|
||||
@@ -16,6 +16,71 @@
|
||||
#include "internal/numbers.h" /* includes SIZE_MAX */
|
||||
#include "evp_local.h"
|
||||
|
||||
+typedef struct ossl_legacy_digest_signatures_st {
|
||||
+ int allowed;
|
||||
+} OSSL_LEGACY_DIGEST_SIGNATURES;
|
||||
+
|
||||
+static void ossl_ctx_legacy_digest_signatures_free(void *vldsigs)
|
||||
+{
|
||||
+ OSSL_LEGACY_DIGEST_SIGNATURES *ldsigs = vldsigs;
|
||||
+
|
||||
+ if (ldsigs != NULL) {
|
||||
+ OPENSSL_free(ldsigs);
|
||||
+ }
|
||||
+}
|
||||
+
|
||||
+static void *ossl_ctx_legacy_digest_signatures_new(OSSL_LIB_CTX *ctx)
|
||||
+{
|
||||
+ return OPENSSL_zalloc(sizeof(OSSL_LEGACY_DIGEST_SIGNATURES));
|
||||
+}
|
||||
+
|
||||
+static const OSSL_LIB_CTX_METHOD ossl_ctx_legacy_digest_signatures_method = {
|
||||
+ OSSL_LIB_CTX_METHOD_DEFAULT_PRIORITY,
|
||||
+ ossl_ctx_legacy_digest_signatures_new,
|
||||
+ ossl_ctx_legacy_digest_signatures_free,
|
||||
+};
|
||||
+
|
||||
+static OSSL_LEGACY_DIGEST_SIGNATURES *ossl_ctx_legacy_digest_signatures(
|
||||
+ OSSL_LIB_CTX *libctx, int loadconfig)
|
||||
+{
|
||||
+#ifndef FIPS_MODULE
|
||||
+ if (loadconfig && !OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG, NULL))
|
||||
+ return 0;
|
||||
+#endif
|
||||
+
|
||||
+ return ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_LEGACY_DIGEST_SIGNATURES,
|
||||
+ &ossl_ctx_legacy_digest_signatures_method);
|
||||
+}
|
||||
+
|
||||
+int ossl_ctx_legacy_digest_signatures_allowed(OSSL_LIB_CTX *libctx, int loadconfig)
|
||||
+{
|
||||
+ OSSL_LEGACY_DIGEST_SIGNATURES *ldsigs
|
||||
+ = ossl_ctx_legacy_digest_signatures(libctx, loadconfig);
|
||||
+
|
||||
+#ifndef FIPS_MODULE
|
||||
+ if (ossl_safe_getenv("OPENSSL_ENABLE_SHA1_SIGNATURES") != NULL)
|
||||
+ /* used in tests */
|
||||
+ return 1;
|
||||
+#endif
|
||||
+
|
||||
+ return ldsigs != NULL ? ldsigs->allowed : 0;
|
||||
+}
|
||||
+
|
||||
+int ossl_ctx_legacy_digest_signatures_allowed_set(OSSL_LIB_CTX *libctx, int allow,
|
||||
+ int loadconfig)
|
||||
+{
|
||||
+ OSSL_LEGACY_DIGEST_SIGNATURES *ldsigs
|
||||
+ = ossl_ctx_legacy_digest_signatures(libctx, loadconfig);
|
||||
+
|
||||
+ if (ldsigs == NULL) {
|
||||
+ ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR);
|
||||
+ return 0;
|
||||
+ }
|
||||
+
|
||||
+ ldsigs->allowed = allow;
|
||||
+ return 1;
|
||||
+}
|
||||
+
|
||||
#ifndef FIPS_MODULE
|
||||
|
||||
static int update(EVP_MD_CTX *ctx, const void *data, size_t datalen)
|
||||
@@ -258,6 +323,18 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
|
||||
}
|
||||
}
|
||||
|
||||
+ if (ctx->reqdigest != NULL
|
||||
+ && !EVP_PKEY_is_a(locpctx->pkey, SN_hmac)
|
||||
+ && !EVP_PKEY_is_a(locpctx->pkey, SN_tls1_prf)
|
||||
+ && !EVP_PKEY_is_a(locpctx->pkey, SN_hkdf)) {
|
||||
+ int mdnid = EVP_MD_nid(ctx->reqdigest);
|
||||
+ if (!ossl_ctx_legacy_digest_signatures_allowed(locpctx->libctx, 0)
|
||||
+ && (mdnid == NID_sha1 || mdnid == NID_md5_sha1)) {
|
||||
+ ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_DIGEST);
|
||||
+ goto err;
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
if (ver) {
|
||||
if (signature->digest_verify_init == NULL) {
|
||||
ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
|
||||
diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c
|
||||
index da367ed05fbe42abb328c6e23cafe99e76d26819..ee6edf1e85e71cdbe58bf7e9f443425dce100e43 100644
|
||||
--- a/crypto/evp/pmeth_lib.c
|
||||
+++ b/crypto/evp/pmeth_lib.c
|
||||
@@ -33,6 +33,7 @@
|
||||
#include "internal/ffc.h"
|
||||
#include "internal/numbers.h"
|
||||
#include "internal/provider.h"
|
||||
+#include "internal/sslconf.h"
|
||||
#include "evp_local.h"
|
||||
|
||||
#ifndef FIPS_MODULE
|
||||
@@ -946,6 +947,20 @@ static int evp_pkey_ctx_set_md(EVP_PKEY_CTX *ctx, const EVP_MD *md,
|
||||
return -2;
|
||||
}
|
||||
|
||||
+ if (EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx)
|
||||
+ && md != NULL
|
||||
+ && ctx->pkey != NULL
|
||||
+ && !EVP_PKEY_is_a(ctx->pkey, SN_hmac)
|
||||
+ && !EVP_PKEY_is_a(ctx->pkey, SN_tls1_prf)
|
||||
+ && !EVP_PKEY_is_a(ctx->pkey, SN_hkdf)) {
|
||||
+ int mdnid = EVP_MD_nid(md);
|
||||
+ if ((mdnid == NID_sha1 || mdnid == NID_md5_sha1)
|
||||
+ && !ossl_ctx_legacy_digest_signatures_allowed(ctx->libctx, 0)) {
|
||||
+ ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_DIGEST);
|
||||
+ return -1;
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
if (fallback)
|
||||
return EVP_PKEY_CTX_ctrl(ctx, -1, op, ctrl, 0, (void *)(md));
|
||||
|
||||
diff --git a/doc/man5/config.pod b/doc/man5/config.pod
|
||||
index a84113287c3d0edf6c67726aee7d8abb87401445..f1536258470563b4fe74f8d1e3db6d73ed316341 100644
|
||||
--- a/doc/man5/config.pod
|
||||
+++ b/doc/man5/config.pod
|
||||
@@ -304,6 +304,17 @@ Within the algorithm properties section, the following names have meaning:
|
||||
The value may be anything that is acceptable as a property query
|
||||
string for EVP_set_default_properties().
|
||||
|
||||
+=item B<rh-allow-sha1-signatures>
|
||||
+
|
||||
+The value is a boolean that can be B<yes> or B<no>. If the value is not set,
|
||||
+it behaves as if it was set to B<no>.
|
||||
+
|
||||
+When set to B<no>, any attempt to create or verify a signature with a SHA1
|
||||
+digest will fail. For compatibility with older versions of OpenSSL, set this
|
||||
+option to B<yes>. This setting also affects TLS, where signature algorithms
|
||||
+that use SHA1 as digest will no longer be supported if this option is set to
|
||||
+B<no>.
|
||||
+
|
||||
=item B<fips_mode> (deprecated)
|
||||
|
||||
The value is a boolean that can be B<yes> or B<no>. If the value is
|
||||
diff --git a/include/internal/cryptlib.h b/include/internal/cryptlib.h
|
||||
index 1291299b6e50ea129ba77c85bb0b21b0997e4494..e234341e6afd15f7108c7af453d6f2190c086b04 100644
|
||||
--- a/include/internal/cryptlib.h
|
||||
+++ b/include/internal/cryptlib.h
|
||||
@@ -168,7 +168,8 @@ typedef struct ossl_ex_data_global_st {
|
||||
# define OSSL_LIB_CTX_PROVIDER_CONF_INDEX 16
|
||||
# define OSSL_LIB_CTX_BIO_CORE_INDEX 17
|
||||
# define OSSL_LIB_CTX_CHILD_PROVIDER_INDEX 18
|
||||
-# define OSSL_LIB_CTX_MAX_INDEXES 19
|
||||
+# define OSSL_LIB_CTX_LEGACY_DIGEST_SIGNATURES 19
|
||||
+# define OSSL_LIB_CTX_MAX_INDEXES 20
|
||||
|
||||
# define OSSL_LIB_CTX_METHOD_LOW_PRIORITY -1
|
||||
# define OSSL_LIB_CTX_METHOD_DEFAULT_PRIORITY 0
|
||||
diff --git a/include/internal/sslconf.h b/include/internal/sslconf.h
|
||||
index fd7f7e333183dde57a283dab7372f9afb38c0eb4..05464b0655b20da2035f6781f44ac577e895fc8a 100644
|
||||
--- a/include/internal/sslconf.h
|
||||
+++ b/include/internal/sslconf.h
|
||||
@@ -18,4 +18,8 @@ int conf_ssl_name_find(const char *name, size_t *idx);
|
||||
void conf_ssl_get_cmd(const SSL_CONF_CMD *cmd, size_t idx, char **cmdstr,
|
||||
char **arg);
|
||||
|
||||
+/* Methods to support disabling all signatures with legacy digests */
|
||||
+int ossl_ctx_legacy_digest_signatures_allowed(OSSL_LIB_CTX *libctx, int loadconfig);
|
||||
+int ossl_ctx_legacy_digest_signatures_allowed_set(OSSL_LIB_CTX *libctx, int allow,
|
||||
+ int loadconfig);
|
||||
#endif
|
||||
diff --git a/providers/common/securitycheck.c b/providers/common/securitycheck.c
|
||||
index 446ad6b4c11cf8dcad9dcb86df38816eff4bf772..9e47f5655957e661fa4f66f5e67a78c6c7d2fe5b 100644
|
||||
--- a/providers/common/securitycheck.c
|
||||
+++ b/providers/common/securitycheck.c
|
||||
@@ -19,6 +19,7 @@
|
||||
#include <openssl/core_names.h>
|
||||
#include <openssl/obj_mac.h>
|
||||
#include "prov/securitycheck.h"
|
||||
+#include "internal/sslconf.h"
|
||||
|
||||
/*
|
||||
* FIPS requires a minimum security strength of 112 bits (for encryption or
|
||||
@@ -235,6 +236,15 @@ int ossl_digest_get_approved_nid_with_sha1(OSSL_LIB_CTX *ctx, const EVP_MD *md,
|
||||
mdnid = -1; /* disallowed by security checks */
|
||||
}
|
||||
# endif /* OPENSSL_NO_FIPS_SECURITYCHECKS */
|
||||
+
|
||||
+#ifndef FIPS_MODULE
|
||||
+ if (!ossl_ctx_legacy_digest_signatures_allowed(ctx, 0))
|
||||
+ /* SHA1 is globally disabled, check whether we want to locally allow
|
||||
+ * it. */
|
||||
+ if (mdnid == NID_sha1 && !sha1_allowed)
|
||||
+ mdnid = -1;
|
||||
+#endif
|
||||
+
|
||||
return mdnid;
|
||||
}
|
||||
|
||||
@@ -244,5 +254,15 @@ int ossl_digest_is_allowed(OSSL_LIB_CTX *ctx, const EVP_MD *md)
|
||||
if (ossl_securitycheck_enabled(ctx))
|
||||
return ossl_digest_get_approved_nid(md) != NID_undef;
|
||||
# endif /* OPENSSL_NO_FIPS_SECURITYCHECKS */
|
||||
+
|
||||
+#ifndef FIPS_MODULE
|
||||
+ {
|
||||
+ int mdnid = EVP_MD_nid(md);
|
||||
+ if ((mdnid == NID_sha1 || mdnid == NID_md5_sha1)
|
||||
+ && !ossl_ctx_legacy_digest_signatures_allowed(ctx, 0))
|
||||
+ return 0;
|
||||
+ }
|
||||
+#endif
|
||||
+
|
||||
return 1;
|
||||
}
|
||||
diff --git a/providers/common/securitycheck_default.c b/providers/common/securitycheck_default.c
|
||||
index de7f0d3a0a5718bd06a55d3d92236c27ffb7d0d5..ce54a94fbc9b3f48052c0bd5acf5b0aa349c4e91 100644
|
||||
--- a/providers/common/securitycheck_default.c
|
||||
+++ b/providers/common/securitycheck_default.c
|
||||
@@ -15,6 +15,7 @@
|
||||
#include <openssl/obj_mac.h>
|
||||
#include "prov/securitycheck.h"
|
||||
#include "internal/nelem.h"
|
||||
+#include "internal/sslconf.h"
|
||||
|
||||
/* Disable the security checks in the default provider */
|
||||
int ossl_securitycheck_enabled(OSSL_LIB_CTX *libctx)
|
||||
@@ -23,9 +24,10 @@ int ossl_securitycheck_enabled(OSSL_LIB_CTX *libctx)
|
||||
}
|
||||
|
||||
int ossl_digest_rsa_sign_get_md_nid(OSSL_LIB_CTX *ctx, const EVP_MD *md,
|
||||
- ossl_unused int sha1_allowed)
|
||||
+ int sha1_allowed)
|
||||
{
|
||||
int mdnid;
|
||||
+ int ldsigs_allowed;
|
||||
|
||||
static const OSSL_ITEM name_to_nid[] = {
|
||||
{ NID_md5, OSSL_DIGEST_NAME_MD5 },
|
||||
@@ -36,8 +38,11 @@ int ossl_digest_rsa_sign_get_md_nid(OSSL_LIB_CTX *ctx, const EVP_MD *md,
|
||||
{ NID_ripemd160, OSSL_DIGEST_NAME_RIPEMD160 },
|
||||
};
|
||||
|
||||
- mdnid = ossl_digest_get_approved_nid_with_sha1(ctx, md, 1);
|
||||
+ ldsigs_allowed = ossl_ctx_legacy_digest_signatures_allowed(ctx, 0);
|
||||
+ mdnid = ossl_digest_get_approved_nid_with_sha1(ctx, md, sha1_allowed || ldsigs_allowed);
|
||||
if (mdnid == NID_undef)
|
||||
mdnid = ossl_digest_md_to_nid(md, name_to_nid, OSSL_NELEM(name_to_nid));
|
||||
+ if (mdnid == NID_md5_sha1 && !ldsigs_allowed)
|
||||
+ mdnid = -1;
|
||||
return mdnid;
|
||||
}
|
||||
diff --git a/providers/implementations/signature/dsa_sig.c b/providers/implementations/signature/dsa_sig.c
|
||||
index 28fd7c498e9922b6fabd1fafa452afe7ca3734ec..fa3822f39fd14a16c761b316e276c68868f35c7d 100644
|
||||
--- a/providers/implementations/signature/dsa_sig.c
|
||||
+++ b/providers/implementations/signature/dsa_sig.c
|
||||
@@ -124,12 +124,17 @@ static int dsa_setup_md(PROV_DSA_CTX *ctx,
|
||||
mdprops = ctx->propq;
|
||||
|
||||
if (mdname != NULL) {
|
||||
- int sha1_allowed = (ctx->operation != EVP_PKEY_OP_SIGN);
|
||||
WPACKET pkt;
|
||||
EVP_MD *md = EVP_MD_fetch(ctx->libctx, mdname, mdprops);
|
||||
- int md_nid = ossl_digest_get_approved_nid_with_sha1(ctx->libctx, md,
|
||||
- sha1_allowed);
|
||||
+ int md_nid;
|
||||
size_t mdname_len = strlen(mdname);
|
||||
+#ifdef FIPS_MODULE
|
||||
+ int sha1_allowed = (ctx->operation != EVP_PKEY_OP_SIGN);
|
||||
+#else
|
||||
+ int sha1_allowed = 0;
|
||||
+#endif
|
||||
+ md_nid = ossl_digest_get_approved_nid_with_sha1(ctx->libctx, md,
|
||||
+ sha1_allowed);
|
||||
|
||||
if (md == NULL || md_nid < 0) {
|
||||
if (md == NULL)
|
||||
diff --git a/providers/implementations/signature/ecdsa_sig.c b/providers/implementations/signature/ecdsa_sig.c
|
||||
index 865d49d1004f0031c82c24c218828a7d9c7269c6..99b228e82c408171bb2458244d2cf763e32a19fb 100644
|
||||
--- a/providers/implementations/signature/ecdsa_sig.c
|
||||
+++ b/providers/implementations/signature/ecdsa_sig.c
|
||||
@@ -237,7 +237,11 @@ static int ecdsa_setup_md(PROV_ECDSA_CTX *ctx, const char *mdname,
|
||||
"%s could not be fetched", mdname);
|
||||
return 0;
|
||||
}
|
||||
+#ifdef FIPS_MODULE
|
||||
sha1_allowed = (ctx->operation != EVP_PKEY_OP_SIGN);
|
||||
+#else
|
||||
+ sha1_allowed = 0;
|
||||
+#endif
|
||||
md_nid = ossl_digest_get_approved_nid_with_sha1(ctx->libctx, md,
|
||||
sha1_allowed);
|
||||
if (md_nid < 0) {
|
||||
diff --git a/providers/implementations/signature/rsa_sig.c b/providers/implementations/signature/rsa_sig.c
|
||||
index 7023a866131e38c214ac7326fdd83274dab81833..f66d7705c35add553694c5808b51d5696f678ee7 100644
|
||||
--- a/providers/implementations/signature/rsa_sig.c
|
||||
+++ b/providers/implementations/signature/rsa_sig.c
|
||||
@@ -25,6 +25,7 @@
|
||||
#include "internal/cryptlib.h"
|
||||
#include "internal/nelem.h"
|
||||
#include "internal/sizes.h"
|
||||
+#include "internal/sslconf.h"
|
||||
#include "crypto/rsa.h"
|
||||
#include "prov/providercommon.h"
|
||||
#include "prov/implementations.h"
|
||||
@@ -33,6 +34,7 @@
|
||||
#include "prov/securitycheck.h"
|
||||
|
||||
#define RSA_DEFAULT_DIGEST_NAME OSSL_DIGEST_NAME_SHA1
|
||||
+#define RSA_DEFAULT_DIGEST_NAME_NONLEGACY OSSL_DIGEST_NAME_SHA2_256
|
||||
|
||||
static OSSL_FUNC_signature_newctx_fn rsa_newctx;
|
||||
static OSSL_FUNC_signature_sign_init_fn rsa_sign_init;
|
||||
@@ -288,10 +290,15 @@ static int rsa_setup_md(PROV_RSA_CTX *ctx, const char *mdname,
|
||||
|
||||
if (mdname != NULL) {
|
||||
EVP_MD *md = EVP_MD_fetch(ctx->libctx, mdname, mdprops);
|
||||
+ int md_nid;
|
||||
+ size_t mdname_len = strlen(mdname);
|
||||
+#ifdef FIPS_MODULE
|
||||
int sha1_allowed = (ctx->operation != EVP_PKEY_OP_SIGN);
|
||||
- int md_nid = ossl_digest_rsa_sign_get_md_nid(ctx->libctx, md,
|
||||
+#else
|
||||
+ int sha1_allowed = 0;
|
||||
+#endif
|
||||
+ md_nid = ossl_digest_rsa_sign_get_md_nid(ctx->libctx, md,
|
||||
sha1_allowed);
|
||||
- size_t mdname_len = strlen(mdname);
|
||||
|
||||
if (md == NULL
|
||||
|| md_nid <= 0
|
||||
@@ -1347,8 +1354,15 @@ static int rsa_set_ctx_params(void *vprsactx, const OSSL_PARAM params[])
|
||||
prsactx->pad_mode = pad_mode;
|
||||
|
||||
if (prsactx->md == NULL && pmdname == NULL
|
||||
- && pad_mode == RSA_PKCS1_PSS_PADDING)
|
||||
+ && pad_mode == RSA_PKCS1_PSS_PADDING) {
|
||||
pmdname = RSA_DEFAULT_DIGEST_NAME;
|
||||
+#ifndef FIPS_MODULE
|
||||
+ if (!ossl_ctx_legacy_digest_signatures_allowed(prsactx->libctx, 0)) {
|
||||
+ pmdname = RSA_DEFAULT_DIGEST_NAME_NONLEGACY;
|
||||
+ }
|
||||
+#endif
|
||||
+ }
|
||||
+
|
||||
|
||||
if (pmgf1mdname != NULL
|
||||
&& !rsa_setup_mgf1_md(prsactx, pmgf1mdname, pmgf1mdprops))
|
||||
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
|
||||
index 48a0b7f6e5908e62b433a306c49a3f2ff7e8df76..909e38c2fe88324884a939b583fd7f43d01f3920 100644
|
||||
--- a/ssl/t1_lib.c
|
||||
+++ b/ssl/t1_lib.c
|
||||
@@ -20,6 +20,7 @@
|
||||
#include <openssl/bn.h>
|
||||
#include <openssl/provider.h>
|
||||
#include <openssl/param_build.h>
|
||||
+#include "internal/sslconf.h"
|
||||
#include "internal/nelem.h"
|
||||
#include "internal/sizes.h"
|
||||
#include "internal/tlsgroups.h"
|
||||
@@ -1150,11 +1151,13 @@ int ssl_setup_sig_algs(SSL_CTX *ctx)
|
||||
= OPENSSL_malloc(sizeof(*lu) * OSSL_NELEM(sigalg_lookup_tbl));
|
||||
EVP_PKEY *tmpkey = EVP_PKEY_new();
|
||||
int ret = 0;
|
||||
+ int ldsigs_allowed;
|
||||
|
||||
if (cache == NULL || tmpkey == NULL)
|
||||
goto err;
|
||||
|
||||
ERR_set_mark();
|
||||
+ ldsigs_allowed = ossl_ctx_legacy_digest_signatures_allowed(ctx->libctx, 0);
|
||||
for (i = 0, lu = sigalg_lookup_tbl;
|
||||
i < OSSL_NELEM(sigalg_lookup_tbl); lu++, i++) {
|
||||
EVP_PKEY_CTX *pctx;
|
||||
@@ -1174,6 +1177,11 @@ int ssl_setup_sig_algs(SSL_CTX *ctx)
|
||||
cache[i].enabled = 0;
|
||||
continue;
|
||||
}
|
||||
+ if ((lu->hash == NID_sha1 || lu->hash == NID_md5_sha1)
|
||||
+ && !ldsigs_allowed) {
|
||||
+ cache[i].enabled = 0;
|
||||
+ continue;
|
||||
+ }
|
||||
|
||||
if (!EVP_PKEY_set_type(tmpkey, lu->sig)) {
|
||||
cache[i].enabled = 0;
|
||||
diff --git a/util/libcrypto.num b/util/libcrypto.num
|
||||
index d94f406606132690d4744e470d98eff377d87699..07ae9a21ec979028eb78feaee4cadb801b790caf 100644
|
||||
--- a/util/libcrypto.num
|
||||
+++ b/util/libcrypto.num
|
||||
@@ -5428,3 +5428,5 @@ EVP_PKEY_CTX_get0_provider 5555 3_0_0 EXIST::FUNCTION:
|
||||
OPENSSL_strcasecmp 5556 3_0_3 EXIST::FUNCTION:
|
||||
OPENSSL_strncasecmp 5557 3_0_3 EXIST::FUNCTION:
|
||||
ossl_safe_getenv ? 3_0_0 EXIST::FUNCTION:
|
||||
+ossl_ctx_legacy_digest_signatures_allowed ? 3_0_1 EXIST::FUNCTION:
|
||||
+ossl_ctx_legacy_digest_signatures_allowed_set ? 3_0_1 EXIST::FUNCTION:
|
||||
--
|
||||
2.37.2
|
||||
|
File diff suppressed because it is too large
Load Diff
|
@ -1,206 +0,0 @@
|
|||
From dbd1021466572be733dfc6f7ae484f1adf467f40 Mon Sep 17 00:00:00 2001
|
||||
From: Clemens Lang <cllang@redhat.com>
|
||||
Date: Tue, 1 Mar 2022 15:44:18 +0100
|
||||
Subject: [PATCH] Allow SHA1 in seclevel 2 if rh-allow-sha1-signatures = yes
|
||||
|
||||
References: rhbz#2055796
|
||||
---
|
||||
crypto/x509/x509_vfy.c | 19 ++++++++++-
|
||||
doc/man5/config.pod | 7 +++-
|
||||
ssl/t1_lib.c | 64 ++++++++++++++++++++++++++++-------
|
||||
test/recipes/25-test_verify.t | 7 ++--
|
||||
4 files changed, 79 insertions(+), 18 deletions(-)
|
||||
|
||||
diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
|
||||
index 2f175ca517f5dd8f8e7d79e5d562981b74c8f987..d1c7d0ce204ca31021a4497ddaa8e7dee45ff6f6 100644
|
||||
--- a/crypto/x509/x509_vfy.c
|
||||
+++ b/crypto/x509/x509_vfy.c
|
||||
@@ -25,6 +25,7 @@
|
||||
#include <openssl/objects.h>
|
||||
#include <openssl/core_names.h>
|
||||
#include "internal/dane.h"
|
||||
+#include "internal/sslconf.h"
|
||||
#include "crypto/x509.h"
|
||||
#include "x509_local.h"
|
||||
|
||||
@@ -3441,14 +3442,30 @@ static int check_sig_level(X509_STORE_CTX *ctx, X509 *cert)
|
||||
{
|
||||
int secbits = -1;
|
||||
int level = ctx->param->auth_level;
|
||||
+ int nid;
|
||||
+ OSSL_LIB_CTX *libctx = NULL;
|
||||
|
||||
if (level <= 0)
|
||||
return 1;
|
||||
if (level > NUM_AUTH_LEVELS)
|
||||
level = NUM_AUTH_LEVELS;
|
||||
|
||||
- if (!X509_get_signature_info(cert, NULL, NULL, &secbits, NULL))
|
||||
+ if (ctx->libctx)
|
||||
+ libctx = ctx->libctx;
|
||||
+ else if (cert->libctx)
|
||||
+ libctx = cert->libctx;
|
||||
+ else
|
||||
+ libctx = OSSL_LIB_CTX_get0_global_default();
|
||||
+
|
||||
+ if (!X509_get_signature_info(cert, &nid, NULL, &secbits, NULL))
|
||||
return 0;
|
||||
|
||||
+ if (nid == NID_sha1
|
||||
+ && ossl_ctx_legacy_digest_signatures_allowed(libctx, 0)
|
||||
+ && ctx->param->auth_level < 3)
|
||||
+ /* When rh-allow-sha1-signatures = yes and security level <= 2,
|
||||
+ * explicitly allow SHA1 for backwards compatibility. */
|
||||
+ return 1;
|
||||
+
|
||||
return secbits >= minbits_table[level - 1];
|
||||
}
|
||||
diff --git a/doc/man5/config.pod b/doc/man5/config.pod
|
||||
index f1536258470563b4fe74f8d1e3db6d73ed316341..29ca805ea7152aa9d39bb14e74cc7fd704ec7acf 100644
|
||||
--- a/doc/man5/config.pod
|
||||
+++ b/doc/man5/config.pod
|
||||
@@ -313,7 +313,12 @@ When set to B<no>, any attempt to create or verify a signature with a SHA1
|
||||
digest will fail. For compatibility with older versions of OpenSSL, set this
|
||||
option to B<yes>. This setting also affects TLS, where signature algorithms
|
||||
that use SHA1 as digest will no longer be supported if this option is set to
|
||||
-B<no>.
|
||||
+B<no>. Note that enabling B<rh-allow-sha1-signatures> will allow TLS signature
|
||||
+algorithms that use SHA1 in security level 2, despite the definition of
|
||||
+security level 2 of 112 bits of security, which SHA1 does not meet. Because
|
||||
+TLS 1.1 or lower use MD5-SHA1 as pseudorandom function (PRF) to derive key
|
||||
+material, disabling B<rh-allow-sha1-signatures> requires the use of TLS 1.2 or
|
||||
+newer.
|
||||
|
||||
=item B<fips_mode> (deprecated)
|
||||
|
||||
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
|
||||
index 909e38c2fe88324884a939b583fd7f43d01f3920..860c7a81d1eaa834e72f81e433e7a0a6a8b1b641 100644
|
||||
--- a/ssl/t1_lib.c
|
||||
+++ b/ssl/t1_lib.c
|
||||
@@ -20,6 +20,7 @@
|
||||
#include <openssl/bn.h>
|
||||
#include <openssl/provider.h>
|
||||
#include <openssl/param_build.h>
|
||||
+#include "crypto/x509.h"
|
||||
#include "internal/sslconf.h"
|
||||
#include "internal/nelem.h"
|
||||
#include "internal/sizes.h"
|
||||
@@ -1566,19 +1567,27 @@ int tls12_check_peer_sigalg(SSL *s, uint16_t sig, EVP_PKEY *pkey)
|
||||
SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_R_UNKNOWN_DIGEST);
|
||||
return 0;
|
||||
}
|
||||
- /*
|
||||
- * Make sure security callback allows algorithm. For historical
|
||||
- * reasons we have to pass the sigalg as a two byte char array.
|
||||
- */
|
||||
- sigalgstr[0] = (sig >> 8) & 0xff;
|
||||
- sigalgstr[1] = sig & 0xff;
|
||||
- secbits = sigalg_security_bits(s->ctx, lu);
|
||||
- if (secbits == 0 ||
|
||||
- !ssl_security(s, SSL_SECOP_SIGALG_CHECK, secbits,
|
||||
- md != NULL ? EVP_MD_get_type(md) : NID_undef,
|
||||
- (void *)sigalgstr)) {
|
||||
- SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_R_WRONG_SIGNATURE_TYPE);
|
||||
- return 0;
|
||||
+
|
||||
+ if (lu->hash == NID_sha1
|
||||
+ && ossl_ctx_legacy_digest_signatures_allowed(s->ctx->libctx, 0)
|
||||
+ && SSL_get_security_level(s) < 3) {
|
||||
+ /* when rh-allow-sha1-signatures = yes and security level <= 2,
|
||||
+ * explicitly allow SHA1 for backwards compatibility */
|
||||
+ } else {
|
||||
+ /*
|
||||
+ * Make sure security callback allows algorithm. For historical
|
||||
+ * reasons we have to pass the sigalg as a two byte char array.
|
||||
+ */
|
||||
+ sigalgstr[0] = (sig >> 8) & 0xff;
|
||||
+ sigalgstr[1] = sig & 0xff;
|
||||
+ secbits = sigalg_security_bits(s->ctx, lu);
|
||||
+ if (secbits == 0 ||
|
||||
+ !ssl_security(s, SSL_SECOP_SIGALG_CHECK, secbits,
|
||||
+ md != NULL ? EVP_MD_get_type(md) : NID_undef,
|
||||
+ (void *)sigalgstr)) {
|
||||
+ SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_R_WRONG_SIGNATURE_TYPE);
|
||||
+ return 0;
|
||||
+ }
|
||||
}
|
||||
/* Store the sigalg the peer uses */
|
||||
s->s3.tmp.peer_sigalg = lu;
|
||||
@@ -2111,6 +2120,14 @@ static int tls12_sigalg_allowed(const SSL *s, int op, const SIGALG_LOOKUP *lu)
|
||||
}
|
||||
}
|
||||
|
||||
+ if (lu->hash == NID_sha1
|
||||
+ && ossl_ctx_legacy_digest_signatures_allowed(s->ctx->libctx, 0)
|
||||
+ && SSL_get_security_level(s) < 3) {
|
||||
+ /* when rh-allow-sha1-signatures = yes and security level <= 2,
|
||||
+ * explicitly allow SHA1 for backwards compatibility */
|
||||
+ return 1;
|
||||
+ }
|
||||
+
|
||||
/* Finally see if security callback allows it */
|
||||
secbits = sigalg_security_bits(s->ctx, lu);
|
||||
sigalgstr[0] = (lu->sigalg >> 8) & 0xff;
|
||||
@@ -2980,6 +2997,8 @@ static int ssl_security_cert_sig(SSL *s, SSL_CTX *ctx, X509 *x, int op)
|
||||
{
|
||||
/* Lookup signature algorithm digest */
|
||||
int secbits, nid, pknid;
|
||||
+ OSSL_LIB_CTX *libctx = NULL;
|
||||
+
|
||||
/* Don't check signature if self signed */
|
||||
if ((X509_get_extension_flags(x) & EXFLAG_SS) != 0)
|
||||
return 1;
|
||||
@@ -2988,6 +3007,25 @@ static int ssl_security_cert_sig(SSL *s, SSL_CTX *ctx, X509 *x, int op)
|
||||
/* If digest NID not defined use signature NID */
|
||||
if (nid == NID_undef)
|
||||
nid = pknid;
|
||||
+
|
||||
+ if (x && x->libctx)
|
||||
+ libctx = x->libctx;
|
||||
+ else if (ctx && ctx->libctx)
|
||||
+ libctx = ctx->libctx;
|
||||
+ else if (s && s->ctx && s->ctx->libctx)
|
||||
+ libctx = s->ctx->libctx;
|
||||
+ else
|
||||
+ libctx = OSSL_LIB_CTX_get0_global_default();
|
||||
+
|
||||
+ if (nid == NID_sha1
|
||||
+ && ossl_ctx_legacy_digest_signatures_allowed(libctx, 0)
|
||||
+ && ((s != NULL && SSL_get_security_level(s) < 3)
|
||||
+ || (ctx != NULL && SSL_CTX_get_security_level(ctx) < 3)
|
||||
+ ))
|
||||
+ /* When rh-allow-sha1-signatures = yes and security level <= 2,
|
||||
+ * explicitly allow SHA1 for backwards compatibility. */
|
||||
+ return 1;
|
||||
+
|
||||
if (s)
|
||||
return ssl_security(s, op, secbits, nid, x);
|
||||
else
|
||||
diff --git a/test/recipes/25-test_verify.t b/test/recipes/25-test_verify.t
|
||||
index bf85ba57c1cf51fe4e8e54654890121bac6738fe..d5665434aaef1ca2b5f2f37b2499f40b1405fd9d 100644
|
||||
--- a/test/recipes/25-test_verify.t
|
||||
+++ b/test/recipes/25-test_verify.t
|
||||
@@ -29,7 +29,7 @@ sub verify {
|
||||
run(app([@args]));
|
||||
}
|
||||
|
||||
-plan tests => 163;
|
||||
+plan tests => 162;
|
||||
|
||||
# Canonical success
|
||||
ok(verify("ee-cert", "sslserver", ["root-cert"], ["ca-cert"]),
|
||||
@@ -410,8 +410,9 @@ ok(verify("ee-pss-sha1-cert", "", ["root-cert"], ["ca-cert"], "-auth_level", "0"
|
||||
ok(verify("ee-pss-sha256-cert", "", ["root-cert"], ["ca-cert"], ),
|
||||
"CA with PSS signature using SHA256");
|
||||
|
||||
-ok(!verify("ee-pss-sha1-cert", "", ["root-cert"], ["ca-cert"], "-auth_level", "1"),
|
||||
- "Reject PSS signature using SHA1 and auth level 1");
|
||||
+## rh-allow-sha1-signatures=yes allows this to pass despite -auth_level 1
|
||||
+#ok(!verify("ee-pss-sha1-cert", "", ["root-cert"], ["ca-cert"], "-auth_level", "1"),
|
||||
+# "Reject PSS signature using SHA1 and auth level 1");
|
||||
|
||||
ok(verify("ee-pss-sha256-cert", "", ["root-cert"], ["ca-cert"], "-auth_level", "2"),
|
||||
"PSS signature using SHA256 and auth level 2");
|
||||
--
|
||||
2.37.2
|
||||
|
|
@ -1,238 +0,0 @@
|
|||
From 428369896db1656af748a67bb36fba039e7b39ad Mon Sep 17 00:00:00 2001
|
||||
From: Clemens Lang <cllang@redhat.com>
|
||||
Date: Mon, 25 Apr 2022 15:21:46 +0200
|
||||
Subject: [PATCH] Instrument SHA-1 signatures with USDT probes
|
||||
|
||||
In order to discover remaining uses of SHA-1 in signatures without
|
||||
forcefully breaking the code paths, add USDT probes that can be queried
|
||||
with systemtap at runtime.
|
||||
|
||||
This should allow identifying components that still use SHA-1 signatures
|
||||
in production so that they can be transitioned to more modern hash
|
||||
algorithms.
|
||||
---
|
||||
crypto/evp/m_sigver.c | 13 +++++++++----
|
||||
crypto/evp/pmeth_lib.c | 13 +++++++++----
|
||||
crypto/x509/x509_vfy.c | 6 +++++-
|
||||
providers/common/securitycheck.c | 22 +++++++++++++++-------
|
||||
providers/common/securitycheck_default.c | 13 +++++++++++--
|
||||
ssl/t1_lib.c | 8 +++++++-
|
||||
6 files changed, 56 insertions(+), 19 deletions(-)
|
||||
|
||||
diff --git a/crypto/evp/m_sigver.c b/crypto/evp/m_sigver.c
|
||||
index 8da2183ce0..c17cdfa5d5 100644
|
||||
--- a/crypto/evp/m_sigver.c
|
||||
+++ b/crypto/evp/m_sigver.c
|
||||
@@ -16,6 +16,8 @@
|
||||
#include "internal/numbers.h" /* includes SIZE_MAX */
|
||||
#include "evp_local.h"
|
||||
|
||||
+#include <sys/sdt.h>
|
||||
+
|
||||
typedef struct ossl_legacy_digest_signatures_st {
|
||||
int allowed;
|
||||
} OSSL_LEGACY_DIGEST_SIGNATURES;
|
||||
@@ -336,10 +338,13 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
|
||||
&& !EVP_PKEY_is_a(locpctx->pkey, SN_tls1_prf)
|
||||
&& !EVP_PKEY_is_a(locpctx->pkey, SN_hkdf)) {
|
||||
int mdnid = EVP_MD_nid(ctx->reqdigest);
|
||||
- if (!ossl_ctx_legacy_digest_signatures_allowed(locpctx->libctx, 0)
|
||||
- && (mdnid == NID_sha1 || mdnid == NID_md5_sha1)) {
|
||||
- ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_DIGEST);
|
||||
- goto err;
|
||||
+ if (mdnid == NID_sha1 || mdnid == NID_md5_sha1) {
|
||||
+ if (!ossl_ctx_legacy_digest_signatures_allowed(locpctx->libctx, 0)) {
|
||||
+ ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_DIGEST);
|
||||
+ goto err;
|
||||
+ } else {
|
||||
+ DTRACE_PROBE1(libcrypto, fedora_do_sigver_init_1, mdnid);
|
||||
+ }
|
||||
}
|
||||
}
|
||||
|
||||
diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c
|
||||
index b96f148c0d..54fcf24945 100644
|
||||
--- a/crypto/evp/pmeth_lib.c
|
||||
+++ b/crypto/evp/pmeth_lib.c
|
||||
@@ -37,6 +37,8 @@
|
||||
#include "internal/sslconf.h"
|
||||
#include "evp_local.h"
|
||||
|
||||
+#include <sys/sdt.h>
|
||||
+
|
||||
#ifndef FIPS_MODULE
|
||||
|
||||
static int evp_pkey_ctx_store_cached_data(EVP_PKEY_CTX *ctx,
|
||||
@@ -956,10 +958,13 @@ static int evp_pkey_ctx_set_md(EVP_PKEY_CTX *ctx, const EVP_MD *md,
|
||||
&& !EVP_PKEY_is_a(ctx->pkey, SN_tls1_prf)
|
||||
&& !EVP_PKEY_is_a(ctx->pkey, SN_hkdf)) {
|
||||
int mdnid = EVP_MD_nid(md);
|
||||
- if ((mdnid == NID_sha1 || mdnid == NID_md5_sha1)
|
||||
- && !ossl_ctx_legacy_digest_signatures_allowed(ctx->libctx, 0)) {
|
||||
- ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_DIGEST);
|
||||
- return -1;
|
||||
+ if (mdnid == NID_sha1 || mdnid == NID_md5_sha1) {
|
||||
+ if (!ossl_ctx_legacy_digest_signatures_allowed(ctx->libctx, 0)) {
|
||||
+ ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_DIGEST);
|
||||
+ return -1;
|
||||
+ } else {
|
||||
+ DTRACE_PROBE1(libcrypto, fedora_evp_pkey_ctx_set_md_1, mdnid);
|
||||
+ }
|
||||
}
|
||||
}
|
||||
|
||||
diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
|
||||
index bf0c608839..78638ce80e 100644
|
||||
--- a/crypto/x509/x509_vfy.c
|
||||
+++ b/crypto/x509/x509_vfy.c
|
||||
@@ -29,6 +29,8 @@
|
||||
#include "crypto/x509.h"
|
||||
#include "x509_local.h"
|
||||
|
||||
+#include <sys/sdt.h>
|
||||
+
|
||||
/* CRL score values */
|
||||
|
||||
#define CRL_SCORE_NOCRITICAL 0x100 /* No unhandled critical extensions */
|
||||
@@ -3462,11 +3464,13 @@ static int check_sig_level(X509_STORE_CTX *ctx, X509 *cert)
|
||||
|
||||
if ((nid == NID_sha1 || nid == NID_md5_sha1)
|
||||
&& ossl_ctx_legacy_digest_signatures_allowed(libctx, 0)
|
||||
- && ctx->param->auth_level < 2)
|
||||
+ && ctx->param->auth_level < 2) {
|
||||
+ DTRACE_PROBE1(libcrypto, fedora_check_sig_level_1, nid);
|
||||
/* When rh-allow-sha1-signatures = yes and security level <= 1,
|
||||
* explicitly allow SHA1 for backwards compatibility. Also allow
|
||||
* MD5-SHA1 because TLS 1.0 is still supported, which uses it. */
|
||||
return 1;
|
||||
+ }
|
||||
|
||||
return secbits >= minbits_table[level - 1];
|
||||
}
|
||||
diff --git a/providers/common/securitycheck.c b/providers/common/securitycheck.c
|
||||
index e534ad0a5f..bf496450cf 100644
|
||||
--- a/providers/common/securitycheck.c
|
||||
+++ b/providers/common/securitycheck.c
|
||||
@@ -21,6 +21,8 @@
|
||||
#include "prov/securitycheck.h"
|
||||
#include "internal/sslconf.h"
|
||||
|
||||
+#include <sys/sdt.h>
|
||||
+
|
||||
/*
|
||||
* FIPS requires a minimum security strength of 112 bits (for encryption or
|
||||
* signing), and for legacy purposes 80 bits (for decryption or verifying).
|
||||
@@ -238,11 +240,14 @@ int ossl_digest_get_approved_nid_with_sha1(OSSL_LIB_CTX *ctx, const EVP_MD *md,
|
||||
# endif /* OPENSSL_NO_FIPS_SECURITYCHECKS */
|
||||
|
||||
#ifndef FIPS_MODULE
|
||||
- if (!ossl_ctx_legacy_digest_signatures_allowed(ctx, 0))
|
||||
- /* SHA1 is globally disabled, check whether we want to locally allow
|
||||
- * it. */
|
||||
- if (mdnid == NID_sha1 && !sha1_allowed)
|
||||
+ if (mdnid == NID_sha1 && !sha1_allowed) {
|
||||
+ if (!ossl_ctx_legacy_digest_signatures_allowed(ctx, 0))
|
||||
+ /* SHA1 is globally disabled, check whether we want to locally allow
|
||||
+ * it. */
|
||||
mdnid = -1;
|
||||
+ else
|
||||
+ DTRACE_PROBE1(libcrypto, fedora_ossl_digest_get_approved_nid_with_sha1_1, mdnid);
|
||||
+ }
|
||||
#endif
|
||||
|
||||
return mdnid;
|
||||
@@ -258,9 +263,12 @@ int ossl_digest_is_allowed(OSSL_LIB_CTX *ctx, const EVP_MD *md)
|
||||
#ifndef FIPS_MODULE
|
||||
{
|
||||
int mdnid = EVP_MD_nid(md);
|
||||
- if ((mdnid == NID_sha1 || mdnid == NID_md5_sha1)
|
||||
- && !ossl_ctx_legacy_digest_signatures_allowed(ctx, 0))
|
||||
- return 0;
|
||||
+ if (mdnid == NID_sha1 || mdnid == NID_md5_sha1) {
|
||||
+ if (!ossl_ctx_legacy_digest_signatures_allowed(ctx, 0))
|
||||
+ return 0;
|
||||
+ else
|
||||
+ DTRACE_PROBE1(libcrypto, fedora_ossl_digest_is_allowed_1, mdnid);
|
||||
+ }
|
||||
}
|
||||
#endif
|
||||
|
||||
diff --git a/providers/common/securitycheck_default.c b/providers/common/securitycheck_default.c
|
||||
index ce54a94fbc..2d21e4a7df 100644
|
||||
--- a/providers/common/securitycheck_default.c
|
||||
+++ b/providers/common/securitycheck_default.c
|
||||
@@ -17,6 +17,8 @@
|
||||
#include "internal/nelem.h"
|
||||
#include "internal/sslconf.h"
|
||||
|
||||
+#include <sys/sdt.h>
|
||||
+
|
||||
/* Disable the security checks in the default provider */
|
||||
int ossl_securitycheck_enabled(OSSL_LIB_CTX *libctx)
|
||||
{
|
||||
@@ -40,9 +42,16 @@ int ossl_digest_rsa_sign_get_md_nid(OSSL_LIB_CTX *ctx, const EVP_MD *md,
|
||||
|
||||
ldsigs_allowed = ossl_ctx_legacy_digest_signatures_allowed(ctx, 0);
|
||||
mdnid = ossl_digest_get_approved_nid_with_sha1(ctx, md, sha1_allowed || ldsigs_allowed);
|
||||
+ if (mdnid == NID_sha1)
|
||||
+ /* This will only happen if SHA1 is allowed, otherwise mdnid is -1. */
|
||||
+ DTRACE_PROBE1(libcrypto, fedora_ossl_digest_rsa_sign_get_md_nid_1, mdnid);
|
||||
if (mdnid == NID_undef)
|
||||
mdnid = ossl_digest_md_to_nid(md, name_to_nid, OSSL_NELEM(name_to_nid));
|
||||
- if (mdnid == NID_md5_sha1 && !ldsigs_allowed)
|
||||
- mdnid = -1;
|
||||
+ if (mdnid == NID_md5_sha1) {
|
||||
+ if (ldsigs_allowed)
|
||||
+ DTRACE_PROBE1(libcrypto, fedora_ossl_digest_rsa_sign_get_md_nid_2, mdnid);
|
||||
+ else
|
||||
+ mdnid = -1;
|
||||
+ }
|
||||
return mdnid;
|
||||
}
|
||||
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
|
||||
index 0b50266b69..d05e696a28 100644
|
||||
--- a/ssl/t1_lib.c
|
||||
+++ b/ssl/t1_lib.c
|
||||
@@ -28,6 +28,8 @@
|
||||
#include "ssl_local.h"
|
||||
#include <openssl/ct.h>
|
||||
|
||||
+#include <sys/sdt.h>
|
||||
+
|
||||
static const SIGALG_LOOKUP *find_sig_alg(SSL *s, X509 *x, EVP_PKEY *pkey);
|
||||
static int tls12_sigalg_allowed(const SSL *s, int op, const SIGALG_LOOKUP *lu);
|
||||
|
||||
@@ -1569,6 +1571,7 @@ int tls12_check_peer_sigalg(SSL *s, uint16_t sig, EVP_PKEY *pkey)
|
||||
/* When rh-allow-sha1-signatures = yes and security level <= 1,
|
||||
* explicitly allow SHA1 for backwards compatibility. Also allow
|
||||
* MD5-SHA1 because TLS 1.0 is still supported, which uses it. */
|
||||
+ DTRACE_PROBE1(libssl, fedora_tls12_check_peer_sigalg_1, lu->hash);
|
||||
} else {
|
||||
/*
|
||||
* Make sure security callback allows algorithm. For historical
|
||||
@@ -2122,6 +2125,7 @@ static int tls12_sigalg_allowed(const SSL *s, int op, const SIGALG_LOOKUP *lu)
|
||||
/* When rh-allow-sha1-signatures = yes and security level <= 1,
|
||||
* explicitly allow SHA1 for backwards compatibility. Also allow
|
||||
* MD5-SHA1 because TLS 1.0 is still supported, which uses it. */
|
||||
+ DTRACE_PROBE1(libssl, fedora_tls12_sigalg_allowed_1, lu->hash);
|
||||
return 1;
|
||||
}
|
||||
|
||||
@@ -3020,11 +3024,13 @@ static int ssl_security_cert_sig(SSL *s, SSL_CTX *ctx, X509 *x, int op)
|
||||
&& ossl_ctx_legacy_digest_signatures_allowed(libctx, 0)
|
||||
&& ((s != NULL && SSL_get_security_level(s) < 2)
|
||||
|| (ctx != NULL && SSL_CTX_get_security_level(ctx) < 2)
|
||||
- ))
|
||||
+ )) {
|
||||
/* When rh-allow-sha1-signatures = yes and security level <= 1,
|
||||
* explicitly allow SHA1 for backwards compatibility. Also allow
|
||||
* MD5-SHA1 because TLS 1.0 is still supported, which uses it. */
|
||||
+ DTRACE_PROBE1(libssl, fedora_ssl_security_cert_sig_1, nid);
|
||||
return 1;
|
||||
+ }
|
||||
|
||||
if (s)
|
||||
return ssl_security(s, op, secbits, nid, x);
|
||||
--
|
||||
2.35.1
|
||||
|
|
@ -1,14 +1,78 @@
|
|||
diff -up openssl-3.0.3/util/libcrypto.num.locale openssl-3.0.3/util/libcrypto.num
|
||||
--- openssl-3.0.3/util/libcrypto.num.locale 2022-06-01 12:35:52.667498724 +0200
|
||||
+++ openssl-3.0.3/util/libcrypto.num 2022-06-01 12:36:08.112633093 +0200
|
||||
@@ -5425,8 +5425,8 @@ ASN1_item_d2i_ex
|
||||
ASN1_TIME_print_ex 5553 3_0_0 EXIST::FUNCTION:
|
||||
EVP_PKEY_get0_provider 5554 3_0_0 EXIST::FUNCTION:
|
||||
EVP_PKEY_CTX_get0_provider 5555 3_0_0 EXIST::FUNCTION:
|
||||
-OPENSSL_strcasecmp 5556 3_0_3 EXIST::FUNCTION:
|
||||
-OPENSSL_strncasecmp 5557 3_0_3 EXIST::FUNCTION:
|
||||
+OPENSSL_strcasecmp 5556 3_0_1 EXIST::FUNCTION:
|
||||
+OPENSSL_strncasecmp 5557 3_0_1 EXIST::FUNCTION:
|
||||
From 8545e0c4c38934fda47b701043dd5ce89c99fe81 Mon Sep 17 00:00:00 2001
|
||||
From: rpm-build <rpm-build>
|
||||
Date: Mon, 31 Jul 2023 09:41:28 +0200
|
||||
Subject: [PATCH 25/35] 0056-strcasecmp.patch
|
||||
|
||||
Patch-name: 0056-strcasecmp.patch
|
||||
Patch-id: 56
|
||||
Patch-status: |
|
||||
# https://github.com/openssl/openssl/pull/18103
|
||||
# The patch is incorporated in 3.0.3 but we provide this function since 3.0.1
|
||||
# so the patch should persist
|
||||
From-dist-git-commit: 9409bc7044cf4b5773639cce20f51399888c45fd
|
||||
---
|
||||
crypto/o_str.c | 14 ++++++++++++--
|
||||
test/recipes/01-test_symbol_presence.t | 1 +
|
||||
util/libcrypto.num | 2 ++
|
||||
3 files changed, 15 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/crypto/o_str.c b/crypto/o_str.c
|
||||
index 3354ce0927..95b9538471 100644
|
||||
--- a/crypto/o_str.c
|
||||
+++ b/crypto/o_str.c
|
||||
@@ -342,7 +342,12 @@ int openssl_strerror_r(int errnum, char *buf, size_t buflen)
|
||||
#endif
|
||||
}
|
||||
|
||||
-int OPENSSL_strcasecmp(const char *s1, const char *s2)
|
||||
+int
|
||||
+#ifndef FIPS_MODULE
|
||||
+__attribute__ ((symver ("OPENSSL_strcasecmp@@OPENSSL_3.0.3"),
|
||||
+ symver ("OPENSSL_strcasecmp@OPENSSL_3.0.1")))
|
||||
+#endif
|
||||
+OPENSSL_strcasecmp(const char *s1, const char *s2)
|
||||
{
|
||||
int t;
|
||||
|
||||
@@ -352,7 +357,12 @@ int OPENSSL_strcasecmp(const char *s1, const char *s2)
|
||||
return t;
|
||||
}
|
||||
|
||||
-int OPENSSL_strncasecmp(const char *s1, const char *s2, size_t n)
|
||||
+int
|
||||
+#ifndef FIPS_MODULE
|
||||
+__attribute__ ((symver ("OPENSSL_strncasecmp@@OPENSSL_3.0.3"),
|
||||
+ symver ("OPENSSL_strncasecmp@OPENSSL_3.0.1")))
|
||||
+#endif
|
||||
+OPENSSL_strncasecmp(const char *s1, const char *s2, size_t n)
|
||||
{
|
||||
int t;
|
||||
size_t i;
|
||||
diff --git a/test/recipes/01-test_symbol_presence.t b/test/recipes/01-test_symbol_presence.t
|
||||
index 5530ade0ad..238a8d762e 100644
|
||||
--- a/test/recipes/01-test_symbol_presence.t
|
||||
+++ b/test/recipes/01-test_symbol_presence.t
|
||||
@@ -77,6 +77,7 @@ foreach my $libname (@libnames) {
|
||||
s| .*||;
|
||||
# Drop OpenSSL dynamic version information if there is any
|
||||
s|\@\@.+$||;
|
||||
+ s|\@.+$||;
|
||||
# Return the result
|
||||
$_
|
||||
}
|
||||
diff --git a/util/libcrypto.num b/util/libcrypto.num
|
||||
index feb660d030..639074c5d0 100644
|
||||
--- a/util/libcrypto.num
|
||||
+++ b/util/libcrypto.num
|
||||
@@ -5435,6 +5435,8 @@ EVP_MD_CTX_dup 5562 3_1_0 EXIST::FUNCTION:
|
||||
EVP_CIPHER_CTX_dup 5563 3_1_0 EXIST::FUNCTION:
|
||||
BN_are_coprime 5564 3_1_0 EXIST::FUNCTION:
|
||||
OSSL_CMP_MSG_update_recipNonce 5565 3_0_9 EXIST::FUNCTION:CMP
|
||||
+OPENSSL_strcasecmp ? 3_0_1 EXIST::FUNCTION:
|
||||
+OPENSSL_strncasecmp ? 3_0_1 EXIST::FUNCTION:
|
||||
ossl_safe_getenv ? 3_0_0 EXIST::FUNCTION:
|
||||
ossl_ctx_legacy_digest_signatures_allowed ? 3_0_1 EXIST::FUNCTION:
|
||||
ossl_ctx_legacy_digest_signatures_allowed_set ? 3_0_1 EXIST::FUNCTION:
|
||||
--
|
||||
2.41.0
|
||||
|
||||
|
|
|
@ -1,6 +1,25 @@
|
|||
diff -up openssl-3.0.1/providers/common/securitycheck.c.rsaenc openssl-3.0.1/providers/common/securitycheck.c
|
||||
--- openssl-3.0.1/providers/common/securitycheck.c.rsaenc 2022-06-24 17:14:33.634692729 +0200
|
||||
+++ openssl-3.0.1/providers/common/securitycheck.c 2022-06-24 17:16:08.966540605 +0200
|
||||
From 56511d480823bedafce604374fa3b15d3b3ffd6b Mon Sep 17 00:00:00 2001
|
||||
From: rpm-build <rpm-build>
|
||||
Date: Mon, 31 Jul 2023 09:41:28 +0200
|
||||
Subject: [PATCH 26/48] 0058-FIPS-limit-rsa-encrypt.patch
|
||||
|
||||
Patch-name: 0058-FIPS-limit-rsa-encrypt.patch
|
||||
Patch-id: 58
|
||||
Patch-status: |
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=2053289
|
||||
From-dist-git-commit: 9409bc7044cf4b5773639cce20f51399888c45fd
|
||||
---
|
||||
providers/common/securitycheck.c | 1 +
|
||||
.../implementations/asymciphers/rsa_enc.c | 35 +++++++++++
|
||||
.../30-test_evp_data/evppkey_rsa_common.txt | 58 ++++++++++++++++++-
|
||||
test/recipes/80-test_cms.t | 5 +-
|
||||
test/recipes/80-test_ssl_old.t | 27 +++++++--
|
||||
5 files changed, 118 insertions(+), 8 deletions(-)
|
||||
|
||||
diff --git a/providers/common/securitycheck.c b/providers/common/securitycheck.c
|
||||
index e534ad0a5f..c017c658e5 100644
|
||||
--- a/providers/common/securitycheck.c
|
||||
+++ b/providers/common/securitycheck.c
|
||||
@@ -27,6 +27,7 @@
|
||||
* Set protect = 1 for encryption or signing operations, or 0 otherwise. See
|
||||
* https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-131Ar2.pdf.
|
||||
|
@ -9,17 +28,18 @@ diff -up openssl-3.0.1/providers/common/securitycheck.c.rsaenc openssl-3.0.1/pro
|
|||
int ossl_rsa_check_key(OSSL_LIB_CTX *ctx, const RSA *rsa, int operation)
|
||||
{
|
||||
int protect = 0;
|
||||
diff -up openssl-3.0.1/providers/implementations/asymciphers/rsa_enc.c.no_bad_pad openssl-3.0.1/providers/implementations/asymciphers/rsa_enc.c
|
||||
--- openssl-3.0.1/providers/implementations/asymciphers/rsa_enc.c.no_bad_pad 2022-05-02 16:04:47.000091901 +0200
|
||||
+++ openssl-3.0.1/providers/implementations/asymciphers/rsa_enc.c 2022-05-02 16:14:50.922443581 +0200
|
||||
@@ -132,6 +132,17 @@ static int rsa_decrypt_init(void *vprsac
|
||||
diff --git a/providers/implementations/asymciphers/rsa_enc.c b/providers/implementations/asymciphers/rsa_enc.c
|
||||
index d865968058..872967bcb3 100644
|
||||
--- a/providers/implementations/asymciphers/rsa_enc.c
|
||||
+++ b/providers/implementations/asymciphers/rsa_enc.c
|
||||
@@ -132,6 +132,17 @@ static int rsa_decrypt_init(void *vprsactx, void *vrsa,
|
||||
return rsa_init(vprsactx, vrsa, params, EVP_PKEY_OP_DECRYPT);
|
||||
}
|
||||
|
||||
+# ifdef FIPS_MODULE
|
||||
+static int fips_padding_allowed(const PROV_RSA_CTX *prsactx)
|
||||
+{
|
||||
+ if (prsactx->pad_mode == RSA_PKCS1_PADDING
|
||||
+ if (prsactx->pad_mode == RSA_PKCS1_PADDING || prsactx->pad_mode == RSA_NO_PADDING
|
||||
+ || prsactx->pad_mode == RSA_PKCS1_WITH_TLS_PADDING)
|
||||
+ return 0;
|
||||
+
|
||||
|
@ -30,7 +50,7 @@ diff -up openssl-3.0.1/providers/implementations/asymciphers/rsa_enc.c.no_bad_pa
|
|||
static int rsa_encrypt(void *vprsactx, unsigned char *out, size_t *outlen,
|
||||
size_t outsize, const unsigned char *in, size_t inlen)
|
||||
{
|
||||
@@ -141,6 +152,18 @@ static int rsa_encrypt(void *vprsactx, u
|
||||
@@ -141,6 +152,18 @@ static int rsa_encrypt(void *vprsactx, unsigned char *out, size_t *outlen,
|
||||
if (!ossl_prov_is_running())
|
||||
return 0;
|
||||
|
||||
|
@ -49,7 +69,7 @@ diff -up openssl-3.0.1/providers/implementations/asymciphers/rsa_enc.c.no_bad_pa
|
|||
if (out == NULL) {
|
||||
size_t len = RSA_size(prsactx->rsa);
|
||||
|
||||
@@ -202,6 +220,18 @@ static int rsa_decrypt(void *vprsactx, u
|
||||
@@ -204,6 +227,18 @@ static int rsa_decrypt(void *vprsactx, unsigned char *out, size_t *outlen,
|
||||
if (!ossl_prov_is_running())
|
||||
return 0;
|
||||
|
||||
|
@ -68,75 +88,11 @@ diff -up openssl-3.0.1/providers/implementations/asymciphers/rsa_enc.c.no_bad_pa
|
|||
if (prsactx->pad_mode == RSA_PKCS1_WITH_TLS_PADDING) {
|
||||
if (out == NULL) {
|
||||
*outlen = SSL_MAX_MASTER_KEY_LENGTH;
|
||||
diff -up openssl-3.0.1/test/recipes/80-test_cms.t.no_bad_pad openssl-3.0.1/test/recipes/80-test_cms.t
|
||||
--- openssl-3.0.1/test/recipes/80-test_cms.t.no_bad_pad 2022-05-02 17:04:07.610782138 +0200
|
||||
+++ openssl-3.0.1/test/recipes/80-test_cms.t 2022-05-02 17:06:03.595814620 +0200
|
||||
@@ -232,7 +232,7 @@ my @smime_pkcs7_tests = (
|
||||
\&final_compare
|
||||
],
|
||||
|
||||
- [ "enveloped content test streaming S/MIME format, AES-256 cipher, 3 recipients",
|
||||
+ [ "enveloped content test streaming S/MIME format, AES-256 cipher, 3 recipients, no Red Hat FIPS",
|
||||
[ "{cmd1}", @prov, "-encrypt", "-in", $smcont,
|
||||
"-aes256", "-stream", "-out", "{output}.cms",
|
||||
$smrsa1,
|
||||
@@ -865,5 +865,8 @@ sub check_availability {
|
||||
return "$tnam: skipped, DSA disabled\n"
|
||||
if ($no_dsa && $tnam =~ / DSA/);
|
||||
|
||||
+ return "$tnam: skipped, Red Hat FIPS\n"
|
||||
+ if ($tnam =~ /no Red Hat FIPS/);
|
||||
+
|
||||
return "";
|
||||
}
|
||||
diff -up openssl-3.0.1/test/recipes/80-test_ssl_old.t.no_bad_pad openssl-3.0.1/test/recipes/80-test_ssl_old.t
|
||||
--- openssl-3.0.1/test/recipes/80-test_ssl_old.t.no_bad_pad 2022-05-02 17:26:37.962838053 +0200
|
||||
+++ openssl-3.0.1/test/recipes/80-test_ssl_old.t 2022-05-02 17:34:20.297950449 +0200
|
||||
@@ -483,6 +483,18 @@ sub testssl {
|
||||
# the default choice if TLSv1.3 enabled
|
||||
my $flag = $protocol eq "-tls1_3" ? "" : $protocol;
|
||||
my $ciphersuites = "";
|
||||
+ my %redhat_skip_cipher = map {$_ => 1} qw(
|
||||
+AES256-GCM-SHA384:@SECLEVEL=0
|
||||
+AES256-CCM8:@SECLEVEL=0
|
||||
+AES256-CCM:@SECLEVEL=0
|
||||
+AES128-GCM-SHA256:@SECLEVEL=0
|
||||
+AES128-CCM8:@SECLEVEL=0
|
||||
+AES128-CCM:@SECLEVEL=0
|
||||
+AES256-SHA256:@SECLEVEL=0
|
||||
+AES128-SHA256:@SECLEVEL=0
|
||||
+AES256-SHA:@SECLEVEL=0
|
||||
+AES128-SHA:@SECLEVEL=0
|
||||
+ );
|
||||
foreach my $cipher (@{$ciphersuites{$protocol}}) {
|
||||
if ($protocol eq "-ssl3" && $cipher =~ /ECDH/ ) {
|
||||
note "*****SKIPPING $protocol $cipher";
|
||||
@@ -494,11 +506,16 @@ sub testssl {
|
||||
} else {
|
||||
$cipher = $cipher.':@SECLEVEL=0';
|
||||
}
|
||||
- ok(run(test([@ssltest, @exkeys, "-cipher",
|
||||
- $cipher,
|
||||
- "-ciphersuites", $ciphersuites,
|
||||
- $flag || ()])),
|
||||
- "Testing $cipher");
|
||||
+ if ($provider eq "fips" && exists $redhat_skip_cipher{$cipher}) {
|
||||
+ note "*****SKIPPING $cipher in Red Hat FIPS mode";
|
||||
+ ok(1);
|
||||
+ } else {
|
||||
+ ok(run(test([@ssltest, @exkeys, "-cipher",
|
||||
+ $cipher,
|
||||
+ "-ciphersuites", $ciphersuites,
|
||||
+ $flag || ()])),
|
||||
+ "Testing $cipher");
|
||||
+ }
|
||||
}
|
||||
}
|
||||
next if $protocol eq "-tls1_3";
|
||||
diff -up openssl-3.0.1/test/recipes/30-test_evp_data/evppkey_rsa_common.txt.fipskeylen openssl-3.0.1/test/recipes/30-test_evp_data/evppkey_rsa_common.txt
|
||||
--- openssl-3.0.1/test/recipes/30-test_evp_data/evppkey_rsa_common.txt.fipskeylen 2022-06-16 14:26:19.383530498 +0200
|
||||
+++ openssl-3.0.1/test/recipes/30-test_evp_data/evppkey_rsa_common.txt 2022-06-16 14:39:53.637777701 +0200
|
||||
@@ -263,12 +263,13 @@ Input = 64b0e9f9892371110c40ba5739dc0974
|
||||
diff --git a/test/recipes/30-test_evp_data/evppkey_rsa_common.txt b/test/recipes/30-test_evp_data/evppkey_rsa_common.txt
|
||||
index 8680797b90..95d5d51102 100644
|
||||
--- a/test/recipes/30-test_evp_data/evppkey_rsa_common.txt
|
||||
+++ b/test/recipes/30-test_evp_data/evppkey_rsa_common.txt
|
||||
@@ -248,13 +248,13 @@ Input = 64b0e9f9892371110c40ba5739dc0974002aa6e6160b481447c6819947c2d3b537a6e377
|
||||
Output = 0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef
|
||||
|
||||
# RSA decrypt
|
||||
|
@ -147,11 +103,12 @@ diff -up openssl-3.0.1/test/recipes/30-test_evp_data/evppkey_rsa_common.txt.fips
|
|||
Output = "Hello World"
|
||||
|
||||
# Corrupted ciphertext
|
||||
-FIPSversion = <3.2.0
|
||||
+Availablein = default
|
||||
Decrypt = RSA-2048
|
||||
Input = 550AF55A2904E7B9762352F8FB7FA235A9CB053AACB2D5FCB8CA48453CB2EE3619746C701ABF2D4CC67003471A187900B05AA812BD25ED05C675DFC8C97A24A7BF49BD6214992CAD766D05A9A2B57B74F26A737E0237B8B76C45F1F226A836D7CFBC75BA999BDBE48DBC09227AA46C88F21DCCBA7840141AD5A5D71FD122E6BD6AC3E564780DFE623FC1CA9B995A6037BF0BBD43B205A84AC5444F34202C05CE9113087176432476576DE6FFFF9A52EA57C08BE3EC2F49676CB8E12F762AC71FA3C321E00AC988910C85FF52F93825666CE0D40FFAA0592078919D4493F46D95CCF76364C6D57760DD0B64805F9AFC76A2365A5575CA301D5103F0EA76CB9A79
|
||||
Output = "Hello World"
|
||||
@@ -665,36 +666,42 @@ vcDtKrdWo6btTWc1Kml9QhbpMhKxJ6Y9VBHOb6mN
|
||||
@@ -619,36 +619,42 @@ vcDtKrdWo6btTWc1Kml9QhbpMhKxJ6Y9VBHOb6mNXb79cyY+NygUJ0OBgWbtfdY2
|
||||
h90qjKHS9PvY4Q==
|
||||
-----END PRIVATE KEY-----
|
||||
|
||||
|
@ -194,7 +151,7 @@ diff -up openssl-3.0.1/test/recipes/30-test_evp_data/evppkey_rsa_common.txt.fips
|
|||
Decrypt=RSA-OAEP-1
|
||||
Ctrl = rsa_padding_mode:oaep
|
||||
Ctrl = rsa_mgf1_md:sha1
|
||||
@@ -719,36 +726,42 @@ SwGNdhGLJDiac1Dsg2sAY6IXISNv2O222JtR5+64
|
||||
@@ -673,36 +679,42 @@ SwGNdhGLJDiac1Dsg2sAY6IXISNv2O222JtR5+64e2EbcTLLfqc1bCMVHB53UVB8
|
||||
eG2e4XlBcKjI6A==
|
||||
-----END PRIVATE KEY-----
|
||||
|
||||
|
@ -237,7 +194,7 @@ diff -up openssl-3.0.1/test/recipes/30-test_evp_data/evppkey_rsa_common.txt.fips
|
|||
Decrypt=RSA-OAEP-2
|
||||
Ctrl = rsa_padding_mode:oaep
|
||||
Ctrl = rsa_mgf1_md:sha1
|
||||
@@ -773,36 +786,42 @@ iUGx07dw5a0x7jc7KKzaaf+bb0D+V4ufGvuFg2+W
|
||||
@@ -727,36 +739,42 @@ iUGx07dw5a0x7jc7KKzaaf+bb0D+V4ufGvuFg2+WJ9N6z/c8J3nmNLsmARwsj38z
|
||||
Ya4qnqZe1onjY5o=
|
||||
-----END PRIVATE KEY-----
|
||||
|
||||
|
@ -280,7 +237,7 @@ diff -up openssl-3.0.1/test/recipes/30-test_evp_data/evppkey_rsa_common.txt.fips
|
|||
Decrypt=RSA-OAEP-3
|
||||
Ctrl = rsa_padding_mode:oaep
|
||||
Ctrl = rsa_mgf1_md:sha1
|
||||
@@ -827,36 +846,42 @@ s/XkIiO6MDAcQabYfLtw4wy308Z9JUc9sfbL8D4/
|
||||
@@ -781,36 +799,42 @@ s/XkIiO6MDAcQabYfLtw4wy308Z9JUc9sfbL8D4/kSbj6XloJ5qGWywrQmUkz8Uq
|
||||
aD0x7TDrmEvkEro=
|
||||
-----END PRIVATE KEY-----
|
||||
|
||||
|
@ -323,7 +280,7 @@ diff -up openssl-3.0.1/test/recipes/30-test_evp_data/evppkey_rsa_common.txt.fips
|
|||
Decrypt=RSA-OAEP-4
|
||||
Ctrl = rsa_padding_mode:oaep
|
||||
Ctrl = rsa_mgf1_md:sha1
|
||||
@@ -881,36 +906,42 @@ OPlAQGLrhaQpJFILOPW7iGoBlvSLuNzqYP2SzAJ/
|
||||
@@ -835,36 +859,42 @@ OPlAQGLrhaQpJFILOPW7iGoBlvSLuNzqYP2SzAJ/GOeBWKNKXF1fhgoPbAQHGn0B
|
||||
MSwGUGLx60i3nRyDyw==
|
||||
-----END PRIVATE KEY-----
|
||||
|
||||
|
@ -366,7 +323,7 @@ diff -up openssl-3.0.1/test/recipes/30-test_evp_data/evppkey_rsa_common.txt.fips
|
|||
Decrypt=RSA-OAEP-5
|
||||
Ctrl = rsa_padding_mode:oaep
|
||||
Ctrl = rsa_mgf1_md:sha1
|
||||
@@ -935,36 +966,42 @@ xT1F29tenZbQ/s9Cdd8JdLxKBza0p0wyaQU++2hq
|
||||
@@ -889,36 +919,42 @@ xT1F29tenZbQ/s9Cdd8JdLxKBza0p0wyaQU++2hqziQG4iyeBY3bSuVAYnri/bCC
|
||||
Yejn5Ly8mU2q+jBcRQ==
|
||||
-----END PRIVATE KEY-----
|
||||
|
||||
|
@ -409,7 +366,7 @@ diff -up openssl-3.0.1/test/recipes/30-test_evp_data/evppkey_rsa_common.txt.fips
|
|||
Decrypt=RSA-OAEP-6
|
||||
Ctrl = rsa_padding_mode:oaep
|
||||
Ctrl = rsa_mgf1_md:sha1
|
||||
@@ -989,36 +1026,42 @@ tu4XIedy0DiaVZw9PN+VUNRXxGsDe3RkGx1SFmr4
|
||||
@@ -943,36 +979,42 @@ tu4XIedy0DiaVZw9PN+VUNRXxGsDe3RkGx1SFmr4ohPIOWIGzfukQi8Y1vYdvLXS
|
||||
FMlxv0gq65dqc3DC
|
||||
-----END PRIVATE KEY-----
|
||||
|
||||
|
@ -452,7 +409,7 @@ diff -up openssl-3.0.1/test/recipes/30-test_evp_data/evppkey_rsa_common.txt.fips
|
|||
Decrypt=RSA-OAEP-7
|
||||
Ctrl = rsa_padding_mode:oaep
|
||||
Ctrl = rsa_mgf1_md:sha1
|
||||
@@ -1043,36 +1086,42 @@ njraT2MgdSwJ2AX/fR8a4NAXru7pzvoNfdf/d15E
|
||||
@@ -997,36 +1039,42 @@ njraT2MgdSwJ2AX/fR8a4NAXru7pzvoNfdf/d15EtXgyL2QF1iEdoZUZZmqof9xM
|
||||
2MiPa249Z+lh3Luj0A==
|
||||
-----END PRIVATE KEY-----
|
||||
|
||||
|
@ -495,7 +452,7 @@ diff -up openssl-3.0.1/test/recipes/30-test_evp_data/evppkey_rsa_common.txt.fips
|
|||
Decrypt=RSA-OAEP-8
|
||||
Ctrl = rsa_padding_mode:oaep
|
||||
Ctrl = rsa_mgf1_md:sha1
|
||||
@@ -1103,36 +1152,42 @@ Z7CDuaemy2HkLbNiuMmJbbcGTgKtWuYVh9oVtGSc
|
||||
@@ -1057,36 +1105,42 @@ Z7CDuaemy2HkLbNiuMmJbbcGTgKtWuYVh9oVtGSckFlJCf6zfby2VL63Jo7IAeWo
|
||||
tKo5Eb69iFQvBb4=
|
||||
-----END PRIVATE KEY-----
|
||||
|
||||
|
@ -538,3 +495,74 @@ diff -up openssl-3.0.1/test/recipes/30-test_evp_data/evppkey_rsa_common.txt.fips
|
|||
Decrypt=RSA-OAEP-9
|
||||
Ctrl = rsa_padding_mode:oaep
|
||||
Ctrl = rsa_mgf1_md:sha1
|
||||
diff --git a/test/recipes/80-test_cms.t b/test/recipes/80-test_cms.t
|
||||
index cbec426137..9ba7fbeed2 100644
|
||||
--- a/test/recipes/80-test_cms.t
|
||||
+++ b/test/recipes/80-test_cms.t
|
||||
@@ -233,7 +233,7 @@ my @smime_pkcs7_tests = (
|
||||
\&final_compare
|
||||
],
|
||||
|
||||
- [ "enveloped content test streaming S/MIME format, AES-256 cipher, 3 recipients",
|
||||
+ [ "enveloped content test streaming S/MIME format, AES-256 cipher, 3 recipients, no Red Hat FIPS",
|
||||
[ "{cmd1}", @prov, "-encrypt", "-in", $smcont,
|
||||
"-aes256", "-stream", "-out", "{output}.cms",
|
||||
$smrsa1,
|
||||
@@ -1022,6 +1022,9 @@ sub check_availability {
|
||||
return "$tnam: skipped, DSA disabled\n"
|
||||
if ($no_dsa && $tnam =~ / DSA/);
|
||||
|
||||
+ return "$tnam: skipped, Red Hat FIPS\n"
|
||||
+ if ($tnam =~ /no Red Hat FIPS/);
|
||||
+
|
||||
return "";
|
||||
}
|
||||
|
||||
diff --git a/test/recipes/80-test_ssl_old.t b/test/recipes/80-test_ssl_old.t
|
||||
index e2dcb68fb5..0775112b40 100644
|
||||
--- a/test/recipes/80-test_ssl_old.t
|
||||
+++ b/test/recipes/80-test_ssl_old.t
|
||||
@@ -493,6 +493,18 @@ sub testssl {
|
||||
# the default choice if TLSv1.3 enabled
|
||||
my $flag = $protocol eq "-tls1_3" ? "" : $protocol;
|
||||
my $ciphersuites = "";
|
||||
+ my %redhat_skip_cipher = map {$_ => 1} qw(
|
||||
+AES256-GCM-SHA384:@SECLEVEL=0
|
||||
+AES256-CCM8:@SECLEVEL=0
|
||||
+AES256-CCM:@SECLEVEL=0
|
||||
+AES128-GCM-SHA256:@SECLEVEL=0
|
||||
+AES128-CCM8:@SECLEVEL=0
|
||||
+AES128-CCM:@SECLEVEL=0
|
||||
+AES256-SHA256:@SECLEVEL=0
|
||||
+AES128-SHA256:@SECLEVEL=0
|
||||
+AES256-SHA:@SECLEVEL=0
|
||||
+AES128-SHA:@SECLEVEL=0
|
||||
+ );
|
||||
foreach my $cipher (@{$ciphersuites{$protocol}}) {
|
||||
if ($protocol eq "-ssl3" && $cipher =~ /ECDH/ ) {
|
||||
note "*****SKIPPING $protocol $cipher";
|
||||
@@ -504,11 +516,16 @@ sub testssl {
|
||||
} else {
|
||||
$cipher = $cipher.':@SECLEVEL=0';
|
||||
}
|
||||
- ok(run(test([@ssltest, @exkeys, "-cipher",
|
||||
- $cipher,
|
||||
- "-ciphersuites", $ciphersuites,
|
||||
- $flag || ()])),
|
||||
- "Testing $cipher");
|
||||
+ if ($provider eq "fips" && exists $redhat_skip_cipher{$cipher}) {
|
||||
+ note "*****SKIPPING $cipher in Red Hat FIPS mode";
|
||||
+ ok(1);
|
||||
+ } else {
|
||||
+ ok(run(test([@ssltest, @exkeys, "-cipher",
|
||||
+ $cipher,
|
||||
+ "-ciphersuites", $ciphersuites,
|
||||
+ $flag || ()])),
|
||||
+ "Testing $cipher");
|
||||
+ }
|
||||
}
|
||||
}
|
||||
next if $protocol eq "-tls1_3";
|
||||
--
|
||||
2.41.0
|
||||
|
||||
|
|
|
@ -1,420 +0,0 @@
|
|||
diff -up openssl-3.0.1/crypto/ec/ec_backend.c.fips_kat_signature openssl-3.0.1/crypto/ec/ec_backend.c
|
||||
--- openssl-3.0.1/crypto/ec/ec_backend.c.fips_kat_signature 2022-04-04 15:49:24.786455707 +0200
|
||||
+++ openssl-3.0.1/crypto/ec/ec_backend.c 2022-04-04 16:06:13.250271963 +0200
|
||||
@@ -393,6 +393,10 @@ int ossl_ec_key_fromdata(EC_KEY *ec, con
|
||||
const OSSL_PARAM *param_priv_key = NULL, *param_pub_key = NULL;
|
||||
BN_CTX *ctx = NULL;
|
||||
BIGNUM *priv_key = NULL;
|
||||
+#ifdef FIPS_MODULE
|
||||
+ const OSSL_PARAM *param_sign_kat_k = NULL;
|
||||
+ BIGNUM *sign_kat_k = NULL;
|
||||
+#endif
|
||||
unsigned char *pub_key = NULL;
|
||||
size_t pub_key_len;
|
||||
const EC_GROUP *ecg = NULL;
|
||||
@@ -408,7 +412,10 @@ int ossl_ec_key_fromdata(EC_KEY *ec, con
|
||||
if (include_private)
|
||||
param_priv_key =
|
||||
OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_PRIV_KEY);
|
||||
-
|
||||
+#ifdef FIPS_MODULE
|
||||
+ param_sign_kat_k =
|
||||
+ OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_REDHAT_SIGN_KAT_K);
|
||||
+#endif
|
||||
ctx = BN_CTX_new_ex(ossl_ec_key_get_libctx(ec));
|
||||
if (ctx == NULL)
|
||||
goto err;
|
||||
@@ -481,6 +489,17 @@ int ossl_ec_key_fromdata(EC_KEY *ec, con
|
||||
&& !EC_KEY_set_public_key(ec, pub_point))
|
||||
goto err;
|
||||
|
||||
+#ifdef FIPS_MODULE
|
||||
+ if (param_sign_kat_k) {
|
||||
+ if ((sign_kat_k = BN_secure_new()) == NULL)
|
||||
+ goto err;
|
||||
+ BN_set_flags(sign_kat_k, BN_FLG_CONSTTIME);
|
||||
+
|
||||
+ if (!OSSL_PARAM_get_BN(param_sign_kat_k, &sign_kat_k))
|
||||
+ goto err;
|
||||
+ ec->sign_kat_k = sign_kat_k;
|
||||
+ }
|
||||
+#endif
|
||||
ok = 1;
|
||||
|
||||
err:
|
||||
diff -up openssl-3.0.1/crypto/ec/ecdsa_ossl.c.fips_kat_signature openssl-3.0.1/crypto/ec/ecdsa_ossl.c
|
||||
--- openssl-3.0.1/crypto/ec/ecdsa_ossl.c.fips_kat_signature 2022-04-04 17:01:35.725323127 +0200
|
||||
+++ openssl-3.0.1/crypto/ec/ecdsa_ossl.c 2022-04-04 17:03:42.000427050 +0200
|
||||
@@ -20,6 +20,10 @@
|
||||
#include "crypto/bn.h"
|
||||
#include "ec_local.h"
|
||||
|
||||
+#ifdef FIPS_MODULE
|
||||
+extern int REDHAT_FIPS_signature_st;
|
||||
+#endif
|
||||
+
|
||||
int ossl_ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp,
|
||||
BIGNUM **rp)
|
||||
{
|
||||
@@ -126,6 +130,11 @@ static int ecdsa_sign_setup(EC_KEY *ecke
|
||||
goto err;
|
||||
|
||||
do {
|
||||
+#ifdef FIPS_MODULE
|
||||
+ if (REDHAT_FIPS_signature_st && eckey->sign_kat_k != NULL) {
|
||||
+ BN_copy(k, eckey->sign_kat_k);
|
||||
+ } else {
|
||||
+#endif
|
||||
/* get random k */
|
||||
do {
|
||||
if (dgst != NULL) {
|
||||
@@ -141,7 +150,9 @@ static int ecdsa_sign_setup(EC_KEY *ecke
|
||||
}
|
||||
}
|
||||
} while (BN_is_zero(k));
|
||||
-
|
||||
+#ifdef FIPS_MODULE
|
||||
+ }
|
||||
+#endif
|
||||
/* compute r the x-coordinate of generator * k */
|
||||
if (!EC_POINT_mul(group, tmp_point, k, NULL, NULL, ctx)) {
|
||||
ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB);
|
||||
diff -up openssl-3.0.1/crypto/ec/ec_key.c.fips_kat_signature openssl-3.0.1/crypto/ec/ec_key.c
|
||||
--- openssl-3.0.1/crypto/ec/ec_key.c.fips_kat_signature 2022-04-04 13:48:52.231172299 +0200
|
||||
+++ openssl-3.0.1/crypto/ec/ec_key.c 2022-04-04 14:00:35.077368605 +0200
|
||||
@@ -97,6 +97,9 @@ void EC_KEY_free(EC_KEY *r)
|
||||
EC_GROUP_free(r->group);
|
||||
EC_POINT_free(r->pub_key);
|
||||
BN_clear_free(r->priv_key);
|
||||
+#ifdef FIPS_MODULE
|
||||
+ BN_clear_free(r->sign_kat_k);
|
||||
+#endif
|
||||
OPENSSL_free(r->propq);
|
||||
|
||||
OPENSSL_clear_free((void *)r, sizeof(EC_KEY));
|
||||
diff -up openssl-3.0.1/crypto/ec/ec_local.h.fips_kat_signature openssl-3.0.1/crypto/ec/ec_local.h
|
||||
--- openssl-3.0.1/crypto/ec/ec_local.h.fips_kat_signature 2022-04-04 13:46:57.576161867 +0200
|
||||
+++ openssl-3.0.1/crypto/ec/ec_local.h 2022-04-04 13:48:07.827780835 +0200
|
||||
@@ -298,6 +298,9 @@ struct ec_key_st {
|
||||
#ifndef FIPS_MODULE
|
||||
CRYPTO_EX_DATA ex_data;
|
||||
#endif
|
||||
+#ifdef FIPS_MODULE
|
||||
+ BIGNUM *sign_kat_k;
|
||||
+#endif
|
||||
CRYPTO_RWLOCK *lock;
|
||||
OSSL_LIB_CTX *libctx;
|
||||
char *propq;
|
||||
diff -up openssl-3.0.1/include/openssl/core_names.h.fips_kat_signature openssl-3.0.1/include/openssl/core_names.h
|
||||
--- openssl-3.0.1/include/openssl/core_names.h.fips_kat_signature 2022-04-04 14:06:15.717370014 +0200
|
||||
+++ openssl-3.0.1/include/openssl/core_names.h 2022-04-04 14:07:35.376071229 +0200
|
||||
@@ -293,6 +293,7 @@ extern "C" {
|
||||
#define OSSL_PKEY_PARAM_DIST_ID "distid"
|
||||
#define OSSL_PKEY_PARAM_PUB_KEY "pub"
|
||||
#define OSSL_PKEY_PARAM_PRIV_KEY "priv"
|
||||
+#define OSSL_PKEY_PARAM_REDHAT_SIGN_KAT_K "rh_sign_kat_k"
|
||||
|
||||
/* Diffie-Hellman/DSA Parameters */
|
||||
#define OSSL_PKEY_PARAM_FFC_P "p"
|
||||
diff -up openssl-3.0.1/providers/implementations/keymgmt/ec_kmgmt.c.fips_kat_signature openssl-3.0.1/providers/implementations/keymgmt/ec_kmgmt.c
|
||||
--- openssl-3.0.1/providers/implementations/keymgmt/ec_kmgmt.c.fips_kat_signature 2022-04-04 14:21:03.043180906 +0200
|
||||
+++ openssl-3.0.1/providers/implementations/keymgmt/ec_kmgmt.c 2022-04-04 14:38:33.949406645 +0200
|
||||
@@ -530,7 +530,8 @@ end:
|
||||
# define EC_IMEXPORTABLE_PUBLIC_KEY \
|
||||
OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY, NULL, 0)
|
||||
# define EC_IMEXPORTABLE_PRIVATE_KEY \
|
||||
- OSSL_PARAM_BN(OSSL_PKEY_PARAM_PRIV_KEY, NULL, 0)
|
||||
+ OSSL_PARAM_BN(OSSL_PKEY_PARAM_PRIV_KEY, NULL, 0), \
|
||||
+ OSSL_PARAM_BN(OSSL_PKEY_PARAM_REDHAT_SIGN_KAT_K, NULL, 0)
|
||||
# define EC_IMEXPORTABLE_OTHER_PARAMETERS \
|
||||
OSSL_PARAM_int(OSSL_PKEY_PARAM_USE_COFACTOR_ECDH, NULL), \
|
||||
OSSL_PARAM_int(OSSL_PKEY_PARAM_EC_INCLUDE_PUBLIC, NULL)
|
||||
diff -up openssl-3.0.1/providers/fips/self_test_kats.c.kat openssl-3.0.1/providers/fips/self_test_kats.c
|
||||
--- openssl-3.0.1/providers/fips/self_test_kats.c.kat 2022-05-10 15:10:32.502185265 +0200
|
||||
+++ openssl-3.0.1/providers/fips/self_test_kats.c 2022-05-10 15:13:21.465653720 +0200
|
||||
@@ -17,6 +17,8 @@
|
||||
#include "self_test.h"
|
||||
#include "self_test_data.inc"
|
||||
|
||||
+int REDHAT_FIPS_signature_st = 0;
|
||||
+
|
||||
static int self_test_digest(const ST_KAT_DIGEST *t, OSSL_SELF_TEST *st,
|
||||
OSSL_LIB_CTX *libctx)
|
||||
{
|
||||
@@ -446,6 +448,7 @@ static int self_test_sign(const ST_KAT_S
|
||||
EVP_PKEY *pkey = NULL;
|
||||
unsigned char sig[256];
|
||||
BN_CTX *bnctx = NULL;
|
||||
+ BIGNUM *K = NULL;
|
||||
size_t siglen = sizeof(sig);
|
||||
static const unsigned char dgst[] = {
|
||||
0x7f, 0x83, 0xb1, 0x65, 0x7f, 0xf1, 0xfc, 0x53, 0xb9, 0x2d, 0xc1, 0x81,
|
||||
@@ -462,6 +465,9 @@ static int self_test_sign(const ST_KAT_S
|
||||
bnctx = BN_CTX_new_ex(libctx);
|
||||
if (bnctx == NULL)
|
||||
goto err;
|
||||
+ K = BN_CTX_get(bnctx);
|
||||
+ if (K == NULL || BN_bin2bn(dgst, sizeof(dgst), K) == NULL)
|
||||
+ goto err;
|
||||
|
||||
bld = OSSL_PARAM_BLD_new();
|
||||
if (bld == NULL)
|
||||
@@ -469,6 +475,9 @@ static int self_test_sign(const ST_KAT_S
|
||||
|
||||
if (!add_params(bld, t->key, bnctx))
|
||||
goto err;
|
||||
+ /* set K for ECDSA KAT tests */
|
||||
+ if (!OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_REDHAT_SIGN_KAT_K, K))
|
||||
+ goto err;
|
||||
params = OSSL_PARAM_BLD_to_param(bld);
|
||||
|
||||
/* Create a EVP_PKEY_CTX to load the DSA key into */
|
||||
@@ -689,11 +698,13 @@ static int self_test_kas(OSSL_SELF_TEST
|
||||
static int self_test_signatures(OSSL_SELF_TEST *st, OSSL_LIB_CTX *libctx)
|
||||
{
|
||||
int i, ret = 1;
|
||||
+ REDHAT_FIPS_signature_st = 1;
|
||||
|
||||
for (i = 0; i < (int)OSSL_NELEM(st_kat_sign_tests); ++i) {
|
||||
if (!self_test_sign(&st_kat_sign_tests[i], st, libctx))
|
||||
ret = 0;
|
||||
}
|
||||
+ REDHAT_FIPS_signature_st = 0;
|
||||
return ret;
|
||||
}
|
||||
|
||||
diff -up openssl-3.0.1/providers/fips/self_test_data.inc.kat openssl-3.0.1/providers/fips/self_test_data.inc
|
||||
--- openssl-3.0.1/providers/fips/self_test_data.inc.kat 2022-05-16 17:37:34.962807400 +0200
|
||||
+++ openssl-3.0.1/providers/fips/self_test_data.inc 2022-05-16 17:48:10.709376779 +0200
|
||||
@@ -1399,7 +1399,151 @@ static const ST_KAT_PARAM ecdsa_prime_ke
|
||||
ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, ecd_prime_priv),
|
||||
ST_KAT_PARAM_END()
|
||||
};
|
||||
+static const unsigned char ec224r1_kat_sig[] = {
|
||||
+0x30, 0x3c, 0x02, 0x1c, 0x2f, 0x24, 0x30, 0x96, 0x3b, 0x39, 0xe0, 0xab, 0xe2, 0x5a, 0x6f, 0xe0,
|
||||
+0x40, 0x7e, 0x19, 0x30, 0x6e, 0x6a, 0xfd, 0x7a, 0x2b, 0x5d, 0xaa, 0xc2, 0x34, 0x6c, 0xc8, 0xce,
|
||||
+0x02, 0x1c, 0x47, 0xe1, 0xac, 0xfd, 0xb4, 0xb8, 0x2b, 0x8c, 0x49, 0xb6, 0x36, 0xcd, 0xdd, 0x22,
|
||||
+0x2a, 0x2d, 0x29, 0x64, 0x70, 0x61, 0xc3, 0x3e, 0x18, 0x51, 0xec, 0xf2, 0xad, 0x3c
|
||||
+};
|
||||
|
||||
+static const char ecd_prime_curve_name384[] = "secp384r1";
|
||||
+/*
|
||||
+priv:
|
||||
+ 58:12:2b:94:be:29:23:13:83:f5:c4:20:e8:22:34:
|
||||
+ 54:73:49:91:10:05:e9:10:e9:d7:2d:72:9c:5e:6a:
|
||||
+ ba:8f:6d:d6:e4:a7:eb:e0:ae:e3:d4:c9:aa:33:87:
|
||||
+ 4c:91:87
|
||||
+pub:
|
||||
+ 04:d1:86:8b:f5:c4:a2:f7:a5:92:e6:85:2a:d2:92:
|
||||
+ 81:97:0a:8d:fa:09:3f:84:6c:17:43:03:43:49:23:
|
||||
+ 77:c4:31:f4:0a:a4:de:87:ac:5c:c0:d1:bc:e4:43:
|
||||
+ 7f:8d:44:e1:3b:5f:bc:27:c8:79:0f:d0:31:9f:a7:
|
||||
+ 6d:de:fb:f7:da:19:40:fd:aa:83:dc:69:ce:a6:f3:
|
||||
+ 4d:65:20:1c:66:82:80:03:f7:7b:2e:f3:b3:7c:1f:
|
||||
+ 11:f2:a3:bf:e8:0e:88
|
||||
+*/
|
||||
+static const unsigned char ecd_prime_priv384[] = {
|
||||
+ 0x58, 0x12, 0x2b, 0x94, 0xbe, 0x29, 0x23, 0x13, 0x83, 0xf5, 0xc4, 0x20, 0xe8, 0x22, 0x34,
|
||||
+ 0x54, 0x73, 0x49, 0x91, 0x10, 0x05, 0xe9, 0x10, 0xe9, 0xd7, 0x2d, 0x72, 0x9c, 0x5e, 0x6a,
|
||||
+ 0xba, 0x8f, 0x6d, 0xd6, 0xe4, 0xa7, 0xeb, 0xe0, 0xae, 0xe3, 0xd4, 0xc9, 0xaa, 0x33, 0x87,
|
||||
+ 0x4c, 0x91, 0x87
|
||||
+};
|
||||
+static const unsigned char ecd_prime_pub384[] = {
|
||||
+ 0x04, 0xd1, 0x86, 0x8b, 0xf5, 0xc4, 0xa2, 0xf7, 0xa5, 0x92, 0xe6, 0x85, 0x2a, 0xd2, 0x92,
|
||||
+ 0x81, 0x97, 0x0a, 0x8d, 0xfa, 0x09, 0x3f, 0x84, 0x6c, 0x17, 0x43, 0x03, 0x43, 0x49, 0x23,
|
||||
+ 0x77, 0xc4, 0x31, 0xf4, 0x0a, 0xa4, 0xde, 0x87, 0xac, 0x5c, 0xc0, 0xd1, 0xbc, 0xe4, 0x43,
|
||||
+ 0x7f, 0x8d, 0x44, 0xe1, 0x3b, 0x5f, 0xbc, 0x27, 0xc8, 0x79, 0x0f, 0xd0, 0x31, 0x9f, 0xa7,
|
||||
+ 0x6d, 0xde, 0xfb, 0xf7, 0xda, 0x19, 0x40, 0xfd, 0xaa, 0x83, 0xdc, 0x69, 0xce, 0xa6, 0xf3,
|
||||
+ 0x4d, 0x65, 0x20, 0x1c, 0x66, 0x82, 0x80, 0x03, 0xf7, 0x7b, 0x2e, 0xf3, 0xb3, 0x7c, 0x1f,
|
||||
+ 0x11, 0xf2, 0xa3, 0xbf, 0xe8, 0x0e, 0x88
|
||||
+};
|
||||
+static const ST_KAT_PARAM ecdsa_prime_key384[] = {
|
||||
+ ST_KAT_PARAM_UTF8STRING(OSSL_PKEY_PARAM_GROUP_NAME, ecd_prime_curve_name384),
|
||||
+ ST_KAT_PARAM_OCTET(OSSL_PKEY_PARAM_PUB_KEY, ecd_prime_pub384),
|
||||
+ ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, ecd_prime_priv384),
|
||||
+ ST_KAT_PARAM_END()
|
||||
+};
|
||||
+static const unsigned char ec384r1_kat_sig[] = {
|
||||
+0x30, 0x65, 0x02, 0x30, 0x1a, 0xd5, 0x57, 0x1b, 0x28, 0x0f, 0xf1, 0x68, 0x66, 0x68, 0x8a, 0x98,
|
||||
+0xe3, 0x9c, 0xce, 0x7f, 0xa7, 0x68, 0xdc, 0x84, 0x5a, 0x65, 0xdc, 0x2b, 0x5d, 0x7e, 0xf3, 0x9b,
|
||||
+0xa0, 0x40, 0xe8, 0x7a, 0x02, 0xc7, 0x82, 0xe0, 0x0c, 0x81, 0xa5, 0xda, 0x55, 0x27, 0xbf, 0x79,
|
||||
+0xee, 0x72, 0xc2, 0x14, 0x02, 0x31, 0x00, 0xd1, 0x9d, 0x67, 0xda, 0x5a, 0xd2, 0x58, 0x68, 0xe7,
|
||||
+0x71, 0x08, 0xb2, 0xa4, 0xe4, 0xe8, 0x74, 0xb4, 0x0a, 0x3d, 0x76, 0x49, 0x31, 0x17, 0x6e, 0x33,
|
||||
+0x16, 0xf0, 0x00, 0x1f, 0x3c, 0x1f, 0xf9, 0x7c, 0xdb, 0x93, 0x49, 0x9c, 0x7d, 0xb3, 0xd3, 0x30,
|
||||
+0x98, 0x81, 0x6f, 0xb0, 0xc9, 0x30, 0x2f
|
||||
+};
|
||||
+static const char ecd_prime_curve_name521[] = "secp521r1";
|
||||
+/*
|
||||
+priv:
|
||||
+ 00:44:0f:96:31:a9:87:f2:5f:be:a0:bc:ef:0c:ae:
|
||||
+ 58:cc:5f:f8:44:9e:89:86:7e:bf:db:ce:cb:0e:20:
|
||||
+ 10:4a:11:ec:0b:51:1d:e4:91:ca:c6:40:fb:c6:69:
|
||||
+ ad:68:33:9e:c8:f5:c4:c6:a5:93:a8:4d:a9:a9:a2:
|
||||
+ af:fe:6d:cb:c2:3b
|
||||
+pub:
|
||||
+ 04:01:5f:58:a9:40:0c:ee:9b:ed:4a:f4:7a:3c:a3:
|
||||
+ 89:c2:f3:7e:2c:f4:b5:53:80:ae:33:7d:36:d1:b5:
|
||||
+ 18:bd:ef:a9:48:00:ea:88:ee:00:5c:ca:07:08:b5:
|
||||
+ 67:4a:c3:2b:10:c6:07:b0:c2:45:37:b7:1d:e3:6c:
|
||||
+ e1:bf:2c:44:18:4a:aa:01:af:75:40:6a:e3:f5:b2:
|
||||
+ 7f:d1:9d:1b:8b:29:1f:91:4d:db:93:bf:bd:8c:b7:
|
||||
+ 6a:8d:4b:2c:36:2a:6b:ab:54:9d:7b:31:99:a4:de:
|
||||
+ c9:10:c4:f4:a3:f4:6d:94:97:62:16:a5:34:65:1f:
|
||||
+ 42:cd:8b:9e:e6:db:14:5d:a9:8d:19:95:8d
|
||||
+*/
|
||||
+static const unsigned char ecd_prime_priv521[] = {
|
||||
+ 0x00, 0x44, 0x0f, 0x96, 0x31, 0xa9, 0x87, 0xf2, 0x5f, 0xbe, 0xa0, 0xbc, 0xef, 0x0c, 0xae,
|
||||
+ 0x58, 0xcc, 0x5f, 0xf8, 0x44, 0x9e, 0x89, 0x86, 0x7e, 0xbf, 0xdb, 0xce, 0xcb, 0x0e, 0x20,
|
||||
+ 0x10, 0x4a, 0x11, 0xec, 0x0b, 0x51, 0x1d, 0xe4, 0x91, 0xca, 0xc6, 0x40, 0xfb, 0xc6, 0x69,
|
||||
+ 0xad, 0x68, 0x33, 0x9e, 0xc8, 0xf5, 0xc4, 0xc6, 0xa5, 0x93, 0xa8, 0x4d, 0xa9, 0xa9, 0xa2,
|
||||
+ 0xaf, 0xfe, 0x6d, 0xcb, 0xc2, 0x3b
|
||||
+};
|
||||
+static const unsigned char ecd_prime_pub521[] = {
|
||||
+ 0x04, 0x01, 0x5f, 0x58, 0xa9, 0x40, 0x0c, 0xee, 0x9b, 0xed, 0x4a, 0xf4, 0x7a, 0x3c, 0xa3,
|
||||
+ 0x89, 0xc2, 0xf3, 0x7e, 0x2c, 0xf4, 0xb5, 0x53, 0x80, 0xae, 0x33, 0x7d, 0x36, 0xd1, 0xb5,
|
||||
+ 0x18, 0xbd, 0xef, 0xa9, 0x48, 0x00, 0xea, 0x88, 0xee, 0x00, 0x5c, 0xca, 0x07, 0x08, 0xb5,
|
||||
+ 0x67, 0x4a, 0xc3, 0x2b, 0x10, 0xc6, 0x07, 0xb0, 0xc2, 0x45, 0x37, 0xb7, 0x1d, 0xe3, 0x6c,
|
||||
+ 0xe1, 0xbf, 0x2c, 0x44, 0x18, 0x4a, 0xaa, 0x01, 0xaf, 0x75, 0x40, 0x6a, 0xe3, 0xf5, 0xb2,
|
||||
+ 0x7f, 0xd1, 0x9d, 0x1b, 0x8b, 0x29, 0x1f, 0x91, 0x4d, 0xdb, 0x93, 0xbf, 0xbd, 0x8c, 0xb7,
|
||||
+ 0x6a, 0x8d, 0x4b, 0x2c, 0x36, 0x2a, 0x6b, 0xab, 0x54, 0x9d, 0x7b, 0x31, 0x99, 0xa4, 0xde,
|
||||
+ 0xc9, 0x10, 0xc4, 0xf4, 0xa3, 0xf4, 0x6d, 0x94, 0x97, 0x62, 0x16, 0xa5, 0x34, 0x65, 0x1f,
|
||||
+ 0x42, 0xcd, 0x8b, 0x9e, 0xe6, 0xdb, 0x14, 0x5d, 0xa9, 0x8d, 0x19, 0x95, 0x8d
|
||||
+};
|
||||
+static const ST_KAT_PARAM ecdsa_prime_key521[] = {
|
||||
+ ST_KAT_PARAM_UTF8STRING(OSSL_PKEY_PARAM_GROUP_NAME, ecd_prime_curve_name521),
|
||||
+ ST_KAT_PARAM_OCTET(OSSL_PKEY_PARAM_PUB_KEY, ecd_prime_pub521),
|
||||
+ ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, ecd_prime_priv521),
|
||||
+ ST_KAT_PARAM_END()
|
||||
+};
|
||||
+static const unsigned char ec521r1_kat_sig[] = {
|
||||
+0x30, 0x81, 0x88, 0x02, 0x42, 0x00, 0xdf, 0x64, 0x9c, 0xc8, 0x5b, 0xdd, 0x0b, 0x7f, 0x69, 0x7e,
|
||||
+0xdb, 0x83, 0x58, 0x67, 0x63, 0x43, 0xb7, 0xfa, 0x40, 0x29, 0xde, 0xb9, 0xde, 0xe9, 0x96, 0x65,
|
||||
+0xe6, 0x8e, 0xf4, 0xeb, 0xd0, 0xe9, 0x6a, 0xd3, 0x27, 0x6c, 0x4d, 0x60, 0x47, 0x9c, 0x62, 0xb8,
|
||||
+0x6c, 0xc1, 0x36, 0x19, 0x65, 0xff, 0xab, 0xcf, 0x24, 0xa3, 0xde, 0xd1, 0x4b, 0x1b, 0xdd, 0x89,
|
||||
+0xcf, 0xf8, 0x72, 0x7b, 0x92, 0xbc, 0x02, 0x02, 0x42, 0x01, 0xf8, 0x07, 0x77, 0xb8, 0xcb, 0xa2,
|
||||
+0xe2, 0x1f, 0x53, 0x9a, 0x7c, 0x16, 0xb5, 0x8e, 0xad, 0xe3, 0xc3, 0xac, 0xb7, 0xb2, 0x51, 0x8f,
|
||||
+0xf9, 0x09, 0x65, 0x43, 0xf8, 0xd8, 0x3c, 0xe3, 0x5c, 0x4a, 0x5e, 0x3d, 0x6f, 0xb7, 0xbb, 0x5a,
|
||||
+0x92, 0x69, 0xec, 0x71, 0xa2, 0x35, 0xe5, 0x29, 0x17, 0xaf, 0xc9, 0x69, 0xa7, 0xaa, 0x94, 0xf9,
|
||||
+0xf9, 0x50, 0x87, 0x7b, 0x5d, 0x87, 0xe3, 0xd6, 0x3f, 0xb6, 0x6e
|
||||
+};
|
||||
+static const char ecd_prime_curve_name256[] = "prime256v1";
|
||||
+/*
|
||||
+priv:
|
||||
+ 84:88:11:3f:a9:c9:9e:23:72:8b:40:cb:a2:b1:88:
|
||||
+ 01:1e:92:48:af:13:2d:9b:33:8e:6d:43:40:30:c7:
|
||||
+ 30:fa
|
||||
+pub:
|
||||
+ 04:22:58:b6:f9:01:3b:8c:a6:9b:9f:ae:75:fc:73:
|
||||
+ cf:1b:f0:81:dc:55:a3:cc:5d:81:46:85:06:32:34:
|
||||
+ 99:0d:c5:7e:a1:95:bb:21:73:33:40:4b:35:17:f6:
|
||||
+ 8e:26:61:46:94:2c:4c:ac:9b:20:f8:08:72:25:74:
|
||||
+ 98:66:c4:63:a6
|
||||
+*/
|
||||
+static const unsigned char ecd_prime_priv256[] = {
|
||||
+ 0x84, 0x88, 0x11, 0x3f, 0xa9, 0xc9, 0x9e, 0x23, 0x72, 0x8b, 0x40, 0xcb, 0xa2, 0xb1, 0x88,
|
||||
+ 0x01, 0x1e, 0x92, 0x48, 0xaf, 0x13, 0x2d, 0x9b, 0x33, 0x8e, 0x6d, 0x43, 0x40, 0x30, 0xc7,
|
||||
+ 0x30, 0xfa
|
||||
+};
|
||||
+static const unsigned char ecd_prime_pub256[] = {
|
||||
+ 0x04, 0x22, 0x58, 0xb6, 0xf9, 0x01, 0x3b, 0x8c, 0xa6, 0x9b, 0x9f, 0xae, 0x75, 0xfc, 0x73,
|
||||
+ 0xcf, 0x1b, 0xf0, 0x81, 0xdc, 0x55, 0xa3, 0xcc, 0x5d, 0x81, 0x46, 0x85, 0x06, 0x32, 0x34,
|
||||
+ 0x99, 0x0d, 0xc5, 0x7e, 0xa1, 0x95, 0xbb, 0x21, 0x73, 0x33, 0x40, 0x4b, 0x35, 0x17, 0xf6,
|
||||
+ 0x8e, 0x26, 0x61, 0x46, 0x94, 0x2c, 0x4c, 0xac, 0x9b, 0x20, 0xf8, 0x08, 0x72, 0x25, 0x74,
|
||||
+ 0x98, 0x66, 0xc4, 0x63, 0xa6
|
||||
+};
|
||||
+static const ST_KAT_PARAM ecdsa_prime_key256[] = {
|
||||
+ ST_KAT_PARAM_UTF8STRING(OSSL_PKEY_PARAM_GROUP_NAME, ecd_prime_curve_name256),
|
||||
+ ST_KAT_PARAM_OCTET(OSSL_PKEY_PARAM_PUB_KEY, ecd_prime_pub256),
|
||||
+ ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, ecd_prime_priv256),
|
||||
+ ST_KAT_PARAM_END()
|
||||
+};
|
||||
+static const unsigned char ec256v1_kat_sig[] = {
|
||||
+0x30, 0x46, 0x02, 0x21, 0x00, 0xc9, 0x11, 0x27, 0x06, 0x51, 0x2b, 0x50, 0x8c, 0x6b, 0xc0, 0xa6,
|
||||
+0x85, 0xaa, 0xf4, 0x66, 0x0d, 0xe4, 0x54, 0x0a, 0x10, 0xb6, 0x9f, 0x87, 0xfc, 0xa2, 0xbc, 0x8f,
|
||||
+0x3c, 0x58, 0xb4, 0xe9, 0x41, 0x02, 0x21, 0x00, 0xc9, 0x72, 0x94, 0xa9, 0xdd, 0x52, 0xca, 0x21,
|
||||
+0x82, 0x66, 0x7a, 0x68, 0xcb, 0x1e, 0x3b, 0x12, 0x71, 0x4d, 0x56, 0xb5, 0xb7, 0xdd, 0xca, 0x2b,
|
||||
+0x18, 0xa3, 0xa7, 0x08, 0x0d, 0xfa, 0x9c, 0x66
|
||||
+};
|
||||
# ifndef OPENSSL_NO_EC2M
|
||||
static const char ecd_bin_curve_name[] = "sect233r1";
|
||||
static const unsigned char ecd_bin_priv[] = {
|
||||
@@ -1571,8 +1715,42 @@ static const ST_KAT_SIGN st_kat_sign_tes
|
||||
ecdsa_prime_key,
|
||||
/*
|
||||
* The ECDSA signature changes each time due to it using a random k.
|
||||
- * So there is no expected KAT for this case.
|
||||
+ * We provide this value in our build
|
||||
+ */
|
||||
+ ITM(ec224r1_kat_sig)
|
||||
+ },
|
||||
+ {
|
||||
+ OSSL_SELF_TEST_DESC_SIGN_ECDSA,
|
||||
+ "EC",
|
||||
+ "SHA-256",
|
||||
+ ecdsa_prime_key384,
|
||||
+ /*
|
||||
+ * The ECDSA signature changes each time due to it using a random k.
|
||||
+ * We provide this value in our build
|
||||
+ */
|
||||
+ ITM(ec384r1_kat_sig)
|
||||
+ },
|
||||
+ {
|
||||
+ OSSL_SELF_TEST_DESC_SIGN_ECDSA,
|
||||
+ "EC",
|
||||
+ "SHA-256",
|
||||
+ ecdsa_prime_key521,
|
||||
+ /*
|
||||
+ * The ECDSA signature changes each time due to it using a random k.
|
||||
+ * We provide this value in our build
|
||||
+ */
|
||||
+ ITM(ec521r1_kat_sig)
|
||||
+ },
|
||||
+ {
|
||||
+ OSSL_SELF_TEST_DESC_SIGN_ECDSA,
|
||||
+ "EC",
|
||||
+ "SHA-256",
|
||||
+ ecdsa_prime_key256,
|
||||
+ /*
|
||||
+ * The ECDSA signature changes each time due to it using a random k.
|
||||
+ * We provide this value in our build
|
||||
*/
|
||||
+ ITM(ec256v1_kat_sig)
|
||||
},
|
||||
# ifndef OPENSSL_NO_EC2M
|
||||
{
|
||||
diff -up openssl-3.0.1/crypto/ec/ecp_s390x_nistp.c.fipskat openssl-3.0.1/crypto/ec/ecp_s390x_nistp.c
|
||||
--- openssl-3.0.1/crypto/ec/ecp_s390x_nistp.c.fipskat 2022-05-30 14:48:53.180999124 +0200
|
||||
+++ openssl-3.0.1/crypto/ec/ecp_s390x_nistp.c 2022-05-30 14:58:52.841286228 +0200
|
||||
@@ -44,6 +44,10 @@
|
||||
#define S390X_OFF_RN(n) (4 * n)
|
||||
#define S390X_OFF_Y(n) (4 * n)
|
||||
|
||||
+#ifdef FIPS_MODULE
|
||||
+extern int REDHAT_FIPS_signature_st;
|
||||
+#endif
|
||||
+
|
||||
static int ec_GFp_s390x_nistp_mul(const EC_GROUP *group, EC_POINT *r,
|
||||
const BIGNUM *scalar,
|
||||
size_t num, const EC_POINT *points[],
|
||||
@@ -183,11 +187,21 @@ static ECDSA_SIG *ecdsa_s390x_nistp_sign
|
||||
* because kdsa instruction constructs an in-range, invertible nonce
|
||||
* internally implementing counter-measures for RNG weakness.
|
||||
*/
|
||||
+#ifdef FIPS_MODULE
|
||||
+ if (REDHAT_FIPS_signature_st && eckey->sign_kat_k != NULL) {
|
||||
+ BN_bn2binpad(eckey->sign_kat_k, param + S390X_OFF_RN(len), len);
|
||||
+ /* Turns KDSA internal nonce-generation off. */
|
||||
+ fc |= S390X_KDSA_D;
|
||||
+ } else {
|
||||
+#endif
|
||||
if (RAND_priv_bytes_ex(eckey->libctx, param + S390X_OFF_RN(len),
|
||||
(size_t)len, 0) != 1) {
|
||||
ERR_raise(ERR_LIB_EC, EC_R_RANDOM_NUMBER_GENERATION_FAILED);
|
||||
goto ret;
|
||||
}
|
||||
+#ifdef FIPS_MODULE
|
||||
+ }
|
||||
+#endif
|
||||
} else {
|
||||
/* Reconstruct k = (k^-1)^-1. */
|
||||
if (ossl_ec_group_do_inverse_ord(group, k, kinv, NULL) == 0
|
|
@ -568,851 +568,3 @@ index 8c52b637fc..ff75c5b6ec 100644
|
|||
|
||||
SKIP: {
|
||||
skip "No IPv4 available on this machine", 4
|
||||
diff -up openssl-3.0.5/test/smime-certs/smdh.pem.0061 openssl-3.0.5/test/smime-certs/smdh.pem
|
||||
--- openssl-3.0.5/test/smime-certs/smdh.pem.0061 2022-09-02 14:17:15.331436663 +0200
|
||||
+++ openssl-3.0.5/test/smime-certs/smdh.pem 2022-09-02 14:17:15.347436804 +0200
|
||||
@@ -1,47 +1,47 @@
|
||||
-----BEGIN PRIVATE KEY-----
|
||||
-MIICXAIBADCCAjUGByqGSM4+AgEwggIoAoIBAQCB6AUA/1eXRh+iLWHXe+lUl6e+
|
||||
-+460tAIIpsQ1jw1ZaTmlH9SlrWSBNVRVHwDuBW7vA+lKgBvDpCIjmhRbgrZIGwcZ
|
||||
-6ruCYy5KF/B3AW5MApC9QCDaVrG6Hb7NfpMgwuUIKvvvOMrrvn4r5Oxtsx9rORTE
|
||||
-bdS33MuZCOIbodjs5u+e/2hhssOwgUTMASDwXppJTyeMwAAZ+p78ByrSULP6yYdP
|
||||
-PTh8sK1begDG6YTSKE3VqYNg1yaE5tQvCQ0U2L4qZ8JqexAVHbR8LA8MNhtA1pma
|
||||
-Zj4q2WNAEevpprIIRXgJEZY278nPlvVeoKfOef9RBHgQ6ZTnZ1Et5iLMCwYHAoIB
|
||||
-AFVgJaHfnBVJYfaQh1NyoVZJ5xX6UvvL5xEKUwwEMgs8JSOzp2UI+KRDpy9KbNH7
|
||||
-93Kwa2d8Q7ynciDiCmd1ygF4CJKb4ZOwjWjpZ4DedHr0XokGhyBCyjaBxOi3i4tP
|
||||
-EFO8YHs5B/yOZHzcpTfs2VxJqIm3KF8q0Ify9PWDAsgo+d21/+eye60FHjF9o2/D
|
||||
-l3NRlOhUhHNGykfqFgKEEEof3/3c6r5BS0oRXdsu6dx/y2/v8j9aJoHfyGHkswxr
|
||||
-ULSBxJENOBB89C+GET6yhbxV1e4SFwzHnXgG8bWXwk7bea6ZqXbHq0pT3kUiQeKe
|
||||
-assXKqRBAG9NLbQ3mmx8RFkCHQDIVBWPf6VwBa2s1CAcsIziVJ8qr/KAKx9DZ3h5
|
||||
-BB4CHAF3VZBAC/TB85J4PzsLJ+VrOWr0c8kQlYUR9rw=
|
||||
+MIICXQIBADCCAjUGByqGSM4+AgEwggIoAoIBAQCCyx9ZhD6HY5xgusGDrJZJ+FdT
|
||||
+e9OxD/p9DQNKqoLyJ10TAUXuycozVqDAD4v1wsOAPH0TDOX9Ns87PXgTbd6DpSJt
|
||||
+F1ZLW+1pklZs2m0cLl4raOe8CZGHkSgia0wC40LAg/u/JZ6NAG2YSiFEtjbkf81l
|
||||
+pvL0946LiHfHklMtSOkK3H9PkGB/KrXMITRR2P1u78AzTvc2YL7iLlCu6mV2g6v4
|
||||
+ieeWprywTaZ8gp3NBMjyuRJniGCQ52jPfOvT32w/sBTIfUO+95u/eEHrTP4K+vTk
|
||||
+VS3wLo5ypgrveRdALKvqkHe0qfNr5VQRk2Pt6ReH35kjiUPLZCccgJr9h80hAoIB
|
||||
+AE50cpgSJBYr9+5dj+fJJcXf/KX9rttlBXyveUP+vbSm/oW443/IksO3oLMy1Raq
|
||||
+tHTDBhtNrH7rSK6CDStKrMkgHsjTYkZOU85vCdrVi3UZBz0GiYO/8kQ8aLeTe3LB
|
||||
+7QB0kkkUgZ7etsnNxEkz9WQwohTvGBHBFNDKDqWadP9BpNrFoDCYojit7GOZPQgt
|
||||
+eEiCO8D9xu0sEXT8ZdRqWcmkTfeMRojrzxt0LpT/vUKHGsBFmUN7kH4Hy9z2LJxB
|
||||
+DrYYkV3LSAweuUQKBocNI7bbbOvPByUvHVMfJBrBmwIJI3vc3091njOH53zATNNv
|
||||
+ta+9S7L4zNsvbg8RtJyH8i4CHQCY12PTXj6Ipxbqq4d1Q+AoUqnN/H9lAS46teXv
|
||||
+BB8CHQCGE6pxpX5lWcH6+TGLDoLo3T5L2/5KTd0tRNdj
|
||||
-----END PRIVATE KEY-----
|
||||
-----BEGIN CERTIFICATE-----
|
||||
-MIIFmDCCBICgAwIBAgIUWlJkHZZ2eZgkGCHFtcMAjlLdDH8wDQYJKoZIhvcNAQEL
|
||||
+MIIFljCCBH6gAwIBAgIUMNF4DNf+H6AXGApe99UrJWFcAnwwDQYJKoZIhvcNAQEL
|
||||
BQAwRDELMAkGA1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAxHTAbBgNV
|
||||
-BAMMFFRlc3QgUy9NSU1FIFJTQSBSb290MCAXDTIyMDYwMjE1MzMxNFoYDzIxMjIw
|
||||
-NTA5MTUzMzE0WjBEMQswCQYDVQQGEwJVSzEWMBQGA1UECgwNT3BlblNTTCBHcm91
|
||||
-cDEdMBsGA1UEAwwUVGVzdCBTL01JTUUgRUUgREggIzEwggNCMIICNQYHKoZIzj4C
|
||||
-ATCCAigCggEBAIHoBQD/V5dGH6ItYdd76VSXp777jrS0AgimxDWPDVlpOaUf1KWt
|
||||
-ZIE1VFUfAO4Fbu8D6UqAG8OkIiOaFFuCtkgbBxnqu4JjLkoX8HcBbkwCkL1AINpW
|
||||
-sbodvs1+kyDC5Qgq++84yuu+fivk7G2zH2s5FMRt1Lfcy5kI4huh2Ozm757/aGGy
|
||||
-w7CBRMwBIPBemklPJ4zAABn6nvwHKtJQs/rJh089OHywrVt6AMbphNIoTdWpg2DX
|
||||
-JoTm1C8JDRTYvipnwmp7EBUdtHwsDww2G0DWmZpmPirZY0AR6+mmsghFeAkRljbv
|
||||
-yc+W9V6gp855/1EEeBDplOdnUS3mIswLBgcCggEAVWAlod+cFUlh9pCHU3KhVknn
|
||||
-FfpS+8vnEQpTDAQyCzwlI7OnZQj4pEOnL0ps0fv3crBrZ3xDvKdyIOIKZ3XKAXgI
|
||||
-kpvhk7CNaOlngN50evReiQaHIELKNoHE6LeLi08QU7xgezkH/I5kfNylN+zZXEmo
|
||||
-ibcoXyrQh/L09YMCyCj53bX/57J7rQUeMX2jb8OXc1GU6FSEc0bKR+oWAoQQSh/f
|
||||
-/dzqvkFLShFd2y7p3H/Lb+/yP1omgd/IYeSzDGtQtIHEkQ04EHz0L4YRPrKFvFXV
|
||||
-7hIXDMedeAbxtZfCTtt5rpmpdserSlPeRSJB4p5qyxcqpEEAb00ttDeabHxEWQId
|
||||
-AMhUFY9/pXAFrazUIBywjOJUnyqv8oArH0NneHkDggEFAAKCAQBigH0Mp4jUMSfK
|
||||
-yOhKlEfyZ/hj/EImsUYW4+u8xjBN+ruOJUTJ06Mtgw3g2iLkhQoO9NROqvC9rdLj
|
||||
-+j3e+1QWm9EDNKQAa4nUp8/W+XZ5KkQWudmtaojEXD1+kd44ieNLtPGuVnPtDGO4
|
||||
-zPf04IUq7tDGbMDMMn6YXvW6f28lR3gF5vvVIsnjsd/Lau6orzmNSrymXegsEsFR
|
||||
-Q7hT+/tPoAtro6Hx9rBrYb/0OCiRe4YuYrFKkC0aaJfUQepVyuVMSTxxKTzq8T06
|
||||
-M8SBITlmkPFZJHyGzV/+a72hpJsAa0BaDnpxH3cFpEMzeYG1XQK461zexoIYN3ub
|
||||
-i3xNPUzPo2AwXjAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIF4DAdBgNVHQ4E
|
||||
-FgQULayIqKcWHtUH4pFolI6dKxycIG8wHwYDVR0jBBgwFoAUFcETIWviVV+nah1X
|
||||
-INbP86lzZFkwDQYJKoZIhvcNAQELBQADggEBAKjKvvJ6Vc9HiQXACqqRZnekz2gO
|
||||
-ue71nsXXDr2+y4PPpgcDzgtO3vhQc7Akv6Uyca9LY7w/X+temP63yxdLpKXTV19w
|
||||
-Or0p4VEvTZ8AttMjFh4Hl8caVYk/J4TIudSXLIfKROP6sFu5GOw7W3xpBkL5Zio6
|
||||
-3dqe6xAYK0woNQPDfj5yOAlqj1Ohth81JywW5h2g8GfLtNe62coAqwjMJT+ExHfU
|
||||
-EkF/beSqRGOvXwyhSxFpe7HVjUMgrgdfoZnNsoPmpH3eTiF4BjamGWI1+Z0o+RHa
|
||||
-oPwN+cCzbDsi9uTQJO1D5S697heX00zzzU/KSW7djNzKv55vm24znuFkXTM=
|
||||
+BAMMFFRlc3QgUy9NSU1FIFJTQSBSb290MB4XDTIyMDUyMzE0MzM0NloXDTMyMDMz
|
||||
+MTE0MzM0NlowRDELMAkGA1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAx
|
||||
+HTAbBgNVBAMMFFRlc3QgUy9NSU1FIEVFIERIICMxMIIDQjCCAjUGByqGSM4+AgEw
|
||||
+ggIoAoIBAQCCyx9ZhD6HY5xgusGDrJZJ+FdTe9OxD/p9DQNKqoLyJ10TAUXuycoz
|
||||
+VqDAD4v1wsOAPH0TDOX9Ns87PXgTbd6DpSJtF1ZLW+1pklZs2m0cLl4raOe8CZGH
|
||||
+kSgia0wC40LAg/u/JZ6NAG2YSiFEtjbkf81lpvL0946LiHfHklMtSOkK3H9PkGB/
|
||||
+KrXMITRR2P1u78AzTvc2YL7iLlCu6mV2g6v4ieeWprywTaZ8gp3NBMjyuRJniGCQ
|
||||
+52jPfOvT32w/sBTIfUO+95u/eEHrTP4K+vTkVS3wLo5ypgrveRdALKvqkHe0qfNr
|
||||
+5VQRk2Pt6ReH35kjiUPLZCccgJr9h80hAoIBAE50cpgSJBYr9+5dj+fJJcXf/KX9
|
||||
+rttlBXyveUP+vbSm/oW443/IksO3oLMy1RaqtHTDBhtNrH7rSK6CDStKrMkgHsjT
|
||||
+YkZOU85vCdrVi3UZBz0GiYO/8kQ8aLeTe3LB7QB0kkkUgZ7etsnNxEkz9WQwohTv
|
||||
+GBHBFNDKDqWadP9BpNrFoDCYojit7GOZPQgteEiCO8D9xu0sEXT8ZdRqWcmkTfeM
|
||||
+Rojrzxt0LpT/vUKHGsBFmUN7kH4Hy9z2LJxBDrYYkV3LSAweuUQKBocNI7bbbOvP
|
||||
+ByUvHVMfJBrBmwIJI3vc3091njOH53zATNNvta+9S7L4zNsvbg8RtJyH8i4CHQCY
|
||||
+12PTXj6Ipxbqq4d1Q+AoUqnN/H9lAS46teXvA4IBBQACggEAJP4Vy6vcIa7jLa93
|
||||
+DWeT0pxe4zeYXxRWbvS7reLoZcBIhH253/QfXj+0UhcjtAa5A2X519anBuetUern
|
||||
+ecBmHO9vAj9F7J6feK+pUxE8cl793gmWzcGijMXCuRorW7GZ3XBTuQbWaJLtxB4a
|
||||
+rS54+CFMUfqR5coxGrraGPGjR9P6YCpJgWL74yxiQVzjEdwPLEz/0ehKeDkSvuj8
|
||||
+Ixe06fY0eA9sfxx7+4lm2Jhw7XaIfguo8mgrfWjBzkkT2mcAHss/fdKcXNYrg+A+
|
||||
+xgApPiyuy7S4YkQSsdV5Ns8UFttBCuojzEuWQ49fMZcv/rIHSHSxpbg2Sdka+d6h
|
||||
+wOQHK6NgMF4wDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBeAwHQYDVR0OBBYE
|
||||
+FLG7SOccVVRWmPw87GRrYH/NCegTMB8GA1UdIwQYMBaAFMmRUwpjexZbi71E8HaI
|
||||
+qSTm5bZsMA0GCSqGSIb3DQEBCwUAA4IBAQB9J2dIIbIAiB8ToXJcyO7HRPhdWC/Y
|
||||
+TE8cqeL+JiWNvIMB9fl2gOx6gj2h+yEr3lCpK/XDoWOs576UScS/vvs6fOjFHfkb
|
||||
+L4i9nHXD2KizXkM2hr9FzTRXd9c3XXLyB9t1z38qcpOMxoxAbnH8hWLQDPjFdArC
|
||||
+KWIqK/Vqxz4ZcIveM9GcVf78FU2DbQF4pwHjO9TsG7AbXiV4PXyJK75W5okAbZmQ
|
||||
+EmMmVXEJdXSOS4prP8DCW/LYJ5UddsVZba2BCHD3c1c2YTA4GsP3ZMoXvQoyj0L2
|
||||
+/xazs/AS373Of6H0s00itRTFABxve1I7kE5dQdc3oZjn6A/DbfjYUmr5
|
||||
-----END CERTIFICATE-----
|
||||
diff -up openssl-3.0.5/test/smime-certs/smdsa1.pem.0061 openssl-3.0.5/test/smime-certs/smdsa1.pem
|
||||
--- openssl-3.0.5/test/smime-certs/smdsa1.pem.0061 2022-09-02 14:17:15.326436618 +0200
|
||||
+++ openssl-3.0.5/test/smime-certs/smdsa1.pem 2022-09-02 14:17:15.346436795 +0200
|
||||
@@ -1,47 +1,47 @@
|
||||
-----BEGIN PRIVATE KEY-----
|
||||
-MIICXQIBADCCAjYGByqGSM44BAEwggIpAoIBAQCg5xGADjdINCKODDX6yq3w8vQ1
|
||||
-i0SuHnFvPc5gHMLIxJhDp3cLJ5eJmcHZ07WflsMgSxD2Wd5lX5Q9uxtv78/erv5t
|
||||
-4INbA4D+QSkxb4SWNurRBQj5LuoGhFMpCubDYSxiKkTJ4pmOEbsjnlGLiN5R1jAa
|
||||
-kOxI+l/rPAQlIUMCHSF6xXgd62fUdEAnRYj46Lgw+FWKAKNhcH7rOLA7k4JnYCLg
|
||||
-c9HnYvwxlpoV+SHi+QXSrcrtMBNCmIgIONI5uNuBnZq6jjHE/Wg1+D4wGxOZl+/S
|
||||
-8EP8eXSDD+1Sni2Jk38etU+laS0pVV9lh6sV3zV28YXVZl01CHUfwH+3w/XJAh0A
|
||||
-mkjrU1XrCahV9d78Rklpd4fK3K53+X5MeTgNLQKCAQEAoA32HKvIhx6wvmT9huaw
|
||||
-V6wj7hT99kjzQjZqbvLENW9bbAgOdPzZzusqZmZMgGdDr94oYz1/MhmAKNY4lQv7
|
||||
-ioJmtded5hhS6GDg3Oj4IYiJ9trAQ/ATrDrSi3sQAZ3Pvip7j4oljvsQBmAj3KKR
|
||||
-CnZ2/FeRyjSS3cUey89GE2N2DQbHEmuG/F8aDmUhLNusZm6nXs2Y1W7+kQRwswBL
|
||||
-5H4Oo6NaSUc8dl7HWEeWoS8BE7G4JFCXBQwwgInOJINyQlknxMSpv7dwxp32SgdL
|
||||
-QldkaQkHAEg0QqYb2Hv/xHfVhn9vTpGJQyWvnT5RvbXSGdTk1CTlZTrUAGmbHOwX
|
||||
-ygQeAhwE9yuqObvNXzUTN+PY2rg00PzdyJw3XJAUrmlY
|
||||
+MIICZQIBADCCAjkGByqGSM44BAEwggIsAoIBAQCQfLlNdehPnTrGIMhw4rk0uua6
|
||||
+k1nCG3zcyfXli17BdB2k0HBPaTA3a3ZHfOt1Awy0Uu0wZ3gdPr9z0I64hnJXIGou
|
||||
+zIanZ7nYRImHtX5JMFbXeyxo1Owd2Zs3oEk9nQUoUsMxvmYC/ghPL5Zx1pPxcHCO
|
||||
+wzWxoG4yZMjimXOc1/W7zvK/4/g/Cz9fItD3zdcydfgM/hK0/CeYQ21xfhqf4mjK
|
||||
+v9plnCcWgToGI+7H8VK80MFbkO2QKRz3vP1/TjK6PRm9sEeB5b10+SvGv2j2w+CC
|
||||
+0fXL4s6n7PtBlm/bww8xL1/Az8kwejUcII1Dc8uNwwISwGbwaGBvl7IHpm21AiEA
|
||||
+rodZi+nCKZdTL8IgCjX3n0DuhPRkVQPjz/B6VweLW9MCggEAfimkUNwnsGFp7mKM
|
||||
+zJKhHoQkMB1qJzyIHjDzQ/J1xjfoF6i27afw1/WKboND5eseZhlhA2TO5ZJB6nGx
|
||||
+DOE9lVQxYVml++cQj6foHh1TVJAgGl4mWuveW/Rz+NEhpK4zVeEsfMrbkBypPByy
|
||||
+xzF1Z49t568xdIo+e8jLI8FjEdXOIUg4ehB3NY6SL8r4oJ49j/sJWfHcDoWH/LK9
|
||||
+ZaBF8NpflJe3F40S8RDvM8j2HC+y2Q4QyKk1DXGiH+7yQLGWzr3M73kC3UBnnH0h
|
||||
+Hxb7ISDCT7dCw/lH1nCbVFBOM0ASI26SSsFSXQrvD2kryRcTZ0KkyyhhoPODWpU+
|
||||
+TQMsxQQjAiEAkolGvb/76X3vm5Ov09ezqyBYt9cdj/FLH7DyMkxO7X0=
|
||||
-----END PRIVATE KEY-----
|
||||
-----BEGIN CERTIFICATE-----
|
||||
-MIIFmjCCBIKgAwIBAgIUUoOmJmXAY29/2rWY0wJphQ5/pzUwDQYJKoZIhvcNAQEL
|
||||
+MIIFmzCCBIOgAwIBAgIUWGMqmBZZ1ykguVDk2Whn+2uKMA0wDQYJKoZIhvcNAQEL
|
||||
BQAwRDELMAkGA1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAxHTAbBgNV
|
||||
-BAMMFFRlc3QgUy9NSU1FIFJTQSBSb290MCAXDTIyMDYwMjE1MzMxNFoYDzIxMjIw
|
||||
-NTA5MTUzMzE0WjBFMQswCQYDVQQGEwJVSzEWMBQGA1UECgwNT3BlblNTTCBHcm91
|
||||
-cDEeMBwGA1UEAwwVVGVzdCBTL01JTUUgRUUgRFNBICMxMIIDQzCCAjYGByqGSM44
|
||||
-BAEwggIpAoIBAQCg5xGADjdINCKODDX6yq3w8vQ1i0SuHnFvPc5gHMLIxJhDp3cL
|
||||
-J5eJmcHZ07WflsMgSxD2Wd5lX5Q9uxtv78/erv5t4INbA4D+QSkxb4SWNurRBQj5
|
||||
-LuoGhFMpCubDYSxiKkTJ4pmOEbsjnlGLiN5R1jAakOxI+l/rPAQlIUMCHSF6xXgd
|
||||
-62fUdEAnRYj46Lgw+FWKAKNhcH7rOLA7k4JnYCLgc9HnYvwxlpoV+SHi+QXSrcrt
|
||||
-MBNCmIgIONI5uNuBnZq6jjHE/Wg1+D4wGxOZl+/S8EP8eXSDD+1Sni2Jk38etU+l
|
||||
-aS0pVV9lh6sV3zV28YXVZl01CHUfwH+3w/XJAh0AmkjrU1XrCahV9d78Rklpd4fK
|
||||
-3K53+X5MeTgNLQKCAQEAoA32HKvIhx6wvmT9huawV6wj7hT99kjzQjZqbvLENW9b
|
||||
-bAgOdPzZzusqZmZMgGdDr94oYz1/MhmAKNY4lQv7ioJmtded5hhS6GDg3Oj4IYiJ
|
||||
-9trAQ/ATrDrSi3sQAZ3Pvip7j4oljvsQBmAj3KKRCnZ2/FeRyjSS3cUey89GE2N2
|
||||
-DQbHEmuG/F8aDmUhLNusZm6nXs2Y1W7+kQRwswBL5H4Oo6NaSUc8dl7HWEeWoS8B
|
||||
-E7G4JFCXBQwwgInOJINyQlknxMSpv7dwxp32SgdLQldkaQkHAEg0QqYb2Hv/xHfV
|
||||
-hn9vTpGJQyWvnT5RvbXSGdTk1CTlZTrUAGmbHOwXygOCAQUAAoIBACGS7hCpTL0g
|
||||
-lx9C1Bwz5xfVd0mwCqx9UGiH8Bf4lRsSagL0Irwvnjz++WH1vecZa2bWsYsPhQ+D
|
||||
-KDzaCo20CYln4IFEPgY0fSE+KTF1icFj/mD+MgxWgsgKoTI120ENPGHqHpKkv0Uv
|
||||
-OlwTImU4BxxkctZ5273XEv3VPQE8COGnXgqt7NBazU/O7vibFm0iaEsVjHFHYcoo
|
||||
-+sMcm3F2E/gvR9IJGaGPeCk0sMW8qloPzErWIugx/OGqM7fni2cIcZwGdju52O+l
|
||||
-cLV0tZdgC7eTbVDMLspyuiYME+zvEzRwCQF/GqcCDSn68zxJv/zSNZ9XxOgZaBfs
|
||||
-Na7e8YGATiujYDBeMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgXgMB0GA1Ud
|
||||
-DgQWBBSFVrWPZrHzhHUg0MMEAAKwQIfsazAfBgNVHSMEGDAWgBQVwRMha+JVX6dq
|
||||
-HVcg1s/zqXNkWTANBgkqhkiG9w0BAQsFAAOCAQEAbm49FB+eyeX7OBUC/akhnkFw
|
||||
-cDXqw7Fl2OibRK+g/08zp4CruwJdb72j5+pTmG+9SF7tGyQBfHFf1+epa3ZiIc+0
|
||||
-UzFf2xQBMyHjesL19cTe4i176dHz8pCxx9OEow0GlZVV85+Anev101NskKVNNVA7
|
||||
-YnB2xKQWgf8HORh66XVCk54xMcd99ng8xQ8vhZC6KckVbheQgdPp7gUAcDgxH2Yo
|
||||
-JF8jHQlsWNcCGURDldP6FQ49TGWHj24IGjnjGapWxMUjvCz+kV6sGW/OIYu+MM9w
|
||||
-FMIOyEdUUtKowWT6eXwrITup3T6pspPTicbK61ZCPuxMvP2JBFGZsqat+F5g+w==
|
||||
+BAMMFFRlc3QgUy9NSU1FIFJTQSBSb290MB4XDTIyMDUyMzE0MjA0OFoXDTMyMDMz
|
||||
+MTE0MjA0OFowRTELMAkGA1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAx
|
||||
+HjAcBgNVBAMMFVRlc3QgUy9NSU1FIEVFIERTQSAjMTCCA0YwggI5BgcqhkjOOAQB
|
||||
+MIICLAKCAQEAkHy5TXXoT506xiDIcOK5NLrmupNZwht83Mn15YtewXQdpNBwT2kw
|
||||
+N2t2R3zrdQMMtFLtMGd4HT6/c9COuIZyVyBqLsyGp2e52ESJh7V+STBW13ssaNTs
|
||||
+HdmbN6BJPZ0FKFLDMb5mAv4ITy+WcdaT8XBwjsM1saBuMmTI4plznNf1u87yv+P4
|
||||
+Pws/XyLQ983XMnX4DP4StPwnmENtcX4an+Joyr/aZZwnFoE6BiPux/FSvNDBW5Dt
|
||||
+kCkc97z9f04yuj0ZvbBHgeW9dPkrxr9o9sPggtH1y+LOp+z7QZZv28MPMS9fwM/J
|
||||
+MHo1HCCNQ3PLjcMCEsBm8Ghgb5eyB6ZttQIhAK6HWYvpwimXUy/CIAo1959A7oT0
|
||||
+ZFUD48/welcHi1vTAoIBAH4ppFDcJ7Bhae5ijMySoR6EJDAdaic8iB4w80PydcY3
|
||||
+6Beotu2n8Nf1im6DQ+XrHmYZYQNkzuWSQepxsQzhPZVUMWFZpfvnEI+n6B4dU1SQ
|
||||
+IBpeJlrr3lv0c/jRIaSuM1XhLHzK25AcqTwcsscxdWePbeevMXSKPnvIyyPBYxHV
|
||||
+ziFIOHoQdzWOki/K+KCePY/7CVnx3A6Fh/yyvWWgRfDaX5SXtxeNEvEQ7zPI9hwv
|
||||
+stkOEMipNQ1xoh/u8kCxls69zO95At1AZ5x9IR8W+yEgwk+3QsP5R9Zwm1RQTjNA
|
||||
+EiNukkrBUl0K7w9pK8kXE2dCpMsoYaDzg1qVPk0DLMUDggEFAAKCAQAZdJAANu5E
|
||||
+hkGOJDo2KTBmX7EQMR98gTRFZu/B/W19bHDhm9qc792PLPkV487QAgkMEItSOv0P
|
||||
+faeSYgbUe7d1aBXzqSdCwzq4WIxLNj2eQkZk6UffDg0csTvymTvnFHWyDUwRmvjH
|
||||
++35r95r1jgBeSUQMJxoe2kwZ4DHdkCpIp5z7NA44DvclY/X+BgcZ1jJNClC3BFOy
|
||||
+HQaLmY452mgnS+k7zfFhsUJn5lkpfVFY6Ml7Y5AFG3Dvf2rWdGBrVUwsBP8sVJCx
|
||||
+ITcg6nyGJZuOeK3VITqrcgjZr9odkf/Hg7OzN+a1B+Z6u3Ld5BKrduBqN/EKxxyd
|
||||
+GNJst42JrNFIo2AwXjAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIF4DAdBgNV
|
||||
+HQ4EFgQU0dBhM47Fpn83rw6nGqMcq5q3DqwwHwYDVR0jBBgwFoAUyZFTCmN7FluL
|
||||
+vUTwdoipJObltmwwDQYJKoZIhvcNAQELBQADggEBAC3W5L4plRWiaX03PncMHnaL
|
||||
+sp48+2jJen4avzNpRZF/bTQ621x/KLWelbMzBTMxU6jtU1LwCvsiOTSenUZ6W5vq
|
||||
+TGy6nwkMUrBN0nHmymVz5v40VBLtc2/5xF9UBZ1GMnmYko+d7VHBD6qu4hpi6OD1
|
||||
+3Z2kxCRaZ87y3IbVnl6zqdqxDxKCj4Ca+TT6AApm/MYVwpuvCVmuXrBBvJYTFFeZ
|
||||
+2J90jHlQep2rAaZu41oiIlmQUEf9flV0iPYjj+Pqdzr9ovWVbqt7l1WKOBDYdzJW
|
||||
+fQ8TvFSExkDQsDc0nkkLIfJBFUFuOpNmODvq+Ac8AGUBnl/Z3pAV4KVnnobIXHw=
|
||||
-----END CERTIFICATE-----
|
||||
diff -up openssl-3.0.5/test/smime-certs/smdsa2.pem.0061 openssl-3.0.5/test/smime-certs/smdsa2.pem
|
||||
--- openssl-3.0.5/test/smime-certs/smdsa2.pem.0061 2022-09-02 14:17:15.332436671 +0200
|
||||
+++ openssl-3.0.5/test/smime-certs/smdsa2.pem 2022-09-02 14:17:15.347436804 +0200
|
||||
@@ -1,47 +1,47 @@
|
||||
-----BEGIN PRIVATE KEY-----
|
||||
-MIICXQIBADCCAjYGByqGSM44BAEwggIpAoIBAQCg5xGADjdINCKODDX6yq3w8vQ1
|
||||
-i0SuHnFvPc5gHMLIxJhDp3cLJ5eJmcHZ07WflsMgSxD2Wd5lX5Q9uxtv78/erv5t
|
||||
-4INbA4D+QSkxb4SWNurRBQj5LuoGhFMpCubDYSxiKkTJ4pmOEbsjnlGLiN5R1jAa
|
||||
-kOxI+l/rPAQlIUMCHSF6xXgd62fUdEAnRYj46Lgw+FWKAKNhcH7rOLA7k4JnYCLg
|
||||
-c9HnYvwxlpoV+SHi+QXSrcrtMBNCmIgIONI5uNuBnZq6jjHE/Wg1+D4wGxOZl+/S
|
||||
-8EP8eXSDD+1Sni2Jk38etU+laS0pVV9lh6sV3zV28YXVZl01CHUfwH+3w/XJAh0A
|
||||
-mkjrU1XrCahV9d78Rklpd4fK3K53+X5MeTgNLQKCAQEAoA32HKvIhx6wvmT9huaw
|
||||
-V6wj7hT99kjzQjZqbvLENW9bbAgOdPzZzusqZmZMgGdDr94oYz1/MhmAKNY4lQv7
|
||||
-ioJmtded5hhS6GDg3Oj4IYiJ9trAQ/ATrDrSi3sQAZ3Pvip7j4oljvsQBmAj3KKR
|
||||
-CnZ2/FeRyjSS3cUey89GE2N2DQbHEmuG/F8aDmUhLNusZm6nXs2Y1W7+kQRwswBL
|
||||
-5H4Oo6NaSUc8dl7HWEeWoS8BE7G4JFCXBQwwgInOJINyQlknxMSpv7dwxp32SgdL
|
||||
-QldkaQkHAEg0QqYb2Hv/xHfVhn9vTpGJQyWvnT5RvbXSGdTk1CTlZTrUAGmbHOwX
|
||||
-ygQeAhwmRauZi+nQ3kQ+GSKD7JCwv8XkD9NObMGlW018
|
||||
+MIICZAIBADCCAjkGByqGSM44BAEwggIsAoIBAQCQfLlNdehPnTrGIMhw4rk0uua6
|
||||
+k1nCG3zcyfXli17BdB2k0HBPaTA3a3ZHfOt1Awy0Uu0wZ3gdPr9z0I64hnJXIGou
|
||||
+zIanZ7nYRImHtX5JMFbXeyxo1Owd2Zs3oEk9nQUoUsMxvmYC/ghPL5Zx1pPxcHCO
|
||||
+wzWxoG4yZMjimXOc1/W7zvK/4/g/Cz9fItD3zdcydfgM/hK0/CeYQ21xfhqf4mjK
|
||||
+v9plnCcWgToGI+7H8VK80MFbkO2QKRz3vP1/TjK6PRm9sEeB5b10+SvGv2j2w+CC
|
||||
+0fXL4s6n7PtBlm/bww8xL1/Az8kwejUcII1Dc8uNwwISwGbwaGBvl7IHpm21AiEA
|
||||
+rodZi+nCKZdTL8IgCjX3n0DuhPRkVQPjz/B6VweLW9MCggEAfimkUNwnsGFp7mKM
|
||||
+zJKhHoQkMB1qJzyIHjDzQ/J1xjfoF6i27afw1/WKboND5eseZhlhA2TO5ZJB6nGx
|
||||
+DOE9lVQxYVml++cQj6foHh1TVJAgGl4mWuveW/Rz+NEhpK4zVeEsfMrbkBypPByy
|
||||
+xzF1Z49t568xdIo+e8jLI8FjEdXOIUg4ehB3NY6SL8r4oJ49j/sJWfHcDoWH/LK9
|
||||
+ZaBF8NpflJe3F40S8RDvM8j2HC+y2Q4QyKk1DXGiH+7yQLGWzr3M73kC3UBnnH0h
|
||||
+Hxb7ISDCT7dCw/lH1nCbVFBOM0ASI26SSsFSXQrvD2kryRcTZ0KkyyhhoPODWpU+
|
||||
+TQMsxQQiAiAdCUJ5n2Q9hIynN8BMpnRcdfH696BKejGx+2Mr2kfnnA==
|
||||
-----END PRIVATE KEY-----
|
||||
-----BEGIN CERTIFICATE-----
|
||||
-MIIFmjCCBIKgAwIBAgIUHGKu2FMhT1wCiJTK3uAnklo55uowDQYJKoZIhvcNAQEL
|
||||
+MIIFmzCCBIOgAwIBAgIUXgHGnvOCmrOH9biRq3yTCcDsliUwDQYJKoZIhvcNAQEL
|
||||
BQAwRDELMAkGA1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAxHTAbBgNV
|
||||
-BAMMFFRlc3QgUy9NSU1FIFJTQSBSb290MCAXDTIyMDYwMjE1MzMxNFoYDzIxMjIw
|
||||
-NTA5MTUzMzE0WjBFMQswCQYDVQQGEwJVSzEWMBQGA1UECgwNT3BlblNTTCBHcm91
|
||||
-cDEeMBwGA1UEAwwVVGVzdCBTL01JTUUgRUUgRFNBICMyMIIDQzCCAjYGByqGSM44
|
||||
-BAEwggIpAoIBAQCg5xGADjdINCKODDX6yq3w8vQ1i0SuHnFvPc5gHMLIxJhDp3cL
|
||||
-J5eJmcHZ07WflsMgSxD2Wd5lX5Q9uxtv78/erv5t4INbA4D+QSkxb4SWNurRBQj5
|
||||
-LuoGhFMpCubDYSxiKkTJ4pmOEbsjnlGLiN5R1jAakOxI+l/rPAQlIUMCHSF6xXgd
|
||||
-62fUdEAnRYj46Lgw+FWKAKNhcH7rOLA7k4JnYCLgc9HnYvwxlpoV+SHi+QXSrcrt
|
||||
-MBNCmIgIONI5uNuBnZq6jjHE/Wg1+D4wGxOZl+/S8EP8eXSDD+1Sni2Jk38etU+l
|
||||
-aS0pVV9lh6sV3zV28YXVZl01CHUfwH+3w/XJAh0AmkjrU1XrCahV9d78Rklpd4fK
|
||||
-3K53+X5MeTgNLQKCAQEAoA32HKvIhx6wvmT9huawV6wj7hT99kjzQjZqbvLENW9b
|
||||
-bAgOdPzZzusqZmZMgGdDr94oYz1/MhmAKNY4lQv7ioJmtded5hhS6GDg3Oj4IYiJ
|
||||
-9trAQ/ATrDrSi3sQAZ3Pvip7j4oljvsQBmAj3KKRCnZ2/FeRyjSS3cUey89GE2N2
|
||||
-DQbHEmuG/F8aDmUhLNusZm6nXs2Y1W7+kQRwswBL5H4Oo6NaSUc8dl7HWEeWoS8B
|
||||
-E7G4JFCXBQwwgInOJINyQlknxMSpv7dwxp32SgdLQldkaQkHAEg0QqYb2Hv/xHfV
|
||||
-hn9vTpGJQyWvnT5RvbXSGdTk1CTlZTrUAGmbHOwXygOCAQUAAoIBAE0+OYS0s8/o
|
||||
-HwuuiPsBZTlRynqdwF6FHdE0Ei2uVTxnJouPYB2HvaMioG2inbISzPtEcnLF9Pyx
|
||||
-4hsXz7D49yqyMFjE3G8ObBOs/Vdno6E9ZZshWiRDwPf8JmoYp551UuJDoVaOTnhx
|
||||
-pEs30nuidtqd54PMdWUQPfp58kTu6bXvcRxdUj5CK/PyjavJCnGfppq/6j8jtrji
|
||||
-mOjIIeLZIbWp7hTVS/ffmfqZ8Lx/ShOcUzDa0VS3lfO28XqXpeqbyHdojsYlG2oA
|
||||
-shKJL7/scq3ab8cI5QuHEIGSbxinKfjCX4OEQ04CNsgUwMY9emPSaNdYDZOPqq/K
|
||||
-3bGk2PLcRsyjYDBeMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgXgMB0GA1Ud
|
||||
-DgQWBBTQAQyUCqYWGo5RuwGCtHNgXgzEQzAfBgNVHSMEGDAWgBQVwRMha+JVX6dq
|
||||
-HVcg1s/zqXNkWTANBgkqhkiG9w0BAQsFAAOCAQEAc3rayE2FGgG1RhLXAHYAs1Ky
|
||||
-4fcVcrzaPaz5jjWbpBCStkx+gNcUiBf+aSxNrRvUoPOSwMDLpMhbNBj2cjJqQ0W1
|
||||
-oq4RUQth11qH89uPtBqiOqRTdlWAGZJbUTtVfrlc58DsDxFCwdcktSDYZwlO2lGO
|
||||
-vMCOn9N7oqEEuwRa++xVnYc8ZbY8lGwJD3bGR6iC7NkYk+2LSqPS52m8e0GO8dpf
|
||||
-RUrndbhmtsYa925dj2LlI218F3XwVcAUPW67dbpeEVw5OG8OCHRHqrwBEJj2PMV3
|
||||
-tHeNXDEhjTzI3wiFia4kDBAKIsrC/XQ4tEiFzq0V00BiVY0ykhy+v/qNPskTsg==
|
||||
+BAMMFFRlc3QgUy9NSU1FIFJTQSBSb290MB4XDTIyMDUyMzE0MjIyNloXDTMyMDMz
|
||||
+MTE0MjIyNlowRTELMAkGA1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAx
|
||||
+HjAcBgNVBAMMFVRlc3QgUy9NSU1FIEVFIERTQSAjMjCCA0YwggI5BgcqhkjOOAQB
|
||||
+MIICLAKCAQEAkHy5TXXoT506xiDIcOK5NLrmupNZwht83Mn15YtewXQdpNBwT2kw
|
||||
+N2t2R3zrdQMMtFLtMGd4HT6/c9COuIZyVyBqLsyGp2e52ESJh7V+STBW13ssaNTs
|
||||
+HdmbN6BJPZ0FKFLDMb5mAv4ITy+WcdaT8XBwjsM1saBuMmTI4plznNf1u87yv+P4
|
||||
+Pws/XyLQ983XMnX4DP4StPwnmENtcX4an+Joyr/aZZwnFoE6BiPux/FSvNDBW5Dt
|
||||
+kCkc97z9f04yuj0ZvbBHgeW9dPkrxr9o9sPggtH1y+LOp+z7QZZv28MPMS9fwM/J
|
||||
+MHo1HCCNQ3PLjcMCEsBm8Ghgb5eyB6ZttQIhAK6HWYvpwimXUy/CIAo1959A7oT0
|
||||
+ZFUD48/welcHi1vTAoIBAH4ppFDcJ7Bhae5ijMySoR6EJDAdaic8iB4w80PydcY3
|
||||
+6Beotu2n8Nf1im6DQ+XrHmYZYQNkzuWSQepxsQzhPZVUMWFZpfvnEI+n6B4dU1SQ
|
||||
+IBpeJlrr3lv0c/jRIaSuM1XhLHzK25AcqTwcsscxdWePbeevMXSKPnvIyyPBYxHV
|
||||
+ziFIOHoQdzWOki/K+KCePY/7CVnx3A6Fh/yyvWWgRfDaX5SXtxeNEvEQ7zPI9hwv
|
||||
+stkOEMipNQ1xoh/u8kCxls69zO95At1AZ5x9IR8W+yEgwk+3QsP5R9Zwm1RQTjNA
|
||||
+EiNukkrBUl0K7w9pK8kXE2dCpMsoYaDzg1qVPk0DLMUDggEFAAKCAQAi1CUW7S3s
|
||||
+zDUcdE667AotL4SHZY01k/3owtBPKA5WWqBolj7WYkvO+X/nUssfph7NfS3z1nYO
|
||||
+b/dI4kR02t1sgS21u7mvPKZfEWFzy5ohhkWFJPfyhDAk6MzzAWK0BARJ7r/0dmOR
|
||||
+7EypKrH+vloQpNosGKeoDUElEjvZKjX/V2/w/30Vq88AN2PxXt8BxxF4oRAqd+fA
|
||||
+DuaucP46UioUoWffAIaTxLDu1In2DqOAIj7MXCsqfbD7D6Ki386DGX3IwC0qYB3r
|
||||
+z0gBmvkY8+9XbLQo6iAKJRiBJNJrBmGv6uPIVq98jl0FbMyri0rH/MCLown7qEYm
|
||||
+MnyMehP0kA+Zo2AwXjAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIF4DAdBgNV
|
||||
+HQ4EFgQUZrHDTiSqm594ZkL5NMGrygydfKswHwYDVR0jBBgwFoAUyZFTCmN7FluL
|
||||
+vUTwdoipJObltmwwDQYJKoZIhvcNAQELBQADggEBADhpm4d9pgdWTiX1ci4qxOat
|
||||
+MK+eAc3y8dwjacwiTD94fFy+MFzItAI2msF+ILXDCYDUpFZpBjlCNRzMu/ETghJx
|
||||
+53g4Hg6ioYmtLcYIAFQVIz4skdgV8npztK3ZQMSN3dcateZBf8KaEdP+cRtQs4IW
|
||||
+Y+EAZ6Fve2j/kz1x/cmhSFQdWhhS+WzYUCY+FLWDXMuNLh7rDWy1t8VaRHLBU4TU
|
||||
+q6W/qDaN2e6dKrzjEkqUstdGZ+JAkAZ+6CIABEnHeco1dEQUU5Atry7djeRhY68r
|
||||
+us++ajRd6DLWXrD4KePyTYSPc7rAcbBBYSwe48cTxlPfKItTCrRXmWJHCCZ0UBA=
|
||||
-----END CERTIFICATE-----
|
||||
diff -up openssl-3.0.5/test/smime-certs/smdsa3.pem.0061 openssl-3.0.5/test/smime-certs/smdsa3.pem
|
||||
--- openssl-3.0.5/test/smime-certs/smdsa3.pem.0061 2022-09-02 14:17:15.334436689 +0200
|
||||
+++ openssl-3.0.5/test/smime-certs/smdsa3.pem 2022-09-02 14:17:15.348436813 +0200
|
||||
@@ -1,47 +1,47 @@
|
||||
-----BEGIN PRIVATE KEY-----
|
||||
-MIICXgIBADCCAjYGByqGSM44BAEwggIpAoIBAQCg5xGADjdINCKODDX6yq3w8vQ1
|
||||
-i0SuHnFvPc5gHMLIxJhDp3cLJ5eJmcHZ07WflsMgSxD2Wd5lX5Q9uxtv78/erv5t
|
||||
-4INbA4D+QSkxb4SWNurRBQj5LuoGhFMpCubDYSxiKkTJ4pmOEbsjnlGLiN5R1jAa
|
||||
-kOxI+l/rPAQlIUMCHSF6xXgd62fUdEAnRYj46Lgw+FWKAKNhcH7rOLA7k4JnYCLg
|
||||
-c9HnYvwxlpoV+SHi+QXSrcrtMBNCmIgIONI5uNuBnZq6jjHE/Wg1+D4wGxOZl+/S
|
||||
-8EP8eXSDD+1Sni2Jk38etU+laS0pVV9lh6sV3zV28YXVZl01CHUfwH+3w/XJAh0A
|
||||
-mkjrU1XrCahV9d78Rklpd4fK3K53+X5MeTgNLQKCAQEAoA32HKvIhx6wvmT9huaw
|
||||
-V6wj7hT99kjzQjZqbvLENW9bbAgOdPzZzusqZmZMgGdDr94oYz1/MhmAKNY4lQv7
|
||||
-ioJmtded5hhS6GDg3Oj4IYiJ9trAQ/ATrDrSi3sQAZ3Pvip7j4oljvsQBmAj3KKR
|
||||
-CnZ2/FeRyjSS3cUey89GE2N2DQbHEmuG/F8aDmUhLNusZm6nXs2Y1W7+kQRwswBL
|
||||
-5H4Oo6NaSUc8dl7HWEeWoS8BE7G4JFCXBQwwgInOJINyQlknxMSpv7dwxp32SgdL
|
||||
-QldkaQkHAEg0QqYb2Hv/xHfVhn9vTpGJQyWvnT5RvbXSGdTk1CTlZTrUAGmbHOwX
|
||||
-ygQfAh0AkfI6533W5nBIVrDPcp2DCXC8u2SIwBob6OoK5A==
|
||||
+MIICZQIBADCCAjkGByqGSM44BAEwggIsAoIBAQCQfLlNdehPnTrGIMhw4rk0uua6
|
||||
+k1nCG3zcyfXli17BdB2k0HBPaTA3a3ZHfOt1Awy0Uu0wZ3gdPr9z0I64hnJXIGou
|
||||
+zIanZ7nYRImHtX5JMFbXeyxo1Owd2Zs3oEk9nQUoUsMxvmYC/ghPL5Zx1pPxcHCO
|
||||
+wzWxoG4yZMjimXOc1/W7zvK/4/g/Cz9fItD3zdcydfgM/hK0/CeYQ21xfhqf4mjK
|
||||
+v9plnCcWgToGI+7H8VK80MFbkO2QKRz3vP1/TjK6PRm9sEeB5b10+SvGv2j2w+CC
|
||||
+0fXL4s6n7PtBlm/bww8xL1/Az8kwejUcII1Dc8uNwwISwGbwaGBvl7IHpm21AiEA
|
||||
+rodZi+nCKZdTL8IgCjX3n0DuhPRkVQPjz/B6VweLW9MCggEAfimkUNwnsGFp7mKM
|
||||
+zJKhHoQkMB1qJzyIHjDzQ/J1xjfoF6i27afw1/WKboND5eseZhlhA2TO5ZJB6nGx
|
||||
+DOE9lVQxYVml++cQj6foHh1TVJAgGl4mWuveW/Rz+NEhpK4zVeEsfMrbkBypPByy
|
||||
+xzF1Z49t568xdIo+e8jLI8FjEdXOIUg4ehB3NY6SL8r4oJ49j/sJWfHcDoWH/LK9
|
||||
+ZaBF8NpflJe3F40S8RDvM8j2HC+y2Q4QyKk1DXGiH+7yQLGWzr3M73kC3UBnnH0h
|
||||
+Hxb7ISDCT7dCw/lH1nCbVFBOM0ASI26SSsFSXQrvD2kryRcTZ0KkyyhhoPODWpU+
|
||||
+TQMsxQQjAiEArJr6p2zTbhRppQurHGTdmdYHqrDdZH4MCsD9tQCw1xY=
|
||||
-----END PRIVATE KEY-----
|
||||
-----BEGIN CERTIFICATE-----
|
||||
-MIIFmjCCBIKgAwIBAgIUO2QHMd9V/S6KlrFDIPd7asRP4FAwDQYJKoZIhvcNAQEL
|
||||
+MIIFmzCCBIOgAwIBAgIUMMzeluWS9FTgzFM2PCI6rSt0++QwDQYJKoZIhvcNAQEL
|
||||
BQAwRDELMAkGA1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAxHTAbBgNV
|
||||
-BAMMFFRlc3QgUy9NSU1FIFJTQSBSb290MCAXDTIyMDYwMjE1MzMxNFoYDzIxMjIw
|
||||
-NTA5MTUzMzE0WjBFMQswCQYDVQQGEwJVSzEWMBQGA1UECgwNT3BlblNTTCBHcm91
|
||||
-cDEeMBwGA1UEAwwVVGVzdCBTL01JTUUgRUUgRFNBICMzMIIDQzCCAjYGByqGSM44
|
||||
-BAEwggIpAoIBAQCg5xGADjdINCKODDX6yq3w8vQ1i0SuHnFvPc5gHMLIxJhDp3cL
|
||||
-J5eJmcHZ07WflsMgSxD2Wd5lX5Q9uxtv78/erv5t4INbA4D+QSkxb4SWNurRBQj5
|
||||
-LuoGhFMpCubDYSxiKkTJ4pmOEbsjnlGLiN5R1jAakOxI+l/rPAQlIUMCHSF6xXgd
|
||||
-62fUdEAnRYj46Lgw+FWKAKNhcH7rOLA7k4JnYCLgc9HnYvwxlpoV+SHi+QXSrcrt
|
||||
-MBNCmIgIONI5uNuBnZq6jjHE/Wg1+D4wGxOZl+/S8EP8eXSDD+1Sni2Jk38etU+l
|
||||
-aS0pVV9lh6sV3zV28YXVZl01CHUfwH+3w/XJAh0AmkjrU1XrCahV9d78Rklpd4fK
|
||||
-3K53+X5MeTgNLQKCAQEAoA32HKvIhx6wvmT9huawV6wj7hT99kjzQjZqbvLENW9b
|
||||
-bAgOdPzZzusqZmZMgGdDr94oYz1/MhmAKNY4lQv7ioJmtded5hhS6GDg3Oj4IYiJ
|
||||
-9trAQ/ATrDrSi3sQAZ3Pvip7j4oljvsQBmAj3KKRCnZ2/FeRyjSS3cUey89GE2N2
|
||||
-DQbHEmuG/F8aDmUhLNusZm6nXs2Y1W7+kQRwswBL5H4Oo6NaSUc8dl7HWEeWoS8B
|
||||
-E7G4JFCXBQwwgInOJINyQlknxMSpv7dwxp32SgdLQldkaQkHAEg0QqYb2Hv/xHfV
|
||||
-hn9vTpGJQyWvnT5RvbXSGdTk1CTlZTrUAGmbHOwXygOCAQUAAoIBAEj25Os9f57G
|
||||
-TaxsP8NzdCRBThCLqZWqLADh6S/aFOQQFpRRk3vGkvrOK/5La8KGKIDyzCEQo7Kg
|
||||
-sPwI1o4N5GKx15Cer2ekDWLtP4hA2CChs4tWJzEa8VxIDTg4EUnASFCbfDUY/Yt0
|
||||
-5NM4nxtBhnr6PT7XmRehEFaTAgmsQFJ29jKx4tJkr+Gmj9J4i10CPd9DvIgIEnNt
|
||||
-rYMAlfbGovaZVCgKp5INVA4IkDfCcbzDeNiOGaACeV+4QuEbgIbUhMq9vbw3Vvqe
|
||||
-jwozPdrTYjd7oNxx/tY7gqxFRFxdDPXPno230afsAJsHmNF7lpj9Q4vBhy8w/EI1
|
||||
-jGzuiXjei9qjYDBeMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgXgMB0GA1Ud
|
||||
-DgQWBBTwbCT+wSR9cvTg70jA2yIWgQSDZjAfBgNVHSMEGDAWgBQVwRMha+JVX6dq
|
||||
-HVcg1s/zqXNkWTANBgkqhkiG9w0BAQsFAAOCAQEAe5t9oi8K76y+wnV6I21vKgEh
|
||||
-M6DEe3+XTq10kAgYbcbMm+a6n86beaID7FANGET+3bsShxFeAX9g4Qsdw+Z3PF3P
|
||||
-wvqiBD8MaXczj28zP6j9TxsjGzpAsV3xo1n7aQ+hHzpopJUxAyx4hLBqSSwdj/xe
|
||||
-azELeVKoXY/nlokXnONWC5AvtfR7m7mKFPOmUghbeGCJH7+FXnC58eiF7BEpSbQl
|
||||
-SniAdQFis+Dne6/kwZnQQaSDg55ELfaZOLhaLcRtqqgU+kv24mXGGEBhs9bBKMz5
|
||||
-ZNiKLafE3tCGRA5iMRwzdeSgrdnkQDHFiYXh3JHk5oKwGOdxusgt3DTHAFej1A==
|
||||
+BAMMFFRlc3QgUy9NSU1FIFJTQSBSb290MB4XDTIyMDUyMzE0MjI0MloXDTMyMDMz
|
||||
+MTE0MjI0MlowRTELMAkGA1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAx
|
||||
+HjAcBgNVBAMMFVRlc3QgUy9NSU1FIEVFIERTQSAjMzCCA0YwggI5BgcqhkjOOAQB
|
||||
+MIICLAKCAQEAkHy5TXXoT506xiDIcOK5NLrmupNZwht83Mn15YtewXQdpNBwT2kw
|
||||
+N2t2R3zrdQMMtFLtMGd4HT6/c9COuIZyVyBqLsyGp2e52ESJh7V+STBW13ssaNTs
|
||||
+HdmbN6BJPZ0FKFLDMb5mAv4ITy+WcdaT8XBwjsM1saBuMmTI4plznNf1u87yv+P4
|
||||
+Pws/XyLQ983XMnX4DP4StPwnmENtcX4an+Joyr/aZZwnFoE6BiPux/FSvNDBW5Dt
|
||||
+kCkc97z9f04yuj0ZvbBHgeW9dPkrxr9o9sPggtH1y+LOp+z7QZZv28MPMS9fwM/J
|
||||
+MHo1HCCNQ3PLjcMCEsBm8Ghgb5eyB6ZttQIhAK6HWYvpwimXUy/CIAo1959A7oT0
|
||||
+ZFUD48/welcHi1vTAoIBAH4ppFDcJ7Bhae5ijMySoR6EJDAdaic8iB4w80PydcY3
|
||||
+6Beotu2n8Nf1im6DQ+XrHmYZYQNkzuWSQepxsQzhPZVUMWFZpfvnEI+n6B4dU1SQ
|
||||
+IBpeJlrr3lv0c/jRIaSuM1XhLHzK25AcqTwcsscxdWePbeevMXSKPnvIyyPBYxHV
|
||||
+ziFIOHoQdzWOki/K+KCePY/7CVnx3A6Fh/yyvWWgRfDaX5SXtxeNEvEQ7zPI9hwv
|
||||
+stkOEMipNQ1xoh/u8kCxls69zO95At1AZ5x9IR8W+yEgwk+3QsP5R9Zwm1RQTjNA
|
||||
+EiNukkrBUl0K7w9pK8kXE2dCpMsoYaDzg1qVPk0DLMUDggEFAAKCAQBxe+1+Il8h
|
||||
+nTCAak3vZl4asn2axRc7GjDvDd8Ns/yvyd9WQE1t+FryvHR5jp9REVVnMg53wQcY
|
||||
+rKlwfWBLp5k25x/OCwfWDmvlxFqExmaAZcEQGxauHYhoMbtVIq372CHPbsQqCMBA
|
||||
+LPIdAvkUImBHanty/RXhJGqCIAZiUnX3WTZa0s6xV3yRf/+OPWXxNSATtOqm5ISl
|
||||
+pLJDifMlE6llZmk3VHAWYJRFF7KQAFT83OKf/6tme9munxahdJcSrF4HiZKFFJof
|
||||
+nvEWckKlHAonipLa6EBPMloofu+7reTcON+1tIFWH7fZhfC0dz4EaOzxLZoO0Jbc
|
||||
+W0MDtnonwEjFo2AwXjAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIF4DAdBgNV
|
||||
+HQ4EFgQUwnFq0MQUIQUaXi6iJBDXTnQm71EwHwYDVR0jBBgwFoAUyZFTCmN7FluL
|
||||
+vUTwdoipJObltmwwDQYJKoZIhvcNAQELBQADggEBAJNW/oEmpz6jZ7EjUkHhxDXR
|
||||
+egsZVjBO+E2hPCciEoZaM6jIDYphrCVbdOOyy1RvLBv3SRblaECmInsRpCNwf5B5
|
||||
+OaGN3hdsvx23IKnLJ7EKDauIOGhkzCMWjO8tez48UL0Wgta0+TpuiOT+UBoKb9fw
|
||||
+f0f4ab9wD9pED7ghMKlwI6/oppS4PrhwYS2nwYwGXpmgu6QZDln/cgoU7cQV7r3J
|
||||
+deMCpKGPyS429B9mUxlggZYvvJOm35ZiI7UAcGhJWIUrdXBxqx3DQ3CSf75vGP87
|
||||
+2vn6ZoXRXSLfE48GpUtQzP6/gZti68vZrHdzKWTyZxMs4+PGoHrW5hbNDsghKDs=
|
||||
-----END CERTIFICATE-----
|
||||
diff -up openssl-3.0.5/test/smime-certs/smec1.pem.0061 openssl-3.0.5/test/smime-certs/smec1.pem
|
||||
--- openssl-3.0.5/test/smime-certs/smec1.pem.0061 2022-09-02 14:17:15.325436610 +0200
|
||||
+++ openssl-3.0.5/test/smime-certs/smec1.pem 2022-09-02 14:17:15.345436786 +0200
|
||||
@@ -1,22 +1,22 @@
|
||||
-----BEGIN PRIVATE KEY-----
|
||||
-MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgdOomk0EB/oWMnTZB
|
||||
-Qm5XMjlKnZNF4PMpwgov0Tj3u8OhRANCAATbG6XprSqHiD9AxWJiXRFgS+y38DGZ
|
||||
-7hpSjs4bd95L+Lli+O91/lUy7Tb8aJ6VU2CoyWQjV4sQjbdVqeD+y4Ky
|
||||
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgXzBRX9Z5Ib4LAVAS
|
||||
+DMlYvkj0SmLmYvWULe2LfyXRmpWhRANCAAS+SIj2FY2DouPRuNDp9WVpsqef58tV
|
||||
+3gIwV0EOV/xyYTzZhufZi/aBcXugWR1x758x4nHus2uEuEFi3Mr3K3+x
|
||||
-----END PRIVATE KEY-----
|
||||
-----BEGIN CERTIFICATE-----
|
||||
-MIICrTCCAZWgAwIBAgIUdLT4B443vbxt0B8Mzy0sR4+6AyowDQYJKoZIhvcNAQEL
|
||||
+MIICqzCCAZOgAwIBAgIUZsuXIOmILju0nz1jVSgag5GrPyMwDQYJKoZIhvcNAQEL
|
||||
BQAwRDELMAkGA1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAxHTAbBgNV
|
||||
-BAMMFFRlc3QgUy9NSU1FIFJTQSBSb290MCAXDTIyMDYwMjE1MzMxNFoYDzIxMjIw
|
||||
-NTA5MTUzMzE0WjBEMQswCQYDVQQGEwJVSzEWMBQGA1UECgwNT3BlblNTTCBHcm91
|
||||
-cDEdMBsGA1UEAwwUVGVzdCBTL01JTUUgRUUgRUMgIzEwWTATBgcqhkjOPQIBBggq
|
||||
-hkjOPQMBBwNCAATbG6XprSqHiD9AxWJiXRFgS+y38DGZ7hpSjs4bd95L+Lli+O91
|
||||
-/lUy7Tb8aJ6VU2CoyWQjV4sQjbdVqeD+y4Kyo2AwXjAMBgNVHRMBAf8EAjAAMA4G
|
||||
-A1UdDwEB/wQEAwIF4DAdBgNVHQ4EFgQUOia9H7l0qw3ftsDgEEeSBrHwQrwwHwYD
|
||||
-VR0jBBgwFoAUFcETIWviVV+nah1XINbP86lzZFkwDQYJKoZIhvcNAQELBQADggEB
|
||||
-AC7h/QkMocYANPqMQAO2okygG+OaE4qpKnlzHPUFMYedJGCvAWrwxu4hWL9T+hZo
|
||||
-qilM7Fwaxw/P4Zaaa15SOOhXkIdn9Fu2ROmBQtEiklmWGMjiZ6F+9NCZPk0cTAXK
|
||||
-2WQZOy41YNuvts+20osD4X/8x3fiARlokufj/TVyE73wG8pSSDh4KxWDfKv5Pi1F
|
||||
-PC5IJh8XVELnFkeY3xjtoux5AYT+1xIQHO4eBua02Y1oPiWG7l/sK3grVlxrupd9
|
||||
-pXowwFlezWZP9q12VlWkcqwNb9hF9PkZge9bpiOJipSYgyobtAnms/CRHu3e6izl
|
||||
-LJRua7p4Wt/8GQENDrVkHqU=
|
||||
+BAMMFFRlc3QgUy9NSU1FIFJTQSBSb290MB4XDTIyMDUyMzE0MjUyNFoXDTMyMDMz
|
||||
+MTE0MjUyNFowRDELMAkGA1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAx
|
||||
+HTAbBgNVBAMMFFRlc3QgUy9NSU1FIEVFIEVDICMxMFkwEwYHKoZIzj0CAQYIKoZI
|
||||
+zj0DAQcDQgAEvkiI9hWNg6Lj0bjQ6fVlabKnn+fLVd4CMFdBDlf8cmE82Ybn2Yv2
|
||||
+gXF7oFkdce+fMeJx7rNrhLhBYtzK9yt/saNgMF4wDAYDVR0TAQH/BAIwADAOBgNV
|
||||
+HQ8BAf8EBAMCBeAwHQYDVR0OBBYEFH/JvELYMj4nJ2HHUUyA9sxOYvNHMB8GA1Ud
|
||||
+IwQYMBaAFMmRUwpjexZbi71E8HaIqSTm5bZsMA0GCSqGSIb3DQEBCwUAA4IBAQCp
|
||||
+sSEupiqT7S6oPS/5qtRF6POyxmhkH/Eh+RJitOODutxneJh+NdDqAQAOCexqcsF9
|
||||
+1BH9hB/H6b3mS4CbcRG6R/EwzqMPUgy8OYXTrqWI9jzMKGyrBo59QFfGrwP1h8hj
|
||||
+weVOVQU1iOloWPOfvMHehjX1Wt79/6BMMBvw+2qXXLAw2xpLFa4lU6HSoTiwoS5R
|
||||
+mimrHnZ9tQZb54bsvdrW84kV3u1FIQ5G7jAduu97Wfr3eZGaJhW1MZLeoL7Z4Usy
|
||||
+hRd2TJ6bZanb+wUJBcHOeW5ETj9MPtPsGIp8vETmY5XDm4UlX6tp4gAe4oeoIXFQ
|
||||
+V5ASvNRiGWIJK5XF+zRY
|
||||
-----END CERTIFICATE-----
|
||||
diff -up openssl-3.0.5/test/smime-certs/smec2.pem.0061 openssl-3.0.5/test/smime-certs/smec2.pem
|
||||
--- openssl-3.0.5/test/smime-certs/smec2.pem.0061 2022-09-02 14:17:15.330436654 +0200
|
||||
+++ openssl-3.0.5/test/smime-certs/smec2.pem 2022-09-02 14:17:15.347436804 +0200
|
||||
@@ -1,23 +1,23 @@
|
||||
-----BEGIN PRIVATE KEY-----
|
||||
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAEkuzLBwx5bIw3Q2PMNQ
|
||||
-HzaY8yL3QLjzaJ8tCHrI/JTb9Q7VoUwDSgAEAu8b2HvLzKd0qhPtIw65Lh3OgF3X
|
||||
-IN5874qHwt9zPSvokijSAH3v9tcBJPdRLD3Lweh2ZPn5hMwVwVorHqSgASk5vnjp
|
||||
-HqER
|
||||
+MIGPAgEAMBAGByqGSM49AgEGBSuBBAAQBHgwdgIBAQQjhHaq507MOBznelrLG/pl
|
||||
+brnnJi/iEJUUp+Pm3PEiteXqckmhTANKAAQF2zs6vobmoT+M+P2+9LZ7asvFBNi7
|
||||
+uCzLYF/8j1Scn/spczoC9vNzVhNw+Lg7dnjNL4EDIyYZLl7E0v69luzbvy+q44/8
|
||||
+6bQ=
|
||||
-----END PRIVATE KEY-----
|
||||
-----BEGIN CERTIFICATE-----
|
||||
-MIICsjCCAZqgAwIBAgIUFMjrNKt+D8tzvn7jtjZ5HrLcUlswDQYJKoZIhvcNAQEL
|
||||
+MIICsDCCAZigAwIBAgIUWJSICrM9ZdmN6/jF/PoKng63XR0wDQYJKoZIhvcNAQEL
|
||||
BQAwRDELMAkGA1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAxHTAbBgNV
|
||||
-BAMMFFRlc3QgUy9NSU1FIFJTQSBSb290MCAXDTIyMDYwMjE1MzMxNFoYDzIxMjIw
|
||||
-NTA5MTUzMzE0WjBEMQswCQYDVQQGEwJVSzEWMBQGA1UECgwNT3BlblNTTCBHcm91
|
||||
-cDEdMBsGA1UEAwwUVGVzdCBTL01JTUUgRUUgRUMgIzIwXjAQBgcqhkjOPQIBBgUr
|
||||
-gQQAEANKAAQC7xvYe8vMp3SqE+0jDrkuHc6AXdcg3nzviofC33M9K+iSKNIAfe/2
|
||||
-1wEk91EsPcvB6HZk+fmEzBXBWisepKABKTm+eOkeoRGjYDBeMAwGA1UdEwEB/wQC
|
||||
-MAAwDgYDVR0PAQH/BAQDAgXgMB0GA1UdDgQWBBSqWRYUy2syIUwfSR31e19LeNXK
|
||||
-9TAfBgNVHSMEGDAWgBQVwRMha+JVX6dqHVcg1s/zqXNkWTANBgkqhkiG9w0BAQsF
|
||||
-AAOCAQEASbh+sI03xUMMzPT8bRbWNF5gG3ab8IUzqm05rTa54NCPRSn+ZdMXcCFz
|
||||
-5fSU0T1dgEjeD+cCRVAZxskTZF7FWmRLc2weJMf7x+nPE5KaWyRAoD7FIKGP2m6m
|
||||
-IMCVOmiafuzmHASBYOz6RwjgWS0AWES48DJX6o0KpuT4bsknz+H7Xo+4+NYGCRao
|
||||
-enqIMZmWesGVXJ63pl32jUlXeAg59W6PpV2L9XRWLzDW1t1q2Uji7coCWtNjkojZ
|
||||
-rv0yRMc1czkT+mAJRAJ8D9MoTnRXm1dH4bOxte4BGUHNQ2P1HeV01vkd1RTL0g0R
|
||||
-lPyDAlBASvMn7RZ9nX8G3UOOL6gtVA==
|
||||
+BAMMFFRlc3QgUy9NSU1FIFJTQSBSb290MB4XDTIyMDUyMzE0MjgxOVoXDTMyMDMz
|
||||
+MTE0MjgxOVowRDELMAkGA1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAx
|
||||
+HTAbBgNVBAMMFFRlc3QgUy9NSU1FIEVFIEVDICMyMF4wEAYHKoZIzj0CAQYFK4EE
|
||||
+ABADSgAEBds7Or6G5qE/jPj9vvS2e2rLxQTYu7gsy2Bf/I9UnJ/7KXM6Avbzc1YT
|
||||
+cPi4O3Z4zS+BAyMmGS5exNL+vZbs278vquOP/Om0o2AwXjAMBgNVHRMBAf8EAjAA
|
||||
+MA4GA1UdDwEB/wQEAwIF4DAdBgNVHQ4EFgQUZ/5BJCWQ3bQ+w03vH6OZAgkENxcw
|
||||
+HwYDVR0jBBgwFoAUyZFTCmN7FluLvUTwdoipJObltmwwDQYJKoZIhvcNAQELBQAD
|
||||
+ggEBACMGL6tuV/1lfrnx7TN/CnWdLEp55AlmzJ3MT9dXSOO1/df/fO3uAiiBNMyQ
|
||||
+Rcf4vOeBZEk/Xq6GIaAbuuT5ECg50uopEGjUDR9sRWC5yiw2CRQ5ZWTcqMapv+E5
|
||||
+7/1/tpaVHy+ZkJpbTV6O9gogEPy6uoft+tsel6NFoAj9ulkjuX9TortkVGPTfedd
|
||||
+oevI32G3z4L4Gv1PCZvFMwEIiAuFDZBbD86gw7rH4BNihRujJRhpnxeRu8zJYB60
|
||||
+cNeR2N7humdUy5uZnj6YHy3g2j0EDKOITHydIvL1KkSlihQrxEX5kMRr9RWRyFXJ
|
||||
+/UfNk+5Y3g5Mm642MLvjBEUqurw=
|
||||
-----END CERTIFICATE-----
|
||||
diff -up openssl-3.0.5/test/smime-certs/smroot.pem.0061 openssl-3.0.5/test/smime-certs/smroot.pem
|
||||
--- openssl-3.0.5/test/smime-certs/smroot.pem.0061 2022-09-02 14:17:15.329436645 +0200
|
||||
+++ openssl-3.0.5/test/smime-certs/smroot.pem 2022-09-02 14:17:15.346436795 +0200
|
||||
@@ -1,49 +1,49 @@
|
||||
-----BEGIN PRIVATE KEY-----
|
||||
-MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDZLSl8LdU54OUA
|
||||
-T8ctFuKLShJul2IMzaEDkFLoL4agccajgvsRxW+8vbc2Re0y1mVMvfNz7Cg5a7Ke
|
||||
-iSuFJOrQtvDt+HkU5c706YDmw15mBpDSHapkXr80G/ABFbstWafOfagVW45wv65K
|
||||
-H4cnpcqwrLhagmC8QG0KfWbf+Z2efOxaGu/dTNA3Cnq/BQGTdlkQ28xbrvd+Ubzg
|
||||
-cY4Y/hJ7Fw1/IeEhgr/iVJhQIUAklp9B+xqDfWuxIt5mNwWWh/Lfk+UxqE99EhQR
|
||||
-0YZWyIKfKzbeJLBzDqY2hQzVL6kAvY9cR1WbBItTA0G2F5qZ9B/3EHEFWZMBvobt
|
||||
-+UTEkuBdAgMBAAECggEAF3Eagz7nPyIZVdlGpIVN2r8aEjng6YTglmPjrxBCNdtS
|
||||
-F6AxvY9UKklIF2Gg4tXlhU0TlDWvedM4Koif2/VKK1Ez3FvvpePQXPs/YKlB7T1U
|
||||
-MHnnRII9nUBOva88zv5YcJ97nyKM03q9M18H1a29nShnlc1w56EEpBc5HX/yFYMv
|
||||
-kMYydvB5j0DQkJlkQNFn4yRag0wIIPeyXwwh5l98SMlr40hO10OYTOQPrrgP/ham
|
||||
-AOZ//DvGo5gF8hGJYoqG4vcYbxRfTqbc2lQ4XRknOT182l9gRum52ahkBY6LKb4r
|
||||
-IZXPStS6fCAR5S0lcdBb3uN/ap9SUfb9w/Dhj5DZAQKBgQDr06DcsBpoGV2dK9ib
|
||||
-YL5MxC5JL7G79IBPi3ThRiOSttKXv3oDAFB0AlJvFKwYmVz8SxXqQ2JUA4BfvMGF
|
||||
-TNrbhukzo0ou5boExnQW/RjLN3fWVq1JM7iLbNU9YYpPCIG5LXrt4ZDOwITeGe8f
|
||||
-bmZK9zxWxc6BBJtc3mTFS5tm4QKBgQDrwRyEn6oZ9TPbR69fPgWvDqQwKs+6TtYn
|
||||
-0otMG9UejbSMcyU4sI+bZouoca2CzoNi2qZVIvI9aOygUHQAP7Dyq1KhsvYtzJub
|
||||
-KEua379WnzBMMjJ56Q/e4aKTq229QvOk+ZEYl6aklZX7xnYetYNZQrp4QzUyOQTG
|
||||
-gfxgxKi0/QKBgQCy1esAUJ/F366JOS3rLqNBjehX4c5T7ae8KtJ433qskO4E29TI
|
||||
-H93jC7u9txyHDw5f2QUGgRE5Cuq4L2lGEDFMFvQUD7l69QVrB6ATqt25hhffuB1z
|
||||
-DMDfIqpXAPgk1Rui9SVq7gqlb4OS9nHLESqLoQ/l8d2XI4o6FACxSZPQoQKBgQCR
|
||||
-8AvwSUoqIXDFaB22jpVEJYMb0hSfFxhYtGvIZF5MOJowa0L6UcnD//mp/xzSoXYR
|
||||
-pppaj3R28VGxd7wnP0YRIl7XfAoKleMpbAtJRwKR458pO9WlQ9GwPeq/ENqw0xYx
|
||||
-5M+d8pqUvYiHv/X00pYJllYKBkiS21sKawLJAFQTHQKBgQCJCwVHxvxkdQ8G0sU2
|
||||
-Vtv2W38hWOSg5+cxa+g1W6My2LhX34RkgKzuaUpYMlWGHzILpxIxhPrVLk1ZIjil
|
||||
-GIP969XJ1BjB/kFtLWdxXG8tH1If3JgzfSHUofPHF3CENoJYEZ1ugEfIPzWPZJDI
|
||||
-DL5zP8gmBL9ZAOO/J9YacxWYMQ==
|
||||
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCyyQXED5HyVWwq
|
||||
+nXyzmY317yMUJrIfsKvREG2C691dJNHgNg+oq5sjt/fzkyS84AvdOiicAsao4cYL
|
||||
+DulthaLpbC7msEBhvwAil0FNb5g3ERupe1KuTdUV1UuD/i6S2VoaNXUBBn1rD9Wc
|
||||
+BBc0lnx/4Wt92eQTI6925pt7ZHPQw2Olp7TQDElyi5qPxCem4uT0g3zbZsWqmmsI
|
||||
+MXbu+K3dEprzqA1ucKXbxUmZNkMwVs2XCmlLxrRUj8C3/zENtH17HWCznhR/IVcV
|
||||
+kgIuklkeiDsEhbWvUQumVXR7oPh/CPZAbjGqq5mVueHSHrp7brBVZKHZvoUka28Q
|
||||
+LWitq1W5AgMBAAECggEASkRnOMKfBeOmQy2Yl6K57eeg0sYgSDnDpd0FINWJ5x9c
|
||||
+b58FcjOXBodtYKlHIY6QXx3BsM0WaSEge4d+QBi7S+u8r+eXVwNYswXSArDQsk9R
|
||||
+Bl5MQkvisGciL3pvLmFLpIeASyS/BLJXMbAhU58PqK+jT2wr6idwxBuXivJ3ichu
|
||||
+ISdT1s2aMmnD86ulCD2DruZ4g0mmk5ffV+Cdj+WWkyvEaJW2GRYov2qdaqwSOxV4
|
||||
+Yve9qStvEIWAf2cISQjbnw2Ww6Z5ebrqlOz9etkmwIly6DTbrIneBnoqJlFFWGlF
|
||||
+ghuzc5RE2w1GbcKSOt0qXH44MTf/j0r86dlu7UIxgQKBgQDq0pEaiZuXHi9OQAOp
|
||||
+PsDEIznCU1bcTDJewANHag5DPEnMKLltTNyLaBRulMypI+CrDbou0nDr29VOzfXx
|
||||
+mNvi/c7RttOBOx7kXKvu0JUFKe2oIWRsg0KsyMX7UFMVaHFgrW+8DhQc7HK7URiw
|
||||
+nitOnA7YwIHRF9BMmcWcLFEYBQKBgQDC6LPbXV8COKO0YCfGXPnE7EZGD/p0Q92Z
|
||||
+8CoSefphEScSdO1IpxFXG7fOZ4x2GQb9q7D3IvaeKAqNjUjkuyxdB30lIWDBwSWw
|
||||
+fFgsa2SZwD5P60G/ar50YJr6LiF333aUMDVmC9swFfZERAEmGUz2NTrPWQdIx/lu
|
||||
+PyDtUR75JQKBgHaoCCJ8vl5SJl1IA5GV4Bo8IoeLTSzsY9d09zMy6BoZcMD1Ix2T
|
||||
+5S2cXhayoegl9PT6bsYSGHVWFCdJ86ktMI826TcXRzDaCvYhzc9THroJQcnfdbtP
|
||||
+aHWezkv7fsAmkoPjn75K7ubeo+r7Q5qbkg6a1PW58N8TRXIvkackzaVxAoGBALAq
|
||||
+qh3U+AHG9dgbrPeyo6KkuCOtX39ks8/mbfCDRZYkbb9V5f5r2tVz3R93IlK/7jyr
|
||||
+yWimtmde46Lrl33922w+T5OW5qBZllo9GWkUrDn3s5qClcuQjJIdmxYTSfbSCJiK
|
||||
+NkmE39lHkG5FVRB9f71tgTlWS6ox7TYDYxx83NTtAoGAUJPAkGt4yGAN4Pdebv53
|
||||
+bSEpAAULBHntiqDEOu3lVColHuZIucml/gbTpQDruE4ww4wE7dOhY8Q4wEBVYbRI
|
||||
+vHkSiWpJUvZCuKG8Foh5pm9hU0qb+rbQV7NhLJ02qn1AMGO3F/WKrHPPY8/b9YhQ
|
||||
+KfvPCYimQwBjVrEnSntLPR0=
|
||||
-----END PRIVATE KEY-----
|
||||
-----BEGIN CERTIFICATE-----
|
||||
-MIIDezCCAmOgAwIBAgIUBxh2L3ItsVPuBogDI0WfUX1lFnMwDQYJKoZIhvcNAQEL
|
||||
+MIIDeTCCAmGgAwIBAgIUF/2lFo3fH3uYuFalQVSIFqcYtd4wDQYJKoZIhvcNAQEL
|
||||
BQAwRDELMAkGA1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAxHTAbBgNV
|
||||
-BAMMFFRlc3QgUy9NSU1FIFJTQSBSb290MCAXDTIyMDYwMjE1MzMxM1oYDzIxMjIw
|
||||
-NTEwMTUzMzEzWjBEMQswCQYDVQQGEwJVSzEWMBQGA1UECgwNT3BlblNTTCBHcm91
|
||||
-cDEdMBsGA1UEAwwUVGVzdCBTL01JTUUgUlNBIFJvb3QwggEiMA0GCSqGSIb3DQEB
|
||||
-AQUAA4IBDwAwggEKAoIBAQDZLSl8LdU54OUAT8ctFuKLShJul2IMzaEDkFLoL4ag
|
||||
-ccajgvsRxW+8vbc2Re0y1mVMvfNz7Cg5a7KeiSuFJOrQtvDt+HkU5c706YDmw15m
|
||||
-BpDSHapkXr80G/ABFbstWafOfagVW45wv65KH4cnpcqwrLhagmC8QG0KfWbf+Z2e
|
||||
-fOxaGu/dTNA3Cnq/BQGTdlkQ28xbrvd+UbzgcY4Y/hJ7Fw1/IeEhgr/iVJhQIUAk
|
||||
-lp9B+xqDfWuxIt5mNwWWh/Lfk+UxqE99EhQR0YZWyIKfKzbeJLBzDqY2hQzVL6kA
|
||||
-vY9cR1WbBItTA0G2F5qZ9B/3EHEFWZMBvobt+UTEkuBdAgMBAAGjYzBhMB0GA1Ud
|
||||
-DgQWBBQVwRMha+JVX6dqHVcg1s/zqXNkWTAfBgNVHSMEGDAWgBQVwRMha+JVX6dq
|
||||
-HVcg1s/zqXNkWTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjANBgkq
|
||||
-hkiG9w0BAQsFAAOCAQEAvdAmpDPi1Wt7Hk30dXKF7Ug6MUKETi+uoO1Suo9JhNko
|
||||
-/cpvoi8fbo/dnWVDfHVoItEn644Svver5UJdKJY62DvhilpCtAywYfCpgxkpKoKE
|
||||
-dnpjnRBSMcbVDImsqvf1YjzFKiOiD7kcVvz4V0NZY91ZWwu3vgaSvcTJQkpWN0a+
|
||||
-LWanpVKqigl8nskttnBeiHDHGebxj3hawlIdtVlkbQwLLwlVkX99x1F73uS33IzB
|
||||
-Y6+ZJ2is7mD839B8fOVd9pvPvBBgahIrw5tzJ/Q+gITuVQd9E6RVXh10/Aw+i/8S
|
||||
-7tHpEUgP3hBk1P+wRQBWDxbHB28lE+41jvh3JObQWQ==
|
||||
+BAMMFFRlc3QgUy9NSU1FIFJTQSBSb290MB4XDTIyMDUyMzE0MDE1MloXDTMyMDUy
|
||||
+MDE0MDE1MlowRDELMAkGA1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAx
|
||||
+HTAbBgNVBAMMFFRlc3QgUy9NSU1FIFJTQSBSb290MIIBIjANBgkqhkiG9w0BAQEF
|
||||
+AAOCAQ8AMIIBCgKCAQEAsskFxA+R8lVsKp18s5mN9e8jFCayH7Cr0RBtguvdXSTR
|
||||
+4DYPqKubI7f385MkvOAL3ToonALGqOHGCw7pbYWi6Wwu5rBAYb8AIpdBTW+YNxEb
|
||||
+qXtSrk3VFdVLg/4uktlaGjV1AQZ9aw/VnAQXNJZ8f+FrfdnkEyOvduabe2Rz0MNj
|
||||
+pae00AxJcouaj8QnpuLk9IN822bFqpprCDF27vit3RKa86gNbnCl28VJmTZDMFbN
|
||||
+lwppS8a0VI/At/8xDbR9ex1gs54UfyFXFZICLpJZHog7BIW1r1ELplV0e6D4fwj2
|
||||
+QG4xqquZlbnh0h66e26wVWSh2b6FJGtvEC1oratVuQIDAQABo2MwYTAdBgNVHQ4E
|
||||
+FgQUyZFTCmN7FluLvUTwdoipJObltmwwHwYDVR0jBBgwFoAUyZFTCmN7FluLvUTw
|
||||
+doipJObltmwwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZI
|
||||
+hvcNAQELBQADggEBAFUbNCqSA5JTIk4wkLiDxs6sGVgSGS/XyFurT5WtyLwR6eiN
|
||||
+r1Osq3DrF1805xzOjFfk3yYk2ctMMMXVEfXZavfNWgGSyUi6GrS+X1+y5snMpP7Z
|
||||
+tFlb7iXxiSn5lUE1IS3y9bAlWUwTnOwdX2RuALVAzQ6oAvGIIOhb7FTkMqwsQBDx
|
||||
+kBA9sgdCKv4d7zgFGdDMh1PGuia7+ZPWS9Nt3+WfRKzy4cf2p8+FTWkv1z7PtCSo
|
||||
+bZySoXgav6WYGdA0VZY29HzVWC5d/LwSkeJr7pw09UjXBPnrDHbJRa+4JpwwsMT2
|
||||
+b1E+cp36aagmQW97e8dCf3VzZWcD2bNJ9QM59d8=
|
||||
-----END CERTIFICATE-----
|
||||
diff -up openssl-3.0.5/test/smime-certs/smrsa1.pem.0061 openssl-3.0.5/test/smime-certs/smrsa1.pem
|
||||
--- openssl-3.0.5/test/smime-certs/smrsa1.pem.0061 2022-09-02 14:17:15.328436636 +0200
|
||||
+++ openssl-3.0.5/test/smime-certs/smrsa1.pem 2022-09-02 14:17:15.346436795 +0200
|
||||
@@ -1,49 +1,49 @@
|
||||
-----BEGIN PRIVATE KEY-----
|
||||
-MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDax3T7alefZcbm
|
||||
-CcdN0kEoBLwV8H25vre43RYjuPo64TBjeKUy27ayC1TXydF1eYm3HPrFYfkS0fZ6
|
||||
-YK0xvwyxiQnesvcfnVe2fpXFPsl5RQvu1JKM7rJAuLC+YTRLez07IHhQnHQ25ZkR
|
||||
-+B4SL5mIhuOSJ9yyFJYJQ3Kdw/aX/jtnWVR8p3FyghJptWIm90ufW4xWFY0yNSW1
|
||||
-KmkZuOWF7VPh5RC1C7woB/RHhyD2gOP7tF+eDJ/QbX4iki4gPRFHuNrSV8ZpvDkI
|
||||
-qqyF5BW8tyJneDkoWW8IuEpmNIzfbOCHvI6y7roeAmRrwH4/o5WxaEIsnQ/3pNvj
|
||||
-n6+vA+nfAgMBAAECggEAFR5MHQQYCYjDXoDoI7YdgwA+AFIoGLjKYZu5yjX4tZv3
|
||||
-gJ/si7sTaMlY5cGTU1HUPirxIVeCjv4Eha31BJ3KsGJ9jj6Gm0nOuzd/O+ctKeRv
|
||||
-2/HaDvpFlk4dsCrlkjmxteuS9u5l9hygniWYutcBwjY0cRnMScZcm0VO+DVVMDj0
|
||||
-9yNrFzhlmqV+ckawjK/J91r0uvnCVIsGA6akhlc5K0gwvFb/CC1WuceEeGx/38k3
|
||||
-4OuiHtLyJfIlgyGD8C3QfJlMOBHeQ/DCo6GMqrOAad/chtcO7JklcJ+k2qylP2gu
|
||||
-e25NJCQVh+L32b9WrH3quH6fbLIg8a8MmUWl6te3FQKBgQDddu0Dp8R8fe2WnAE5
|
||||
-oXdASAf2BpthRNqUdYpkkO7gOV0MXCKIEiGZ+WuWEYmNlsXZCJRABprqLw9O/5Td
|
||||
-2q+rCbdG9mSW2x82t/Ia4zd3r0RSHZyKbtOLtgmWfQkwVHy+rED8Juie5bNzHbjS
|
||||
-1mYtFP2KDQ5yZA95yFg8ZtXOawKBgQD85VOPnfXGOJ783JHepAn4J2x1Edi+ZDQ+
|
||||
-Ml9g2LwetI46dQ0bF6V8RtcyWp0+6+ydX5U4JKhERFDivolD7Z1KFmlNLPs0cqSX
|
||||
-5g5kzTD+R+zpr9FRragYKyLdHsLP0ur75Rh5FQkUl2DmeKCMvMKAkio0cduVpVXT
|
||||
-SvWUBtkHXQKBgBy4VoZZ1GZcolocwx/pK6DfdoDWXIIhvsLv91GRZhkX91QqAqRo
|
||||
-zYi9StF8Vr1Q5zl9HlSrRp3GGpMhG/olaRCiQu1l+KeDpSmgczo/aysPRKntgyaE
|
||||
-ttRweA/XCUEGQ+MqTYcluJcarMnp+dUFztxb04F6rfvxs/wUGjVDFMkfAoGBAK+F
|
||||
-wx9UtPZk6gP6Wsu58qlnQ2Flh5dtGM1qTMR86OQu0OBFyVjaaqL8z/NE7Qp02H7J
|
||||
-jlmvJ5JqD/Gv6Llau+Zl86P66kcWoqJCrA7OU4jJBueSfadA7gAIQGRUK0Xuz+UQ
|
||||
-tpGjRfAiuMB9TIEhqaVuzRglRhBw9kZ2KkgZEJyJAoGBANrEpEwOhCv8Vt1Yiw6o
|
||||
-co96wYj+0LARJXw6rIfEuLkthBRRoHqQMKqwIGMrwjHlHXPnQmajONzIJd+u+OS4
|
||||
-psCGetAIGegd3xNVpK2uZv9QBWBpQbuofOh/c2Ctmm2phL2sVwCZ0qwIeXuBwJEc
|
||||
-NOlOojKDO+dELErpShJgFIaU
|
||||
+MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDXr9uzB/20QXKC
|
||||
+xhkfNnJvl2xl1hzdOcrQmAqo+AAAcA/D49ImuJDVQRaK2bcj54XB26i1kXuOrxID
|
||||
+3/etUb8yudfx8OAVwh8G0xVA4zhr8uXW85W2tBr4v0Lt+W6lSd6Hmfrk4GmE9LTU
|
||||
+/vzl9HUPW6SZShN1G0nY6oeUXvLi0vasEUKv3a51T6JFYg4c7qt5RCk/w8kwrQ0D
|
||||
+orQwCdkOPEIiC4b+nPStF12SVm5bx8rbYzioxuY/PdSebvt0APeqgRxSpCxqYnHs
|
||||
+CoNeHzSrGXcP0COzFeUOz2tdrhmH09JLbGZs4nbojPxMkjpJSv3/ekDG2CHYxXSH
|
||||
+XxpJstxZAgMBAAECggEASY4xsJaTEPwY3zxLqPdag2/yibBBW7ivz/9p80HQTlXp
|
||||
+KnbxXj8nNXLjCytAZ8A3P2t316PrrTdLP4ML5lGwkM4MNPhek00GY79syhozTa0i
|
||||
+cPHVJt+5Kwee/aVI9JmCiGAczh0yHyOM3+6ttIZvvXMVaSl4BUHvJ0ikQBc5YdzL
|
||||
+s6VM2gCOR6K6n+39QHDI/T7WwO9FFSNnpWFOCHwAWtyBMlleVj+xeZX8OZ/aT+35
|
||||
+27yjsGNBftWKku29VDineiQC+o+fZGJs6w4JZHoBSP8TfxP8fRCFVNA281G78Xak
|
||||
+cEnKXwZ54bpoSa3ThKl+56J6NHkkfRGb8Rgt/ipJYQKBgQD5DKb82mLw85iReqsT
|
||||
+8bkp408nPOBGz7KYnQsZqAVNGfehM02+dcN5z+w0jOj6GMPLPg5whlEo/O+rt9ze
|
||||
+j6c2+8/+B4Bt5oqCKoOCIndH68jl65+oUxFkcHYxa3zYKGC9Uvb+x2BtBmYgvDRG
|
||||
+ew6I2Q3Zyd2ThZhJygUZpsjsbQKBgQDdtNiGTkgWOm+WuqBI1LT5cQfoPfgI7/da
|
||||
+ZA+37NBUQRe0cM7ddEcNqx7E3uUa1JJOoOYv65VyGI33Ul+evI8h5WE5bupcCEFk
|
||||
+LolzbMc4YQUlsySY9eUXM8jQtfVtaWhuQaABt97l+9oADkrhA+YNdEu2yiz3T6W+
|
||||
+msI5AnvkHQKBgDEjuPMdF/aY6dqSjJzjzfgg3KZOUaZHJuML4XvPdjRPUlfhKo7Q
|
||||
+55/qUZ3Qy8tFBaTderXjGrJurc+A+LiFOaYUq2ZhDosguOWUA9yydjyfnkUXZ6or
|
||||
+sbvSoM+BeOGhnezdKNT+e90nLRF6cQoTD7war6vwM6L+8hxlGvqDuRNFAoGAD4K8
|
||||
+d0D4yB1Uez4ZQp8m/iCLRhM3zCBFtNw1QU/fD1Xye5w8zL96zRkAsRNLAgKHLdsR
|
||||
+355iuTXAkOIBcJCOjveGQsdgvAmT0Zdz5FBi663V91o+IDlryqDD1t40CnCKbtRG
|
||||
+hng/ruVczg4x7OYh7SUKuwIP/UlkNh6LogNreX0CgYBQF9troLex6X94VTi1V5hu
|
||||
+iCwzDT6AJj63cS3VRO2ait3ZiLdpKdSNNW2WrlZs8FZr/mVutGEcWho8BugGMWST
|
||||
+1iZkYwly9Xfjnpd0I00ZIlr2/B3+ZsK8w5cOW5Lpb7frol6+BkDnBjbNZI5kQndn
|
||||
+zQpuMJliRlrq/5JkIbH6SA==
|
||||
-----END PRIVATE KEY-----
|
||||
-----BEGIN CERTIFICATE-----
|
||||
-MIIDeTCCAmGgAwIBAgIUM6U1Peo3wzfAJIrzINejJJfmRzkwDQYJKoZIhvcNAQEL
|
||||
+MIIDdzCCAl+gAwIBAgIUNrEw2I4NEV0Nbo7AVOF9z4mPBiYwDQYJKoZIhvcNAQEL
|
||||
BQAwRDELMAkGA1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAxHTAbBgNV
|
||||
-BAMMFFRlc3QgUy9NSU1FIFJTQSBSb290MCAXDTIyMDYwMjE1MzMxM1oYDzIxMjIw
|
||||
-NTA5MTUzMzEzWjBFMQswCQYDVQQGEwJVSzEWMBQGA1UECgwNT3BlblNTTCBHcm91
|
||||
-cDEeMBwGA1UEAwwVVGVzdCBTL01JTUUgRUUgUlNBICMxMIIBIjANBgkqhkiG9w0B
|
||||
-AQEFAAOCAQ8AMIIBCgKCAQEA2sd0+2pXn2XG5gnHTdJBKAS8FfB9ub63uN0WI7j6
|
||||
-OuEwY3ilMtu2sgtU18nRdXmJtxz6xWH5EtH2emCtMb8MsYkJ3rL3H51Xtn6VxT7J
|
||||
-eUUL7tSSjO6yQLiwvmE0S3s9OyB4UJx0NuWZEfgeEi+ZiIbjkifcshSWCUNyncP2
|
||||
-l/47Z1lUfKdxcoISabViJvdLn1uMVhWNMjUltSppGbjlhe1T4eUQtQu8KAf0R4cg
|
||||
-9oDj+7Rfngyf0G1+IpIuID0RR7ja0lfGabw5CKqsheQVvLciZ3g5KFlvCLhKZjSM
|
||||
-32zgh7yOsu66HgJka8B+P6OVsWhCLJ0P96Tb45+vrwPp3wIDAQABo2AwXjAMBgNV
|
||||
-HRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIF4DAdBgNVHQ4EFgQUHw4Us7FXwgLtZ1JB
|
||||
-MOAHSkNYfEkwHwYDVR0jBBgwFoAUFcETIWviVV+nah1XINbP86lzZFkwDQYJKoZI
|
||||
-hvcNAQELBQADggEBAAMAXEjTNo7evn6BvfEaG2q21q9xfFear/M0zxc5xcTj+WP+
|
||||
-BKrlxXg5RlVFyvmzGhwZBERsDMJYa54aw8scDJsy/0zPdWST39dNev7xH13pP8nF
|
||||
-QF4MGPKIqBzX8iDCqhz70p1w2ndLjz1dvsAqn6z9/Sh3T2kj6DfZY3jA49pMEim1
|
||||
-vYd4lWa5AezU3+cLtBbo2c2iyG2W7SFpnNTjLX823f9rbVPnUb93ZI/tDXDIf5hL
|
||||
-0hocZs+MWdC7Ly1Ru4PXa6+DeOM0z673me/Q27e24OBbG2eq5g7eW5euxJinGkpI
|
||||
-XGGKTKrBCPxSdTtwSNHU9HsggT8a0wXL2QocZ3w=
|
||||
+BAMMFFRlc3QgUy9NSU1FIFJTQSBSb290MB4XDTIyMDUyMzE0MDczN1oXDTMyMDMz
|
||||
+MTE0MDczN1owRTELMAkGA1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAx
|
||||
+HjAcBgNVBAMMFVRlc3QgUy9NSU1FIEVFIFJTQSAjMTCCASIwDQYJKoZIhvcNAQEB
|
||||
+BQADggEPADCCAQoCggEBANev27MH/bRBcoLGGR82cm+XbGXWHN05ytCYCqj4AABw
|
||||
+D8Pj0ia4kNVBForZtyPnhcHbqLWRe46vEgPf961RvzK51/Hw4BXCHwbTFUDjOGvy
|
||||
+5dbzlba0Gvi/Qu35bqVJ3oeZ+uTgaYT0tNT+/OX0dQ9bpJlKE3UbSdjqh5Re8uLS
|
||||
+9qwRQq/drnVPokViDhzuq3lEKT/DyTCtDQOitDAJ2Q48QiILhv6c9K0XXZJWblvH
|
||||
+yttjOKjG5j891J5u+3QA96qBHFKkLGpicewKg14fNKsZdw/QI7MV5Q7Pa12uGYfT
|
||||
+0ktsZmziduiM/EySOklK/f96QMbYIdjFdIdfGkmy3FkCAwEAAaNgMF4wDAYDVR0T
|
||||
+AQH/BAIwADAOBgNVHQ8BAf8EBAMCBeAwHQYDVR0OBBYEFOaNz6WtNC5jH9UE4EaM
|
||||
+y+59qO+EMB8GA1UdIwQYMBaAFMmRUwpjexZbi71E8HaIqSTm5bZsMA0GCSqGSIb3
|
||||
+DQEBCwUAA4IBAQBMz3Ef3U0blTGhfP9HIBq09fWCgUN3aDDLZ/B6biFfWM87wlAm
|
||||
+CdIuy2jhiEt8Ld8U9y8dbO7c2gzHBGc9FhScBkfQInrbhSctXL/r/wOc0divK9rq
|
||||
+oXL2cL/CFfzcYPWNN3w6JAJyOhkhWnqF+/0T8+NdiRLE3a9NfX3a83GpfBVccYKQ
|
||||
+kKKeVIw2K1dYbtlSo1HwOckxqUzN00IPs3xC8U9KNXKy7o0kdetKhk70DzXQ64j0
|
||||
+EcmXxqPaCkgo3fl9z9nzKlWhg/qIi/1Bd1bpMP8IXAPEURDqhi0KI0w9GPCQRjfY
|
||||
+7NwXrLEayBoL8TNxcJ3FwdI20+bmhhILBZgO
|
||||
-----END CERTIFICATE-----
|
||||
diff -up openssl-3.0.5/test/smime-certs/smrsa2.pem.0061 openssl-3.0.5/test/smime-certs/smrsa2.pem
|
||||
--- openssl-3.0.5/test/smime-certs/smrsa2.pem.0061 2022-09-02 14:17:15.333436680 +0200
|
||||
+++ openssl-3.0.5/test/smime-certs/smrsa2.pem 2022-09-02 14:17:15.347436804 +0200
|
||||
@@ -1,49 +1,49 @@
|
||||
-----BEGIN PRIVATE KEY-----
|
||||
-MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDkoMi4sqj2mN8j
|
||||
-SaFAibXEfeYYrzBHIdCm/uaXWit81fXOSFVw1rbeAppxz7bOcSEN50lpdP2UX3/b
|
||||
-FYFD3exHXjvch9NPNgQaNkCqTNTuYa2L9wrpltXnon7tH3W/zZfF+/qpUSu1f6rk
|
||||
-GyxjVXxLwjIawCX0rbLcdFCVVy+EyvQkvSxXjafrDMzshWzPDbtjUv3SH6avqrPn
|
||||
-4NX0fv3BdBwTfDLAw/m8nN+9B9Mg0V7UNM1IJY/Vo5pLhv+MrEf8SnAS+1Wt43rT
|
||||
-3PY9iMZMMWUswdgmPY0yCN95ggwNrSMGV60yvEDxINWuJoR8s0lybDdFa+AB5v4T
|
||||
-hqKpspFNAgMBAAECggEAZmWu0K5QJ7Y7Rlo9ayLicsFyk36vUESQZ6MF0ybzEEPi
|
||||
-BkR2ZAX+vDuNQckm1pprlAcRZbactl35bT3Z+fQE1cgaZoC8/x6xwq2m0796pNPB
|
||||
-v0zjqdBBOLAaSgjLm56wyd88GqZ8vZsTBnw3KrxIYcP13e5OcaJ0V/GOf/yfD0lg
|
||||
-Tq9i7V5Iq++Fpo2KvJA8FMgqcfhvhdo40rRykoBfzEZpBk4Ia/Yijsbx5sE15pFZ
|
||||
-DfmsMbD+vViuM8IavHo61mBNyYeydwlgIMqUgP/6xbYUov/XSUojrLG+IQuvDx9D
|
||||
-xzTHGM+IBJxQZMza/mDVcjUAcDEjWt/Mve8ibTQCbwKBgQDyaiGsURtlf/8xmmvT
|
||||
-RQQFFFsJ8SXHNYmnceNULIjfDxpLk1yC4kBNUD+liAJscoVlOcByHmXQRtnY1PHq
|
||||
-AwyrwplGd82773mtriDVFSjhD+GB7I0Hv2j+uiFZury0jR/6/AsWKCtTqd0opyuB
|
||||
-8rGZjguiwZIjeyxd8mL1dncUHwKBgQDxcNxHUvIeDBvAmtK65xWUuLcqtK9BblBH
|
||||
-YVA7p93RqX4E+w3J0OCvQRQ3r1GCMMzFEO0oOvNfMucU4rbQmx1pbzF8aQU+8iEW
|
||||
-kYpaWUbPUQ2hmBblhjGYHsigt/BrzaW0QveVIWcGiyVVX9wiCzJH5moJlCRK2oHR
|
||||
-B36hdlmNEwKBgQCSlWSpOx4y4RQiHXtn9Eq6+5UVTPGIJTKIwxAwnQFiyFIhMwl0
|
||||
-x3UUixsBcF3uz80j6akaGJF+QOmH+TQTSibGUdS3TMhmBSfxwuJtlu7yMNUu6Chb
|
||||
-b/4AUfLKvGVRVCjrbq8Rhda1L3jhFTz0xhlofgFBOIWy2M96O5BlV24oBwKBgQDs
|
||||
-cf93ZfawkGEZVUXsPeQ3mlHe48YCCPtbfCSr13B3JErCq+5L52AyoUQgaHQlUI8o
|
||||
-qrPmQx0V7O662G/6iP3bxEYtNVgq1cqrpGpeorGi1BjKWPyLWMj21abbJmev21xc
|
||||
-1XxLMsQHd3tfSZp2SIq8OR09NjP4jla1k2Ziz1lRuwKBgQCUJXjhW4dPoOzC7DJK
|
||||
-u4PsxcKkJDwwtfNudVDaHcbvvaHELTAkE2639vawH0TRwP6TDwmlbTQJP4EW+/0q
|
||||
-13VcNXVAZSruA9dvxlh4vNUH3PzTDdFIJzGVbYbV9p5t++EQ7gRLuLZqs99BOzM9
|
||||
-k6W9F60mEFz1Owh+lQv7WfSIVA==
|
||||
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDcYC4tS2Uvn1Z2
|
||||
+iDgtfkJA5tAqgbN6X4yK02RtVH5xekV9+6+eTt/9S+iFAzAnwqR/UB1R67ETrsWq
|
||||
+V8u9xLg5fHIwIkmu9/6P31UU9cghO7J1lcrhHvooHaFpcXepPWQacpuBq2VvcKRD
|
||||
+lDfVmdM5z6eS3dSZPTOMMP/xk4nhZB8mcw27qiccPieS0PZ9EZB63T1gmwaK1Rd5
|
||||
+U94Pl0+zpDqhViuXmBfiIDWjjz0BzHnHSz5Rg4S3oXF1NcojhptIWyI0r7dgn5J3
|
||||
+NxC4kgKdjzysxo6iWd0nLgz7h0jUdj79EOis4fg9G4f0EFWyQf7iDxGaA93Y9ePB
|
||||
+Jv5iFZVZAgMBAAECggEBAILIPX856EHb0KclbhlpfY4grFcdg9LS04grrcTISQW1
|
||||
+J3p9nBpZ+snKe6I8Yx6lf5PiipPsSLlCliHiWpIzJZVQCkAQiSPiHttpEYgP2IYI
|
||||
+dH8dtznkdVbLRthZs0bnnPmpHCpW+iqpcYJ9eqkz0cvUNUGOjjWmwWmoRqwp/8CW
|
||||
+3S1qbkQiCh0Mk2fQeGar76R06kXQ9MKDEj14zyS3rJX+cokjEoMSlH8Sbmdh2mJz
|
||||
+XlNZcvqmeGJZwQWgbVVHOMUuZaKJiFa+lqvOdppbqSx0AsCRq6vjmjEYQEoOefYK
|
||||
+3IJM9IvqW5UNx0Cy4kQdjhZFFwMO/ALD3QyF21iP4gECgYEA+isQiaWdaY4UYxwK
|
||||
+Dg+pnSCKD7UGZUaCUIv9ds3CbntMOONFe0FxPsgcc4jRYQYj1rpQiFB8F11+qXGa
|
||||
+P/IHcnjr2+mTrNY4I9Bt1Lg+pHSS8QCgzeueFybYMLaSsXUo7tGwpvw6UUb6/YWI
|
||||
+LNCzZbrCLg1KZjGODhhxtvN45ZkCgYEA4YNSe+GMZlxgsvxbLs86WOm6DzJUPvxN
|
||||
+bWmni0+Oe0cbevgGEUjDVc895uMFnpvlgO49/C0AYJ+VVbStjIMgAeMnWj6OZoSX
|
||||
+q49rI8KmKUxKgORZiiaMqGWQ7Rxv68+4S8WANsjFxoUrE6dNV3uYDIUsiSLbZeI8
|
||||
+38KVTcLohcECgYEAiOdyWHGq0G4xl/9rPUCzCMsa4velNV09yYiiwBZgVgfhsawm
|
||||
+hQpOSBZJA60XMGqkyEkT81VgY4UF4QLLcD0qeCnWoXWVHFvrQyY4RNZDacpl87/t
|
||||
+QGO2E2NtolL3umesa+2TJ/8Whw46Iu2llSjtVDm9NGiPk5eA7xPPf1iEi9kCgYAb
|
||||
+0EmVE91wJoaarLtGS7LDkpgrFacEWbPnAbfzW62UENIX2Y1OBm5pH/Vfi7J+vHWS
|
||||
+8E9e0eIRCL2vY2hgQy/oa67H151SkZnvQ/IP6Ar8Xvd1bDSK8HQ6tMQqKm63Y9g0
|
||||
+KDjHCP4znOsSMnk8h/bZ3HcAtvbeWwftBR/LBnYNQQKBgA1leIXLLHRoX0VtS/7e
|
||||
+y7Xmn7gepj+gDbSuCs5wGtgw0RB/1z/S3QoS2TCbZzKPBo20+ivoRP7gcuFhduFR
|
||||
+hT8V87esr/QzLVpjLedQDW8Xb7GiO3BsU/gVC9VcngenbL7JObl3NgvdreIYo6+n
|
||||
+yrLyf+8hjm6H6zkjqiOkHAl+
|
||||
-----END PRIVATE KEY-----
|
||||
-----BEGIN CERTIFICATE-----
|
||||
-MIIDeTCCAmGgAwIBAgIUTMQXiTcI/rpzqO91NyFWpjLE3KkwDQYJKoZIhvcNAQEL
|
||||
+MIIDdzCCAl+gAwIBAgIUdWyHziJTdWjooy8SanPMwLxNsPEwDQYJKoZIhvcNAQEL
|
||||
BQAwRDELMAkGA1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAxHTAbBgNV
|
||||
-BAMMFFRlc3QgUy9NSU1FIFJTQSBSb290MCAXDTIyMDYwMjE1MzMxM1oYDzIxMjIw
|
||||
-NTA5MTUzMzEzWjBFMQswCQYDVQQGEwJVSzEWMBQGA1UECgwNT3BlblNTTCBHcm91
|
||||
-cDEeMBwGA1UEAwwVVGVzdCBTL01JTUUgRUUgUlNBICMyMIIBIjANBgkqhkiG9w0B
|
||||
-AQEFAAOCAQ8AMIIBCgKCAQEA5KDIuLKo9pjfI0mhQIm1xH3mGK8wRyHQpv7ml1or
|
||||
-fNX1zkhVcNa23gKacc+2znEhDedJaXT9lF9/2xWBQ93sR1473IfTTzYEGjZAqkzU
|
||||
-7mGti/cK6ZbV56J+7R91v82Xxfv6qVErtX+q5BssY1V8S8IyGsAl9K2y3HRQlVcv
|
||||
-hMr0JL0sV42n6wzM7IVszw27Y1L90h+mr6qz5+DV9H79wXQcE3wywMP5vJzfvQfT
|
||||
-INFe1DTNSCWP1aOaS4b/jKxH/EpwEvtVreN609z2PYjGTDFlLMHYJj2NMgjfeYIM
|
||||
-Da0jBletMrxA8SDVriaEfLNJcmw3RWvgAeb+E4aiqbKRTQIDAQABo2AwXjAMBgNV
|
||||
-HRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIF4DAdBgNVHQ4EFgQUSJ0v3SKahe6eKssR
|
||||
-rBvYLBprFTgwHwYDVR0jBBgwFoAUFcETIWviVV+nah1XINbP86lzZFkwDQYJKoZI
|
||||
-hvcNAQELBQADggEBAKoyszyZ3DfCOIVzeJrnScXuMvRkVqO5aGmgZxtY9r6gPk8v
|
||||
-gXaEFXDKqRbGqEnuwEjpew+SVZO8nrVpdIP7fydpufy7Cu91Ev4YL1ui5Vc66+IK
|
||||
-7dXV7eZYcH/dDJBPZddHx9vGhcr0w8B1W9nldM3aQE/RQjOmMRDc7/Hnk0f0RzJp
|
||||
-LA0adW3ry27z2s4qeCwkV9DNSh1KoGfcLwydBiXmJ1XINMFH/scD4pk9UeJpUL+5
|
||||
-zvTaDzUmzLsI1gH3j/rlzJuNJ7EMfggKlfQdit9Qn6+6Gjk6T5jkZfzcq3LszuEA
|
||||
-EFtkxWyBmmEgh4EmvZGAyrUvne1hIIksKe3iJ+E=
|
||||
+BAMMFFRlc3QgUy9NSU1FIFJTQSBSb290MB4XDTIyMDUyMzE0MDkyNVoXDTMyMDMz
|
||||
+MTE0MDkyNVowRTELMAkGA1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAx
|
||||
+HjAcBgNVBAMMFVRlc3QgUy9NSU1FIEVFIFJTQSAjMjCCASIwDQYJKoZIhvcNAQEB
|
||||
+BQADggEPADCCAQoCggEBANxgLi1LZS+fVnaIOC1+QkDm0CqBs3pfjIrTZG1UfnF6
|
||||
+RX37r55O3/1L6IUDMCfCpH9QHVHrsROuxapXy73EuDl8cjAiSa73/o/fVRT1yCE7
|
||||
+snWVyuEe+igdoWlxd6k9ZBpym4GrZW9wpEOUN9WZ0znPp5Ld1Jk9M4ww//GTieFk
|
||||
+HyZzDbuqJxw+J5LQ9n0RkHrdPWCbBorVF3lT3g+XT7OkOqFWK5eYF+IgNaOPPQHM
|
||||
+ecdLPlGDhLehcXU1yiOGm0hbIjSvt2Cfknc3ELiSAp2PPKzGjqJZ3ScuDPuHSNR2
|
||||
+Pv0Q6Kzh+D0bh/QQVbJB/uIPEZoD3dj148Em/mIVlVkCAwEAAaNgMF4wDAYDVR0T
|
||||
+AQH/BAIwADAOBgNVHQ8BAf8EBAMCBeAwHQYDVR0OBBYEFPRqunJgwdcM9Uvsy/MT
|
||||
+6XHvUvuyMB8GA1UdIwQYMBaAFMmRUwpjexZbi71E8HaIqSTm5bZsMA0GCSqGSIb3
|
||||
+DQEBCwUAA4IBAQBz02v4hd+EjW5NaMubkqPbgUTDRKdRq1RZM+C6m1MTMKy+8zTD
|
||||
+QSKRCFf0UmSPMsdTArry9x15fmHIJW21F3bw4ISeVXRyzBhOnrGKXUt2Lg9c2MLa
|
||||
+9C394ex0vw4ZGSNkrIARbM3084Chegs4PLMWLFam1H5J6wpvH8iXXYvhESW98luv
|
||||
+i3HVQzqLXw7/9XHxf8RnrRcy/WhAA+KegAQMGHTo5KPLliXtypYdCxBHNcmOwJlR
|
||||
+pSOp6fxhiRKN5DzcBPHOE/brZc4aNGgBHZgGg1g1Wb2lAylopgJrbyNkhEEwHVNM
|
||||
+1uLCnXKV1nX+EiMKkhSV761ozdhMGljYb+GE
|
||||
-----END CERTIFICATE-----
|
||||
diff -up openssl-3.0.5/test/smime-certs/smrsa3.pem.0061 openssl-3.0.5/test/smime-certs/smrsa3.pem
|
||||
--- openssl-3.0.5/test/smime-certs/smrsa3.pem.0061 2022-09-02 14:17:15.327436627 +0200
|
||||
+++ openssl-3.0.5/test/smime-certs/smrsa3.pem 2022-09-02 14:17:15.346436795 +0200
|
||||
@@ -1,49 +1,49 @@
|
||||
-----BEGIN PRIVATE KEY-----
|
||||
-MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQD5A/t3norj/167
|
||||
-toKG1Ygtg3G+pZ4Nwl5a9flnm8JdSMW5TEEP1TSvDVIEuAVi7xqoAn6heypoaMkB
|
||||
-GJ+AoSo9R7umdhhq2vnmWFNsdH6oDzynVXixyURo81YrN3sn9Xd55ivTiSpZXldi
|
||||
-ECr2T0BYvOw0h497bPs6gY9LqgrBHNYVF3lFhdOmYWv+2qSdti+1gV3t24pv1CrK
|
||||
-2AdX5Epdd5jR+eNnt+suZqoPC0hTcNjszJLcfDYFXHva9BcE0DfrgcYSmoSBU53M
|
||||
-jt63TClK6ZoVcPJ7vXjFRHncvs1/d+nc9BdL9FsGI1ezspSwcJHqex2wgo76yDrq
|
||||
-DE4s23rPAgMBAAECggEAEDi+VWD5VUpjD5zWOoPQiRDGBJBhtMAKkl6okxEmXvWb
|
||||
-Xz3STFnjHgA1JFHW3bRU9BHI9k8vSHmnlnkfKb3V/ZX5IHNcKCHb/x9NBak+QLVQ
|
||||
-0zLtfE9vxiTC0B/oac+MPaiD4hYFQ81pFwK6VS0Poi8ZCBJtOkRqfUvsyV8zZrgh
|
||||
-/6cs4mwOVyZPFRgF9eWXYv7PJz8pNRizhII0iv9H/r2I3DzsZLPCg7c29mP+I/SG
|
||||
-A7Pl82UXjtOc0KurGY2M5VheZjxJT/k/FLMkWY2GS5n6dfcyzsVSKb25HoeuvQsI
|
||||
-vs1mKs+Onbobdc17hCcKVJzbi3DwXs5XDhrEzfHccQKBgQD88uBxVCRV31PsCN6I
|
||||
-pKxQDGgz+1BqPqe7KMRiZI7HgDUK0eCM3/oG089/jsBtJcSxnScLSVNBjQ+xGiFi
|
||||
-YCD4icQoJSzpqJyR6gDq5lTHASAe+9LWRW771MrtyACQWNXowYEyu8AjekrZkCUS
|
||||
-wIKVpw57oWykzIoS7ixZsJ8gxwKBgQD8BPWqJEsLiQvOlS5E/g88eV1KTpxm9Xs+
|
||||
-BbwsDXZ7m4Iw5lYaUu5CwBB/2jkGGRl8Q/EfAdUT7gXv3t6x5b1qMXaIczmRGYto
|
||||
-NuI3AH2MPxAa7lg5TgBgie1r7PKwyPMfG3CtDx6n8W5sexgJpbIy5u7E+U6d8s1o
|
||||
-c7EcsefduQKBgCkHJAx9v18GWFBip+W2ABUDzisQSlzRSNd8p03mTZpiWzgkDq4K
|
||||
-7j0JQhDIkMGjbKH6gYi9Hfn17WOmf1+7g92MSvrP/NbxeGPadsejEIEu14zu/6Wt
|
||||
-oXDLdRbYZ+8B2cBlEpWuCl42yck8Lic6fnPTou++oSah3otvglYR5d2lAoGACd8L
|
||||
-3FE1m0sP6lSPjmZBJIZAcDOqDqJY5HIHD9arKGZL8CxlfPx4lqa9PrTGfQWoqORk
|
||||
-YmmI9hHhq6aYJHGyPKGZWfjhbVyJyFg1/h+Hy2GA+P0S+ZOjkiR050BNtTz5wOMr
|
||||
-Q6wO8FcVkywzIdWaqEHBYne9a5RiFVBKxKv3QAkCgYBxmCBKajFkMVb4Uc55WqJs
|
||||
-Add0mctGgmZ1l5vq81eWe3wjM8wgfJgaD3Q3gwx2ABUX/R+OsVWSh4o5ZR86sYoz
|
||||
-TviknBHF8GeDLjpT49+04fEaz336J2JOptF9zIpz7ZK1nrOEjzaZGtumReVjUP7X
|
||||
-fNcb5iDYqZRzD8ixBbLxUw==
|
||||
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCyK+BTAOJKJjji
|
||||
+OhY60NeZjzGGZxEBfCm62n0mwkzusW/V/e63uwj6uOVCFoVBz5doMf3M6QIS2jL3
|
||||
+Aw6Qs5+vcuLA0gHrqIwjYQz1UZ5ETLKLKbQw6YOIVfsFSTxytUVpfcByrubWiLKX
|
||||
+63theG1/IVokDK/9/k52Kyt+wcCjuRb7AJQFj2OLDRuWm/gavozkK103gQ+dUq4H
|
||||
+XamZMtTq1EhQOfc0IUeCOEL6xz4jzlHHfzLdkvb7Enhav2sXDfOmZp/DYf9IqS7l
|
||||
+vFkkINPVbYFBTexaPZlFwmpGRjkmoyH/w+Jlcpzs+w6p1diWRpaSn62bbkRN49j6
|
||||
+L2dVb+DfAgMBAAECggEAciwDl6zdVT6g/PbT/+SMA+7qgYHSN+1koEQaJpgjzGEP
|
||||
+lUUfj8TewCtzXaIoyj9IepBuXryBg6snNXpT/w3bqgYon/7zFBvxkUpDj4A5tvKf
|
||||
+BuY2fZFlpBvUu1Ju1eKrFCptBBBoA9mc+BUB/ze4ktrAdJFcxZoMlVScjqGB3GdR
|
||||
+OHw2x9BdWGCJBhiu9VHhAAb/LVWi6xgDumYSWZwN2yovg+7J91t5bsENeBRHycK+
|
||||
+i5dNFh1umIK9N0SH6bpHPnLHrCRchrQ6ZRRxL4ZBKA9jFRDeI7OOsJuCvhGyJ1se
|
||||
+snsLjr/Ahg00aiHCcC1SPQ6pmXAVBCG7hf4AX82V4QKBgQDaFDE+Fcpv84mFo4s9
|
||||
+wn4CZ8ymoNIaf5zPl/gpH7MGots4NT5+Ns+6zzJQ6TEpDjTPx+vDaabP7QGXwVZn
|
||||
+8NAHYvCQK37b+u9HrOt256YYRDOmnJFSbsJdmqzMEzpTNmQ8GuI37cZCS9CmSMv+
|
||||
+ab/plcwuv0cJRSC83NN2AFyu1QKBgQDRJzKIBQlpprF9rA0D5ZjLVW4OH18A0Mmm
|
||||
+oanw7qVutBaM4taFN4M851WnNIROyYIlkk2fNgW57Y4M8LER4zLrjU5HY4lB0BMX
|
||||
+LQWDbyz4Y7L4lVnnEKfQxWFt9avNZwiCxCxEKy/n/icmVCzc91j9uwKcupdzrN6E
|
||||
+yzPd1s5y4wKBgQCkJvzmAdsOp9/Fg1RFWcgmIWHvrzBXl+U+ceLveZf1j9K5nYJ7
|
||||
+2OBGer4iH1XM1I+2M4No5XcWHg3L4FEdDixY0wXHT6Y/CcThS+015Kqmq3fBmyrc
|
||||
+RNjzQoF9X5/QkSmkAIx1kvpgXtcgw70htRIrToGSUpKzDKDW6NYXhbA+PQKBgDJK
|
||||
+KH5IJ8E9kYPUMLT1Kc4KVpISvPcnPLVSPdhuqVx69MkfadFSTb4BKbkwiXegQCjk
|
||||
+isFzbeEM25EE9q6EYKP+sAm+RyyJ6W0zKBY4TynSXyAiWSGUAaXTL+AOqCaVVZiL
|
||||
+rtEdSUGQ/LzclIT0/HLV2oTw4KWxtTdc3LXEhpNdAoGBAM3LckiHENqtoeK2gVNw
|
||||
+IPeEuruEqoN4n+XltbEEv6Ymhxrs6T6HSKsEsLhqsUiIvIzH43KMm45SNYTn5eZh
|
||||
+yzYMXLmervN7c1jJe2Y2MYv6hE+Ypj1xGW4w7s8WNKmVzLv97beisD9AZrS7sXfF
|
||||
+RvOAi5wVkYylDxV4238MAZIq
|
||||
-----END PRIVATE KEY-----
|
||||
-----BEGIN CERTIFICATE-----
|
||||
-MIIDeTCCAmGgAwIBAgIUIDyc//j/LoNDesZTGbPBoVarv4EwDQYJKoZIhvcNAQEL
|
||||
+MIIDdzCCAl+gAwIBAgIUAKvI4FWjFLx8iBGifOW3mG/xkT0wDQYJKoZIhvcNAQEL
|
||||
BQAwRDELMAkGA1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAxHTAbBgNV
|
||||
-BAMMFFRlc3QgUy9NSU1FIFJTQSBSb290MCAXDTIyMDYwMjE1MzMxM1oYDzIxMjIw
|
||||
-NTA5MTUzMzEzWjBFMQswCQYDVQQGEwJVSzEWMBQGA1UECgwNT3BlblNTTCBHcm91
|
||||
-cDEeMBwGA1UEAwwVVGVzdCBTL01JTUUgRUUgUlNBICMzMIIBIjANBgkqhkiG9w0B
|
||||
-AQEFAAOCAQ8AMIIBCgKCAQEA+QP7d56K4/9eu7aChtWILYNxvqWeDcJeWvX5Z5vC
|
||||
-XUjFuUxBD9U0rw1SBLgFYu8aqAJ+oXsqaGjJARifgKEqPUe7pnYYatr55lhTbHR+
|
||||
-qA88p1V4sclEaPNWKzd7J/V3eeYr04kqWV5XYhAq9k9AWLzsNIePe2z7OoGPS6oK
|
||||
-wRzWFRd5RYXTpmFr/tqknbYvtYFd7duKb9QqytgHV+RKXXeY0fnjZ7frLmaqDwtI
|
||||
-U3DY7MyS3Hw2BVx72vQXBNA364HGEpqEgVOdzI7et0wpSumaFXDye714xUR53L7N
|
||||
-f3fp3PQXS/RbBiNXs7KUsHCR6nsdsIKO+sg66gxOLNt6zwIDAQABo2AwXjAMBgNV
|
||||
-HRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIF4DAdBgNVHQ4EFgQUN9pGq/UFS3o50rTi
|
||||
-V+AYgAk+3R4wHwYDVR0jBBgwFoAUFcETIWviVV+nah1XINbP86lzZFkwDQYJKoZI
|
||||
-hvcNAQELBQADggEBAGcOh380/6aJqMpYBssuf2CB3DX/hGKdvEF7fF8iNSfl5HHq
|
||||
-112kHl3MhbL9Th/safJq9sLDJqjXRNdVCUJJbU4YI2P2gsi04paC0qxWxMLtzQLd
|
||||
-CE7ki2xH94Fuu/dThbpzZBABROO1RrdI24GDGt9t4Gf0WVkobmT/zNlwGppKTIB2
|
||||
-iV/Ug30iKr/C49UzwUIa+XXXujkjPTmGSnrKwVQNxQh81rb+iTL7GEnNuqDsatHW
|
||||
-ZyLS2SaVdG5tMqDkITPMDGjehUzJcAbVc8Bv4m8Ukuov3uDj2Doc6MxlvrVkV0AE
|
||||
-BcSCb/bWQJJ/X4LQZlx9cMk4NINxV9UeFPZOefg=
|
||||
+BAMMFFRlc3QgUy9NSU1FIFJTQSBSb290MB4XDTIyMDUyMzE0MTEwNloXDTMyMDMz
|
||||
+MTE0MTEwNlowRTELMAkGA1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAx
|
||||
+HjAcBgNVBAMMFVRlc3QgUy9NSU1FIEVFIFJTQSAjMzCCASIwDQYJKoZIhvcNAQEB
|
||||
+BQADggEPADCCAQoCggEBALIr4FMA4komOOI6FjrQ15mPMYZnEQF8KbrafSbCTO6x
|
||||
+b9X97re7CPq45UIWhUHPl2gx/czpAhLaMvcDDpCzn69y4sDSAeuojCNhDPVRnkRM
|
||||
+sosptDDpg4hV+wVJPHK1RWl9wHKu5taIspfre2F4bX8hWiQMr/3+TnYrK37BwKO5
|
||||
+FvsAlAWPY4sNG5ab+Bq+jOQrXTeBD51SrgddqZky1OrUSFA59zQhR4I4QvrHPiPO
|
||||
+Ucd/Mt2S9vsSeFq/axcN86Zmn8Nh/0ipLuW8WSQg09VtgUFN7Fo9mUXCakZGOSaj
|
||||
+If/D4mVynOz7DqnV2JZGlpKfrZtuRE3j2PovZ1Vv4N8CAwEAAaNgMF4wDAYDVR0T
|
||||
+AQH/BAIwADAOBgNVHQ8BAf8EBAMCBeAwHQYDVR0OBBYEFDoKRbmxroesGxa+4868
|
||||
+yPIvkCewMB8GA1UdIwQYMBaAFMmRUwpjexZbi71E8HaIqSTm5bZsMA0GCSqGSIb3
|
||||
+DQEBCwUAA4IBAQBfCCzWyZzIvq/ci6E74ovJ8mMel5Z9MU9EcvY0k7pJSUbpCg3c
|
||||
+P48CiAzt8r8Em4AymADfK1pYvvpTNVpU/USbdKR1hyxZjqWrYdsY7tlVuvZ92oFs
|
||||
+s3komuKHCx2SQAe5b+LWjC1Bf8JUFx+XTjYb/BBg7nQRwi3TkYVVmW7hXLYvf4Jn
|
||||
+Uyu0x02pDzUu+62jeYbNIVJnYwSU0gLHEo81QmNs06RLjnAhbneUZ6P6YuJOdDo7
|
||||
+xMw/ywijZM0FxsWxRSsCBwavhabg1Kb1lO//pbgcSa9T0D7ax1XoMni3RJnHj6gu
|
||||
+r0Mi3QjgZaxghR3TPh83dQLilECYDuD0uTzf
|
||||
-----END CERTIFICATE-----
|
||||
|
|
|
@ -248,8 +248,8 @@ index de391ce067..1cfd71c5cf 100644
|
|||
--- a/providers/fips/fipsprov.c
|
||||
+++ b/providers/fips/fipsprov.c
|
||||
@@ -23,6 +23,7 @@
|
||||
#include "prov/seeding.h"
|
||||
#include "self_test.h"
|
||||
#include "crypto/context.h"
|
||||
#include "internal/core.h"
|
||||
+#include "indicator.h"
|
||||
|
||||
|
|
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
|
@ -1,39 +1,22 @@
|
|||
From 4a2239bd7d444c30c55b20ea8b4aeadafdfe1afd Mon Sep 17 00:00:00 2001
|
||||
From: Clemens Lang <cllang@redhat.com>
|
||||
Date: Fri, 22 Jul 2022 13:59:37 +0200
|
||||
Subject: [PATCH] FIPS: Use OAEP in KATs, support fixed OAEP seed
|
||||
From abeda0b0475adb0d4f89b0c97cfc349779915bbf Mon Sep 17 00:00:00 2001
|
||||
From: rpm-build <rpm-build>
|
||||
Date: Mon, 31 Jul 2023 09:41:28 +0200
|
||||
Subject: [PATCH 29/35]
|
||||
0073-FIPS-Use-OAEP-in-KATs-support-fixed-OAEP-seed.patch
|
||||
|
||||
Review by our lab for FIPS 140-3 certification expects the RSA
|
||||
encryption and decryption tests to use a supported padding mode, not raw
|
||||
RSA signatures. Switch to RSA-OAEP for the self tests to fulfill that.
|
||||
|
||||
The FIPS 140-3 Implementation Guidance specifies in section 10.3.A
|
||||
"Cryptographic Algorithm Self-Test Requirements" that a self-test may be
|
||||
a known-answer test, a comparison test, or a fault-detection test.
|
||||
|
||||
Comparison tests are not an option, because they would require
|
||||
a separate implementation of RSA-OAEP, which we do not have. Fault
|
||||
detection tests require implementing fault detection mechanisms into the
|
||||
cryptographic algorithm implementation, we we also do not have.
|
||||
|
||||
As a consequence, a known-answer test must be used to test RSA
|
||||
encryption and decryption, but RSA encryption with OAEP padding is not
|
||||
deterministic, and thus encryption will always yield different results
|
||||
that could not be compared to known answers. For this reason, this
|
||||
change explicitly sets the seed in OAEP (see RFC 8017 section 7.1.1),
|
||||
which is the source of randomness for RSA-OAEP, to a fixed value. This
|
||||
setting is only available during self-test execution, and the parameter
|
||||
set using EVP_PKEY_CTX_set_params() will be ignored otherwise.
|
||||
|
||||
Signed-off-by: Clemens Lang <cllang@redhat.com>
|
||||
Patch-name: 0073-FIPS-Use-OAEP-in-KATs-support-fixed-OAEP-seed.patch
|
||||
Patch-id: 73
|
||||
Patch-status: |
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=2102535
|
||||
From-dist-git-commit: 9409bc7044cf4b5773639cce20f51399888c45fd
|
||||
---
|
||||
crypto/rsa/rsa_local.h | 8 ++
|
||||
crypto/rsa/rsa_oaep.c | 34 ++++++--
|
||||
include/openssl/core_names.h | 3 +
|
||||
providers/fips/self_test_data.inc | 83 +++++++++++--------
|
||||
providers/fips/self_test_data.inc | 79 ++++++++++---------
|
||||
providers/fips/self_test_kats.c | 7 ++
|
||||
.../implementations/asymciphers/rsa_enc.c | 41 ++++++++-
|
||||
6 files changed, 133 insertions(+), 43 deletions(-)
|
||||
.../implementations/asymciphers/rsa_enc.c | 41 +++++++++-
|
||||
6 files changed, 128 insertions(+), 44 deletions(-)
|
||||
|
||||
diff --git a/crypto/rsa/rsa_local.h b/crypto/rsa/rsa_local.h
|
||||
index ea70da05ad..dde57a1a0e 100644
|
||||
|
@ -119,10 +102,10 @@ index d9be1a4f98..b2f7f7dc4b 100644
|
|||
const unsigned char *from, int flen,
|
||||
const unsigned char *param, int plen,
|
||||
diff --git a/include/openssl/core_names.h b/include/openssl/core_names.h
|
||||
index 59a6e79566..11216fb8f8 100644
|
||||
index 5e3c132f5b..c0cce14297 100644
|
||||
--- a/include/openssl/core_names.h
|
||||
+++ b/include/openssl/core_names.h
|
||||
@@ -469,6 +469,9 @@ extern "C" {
|
||||
@@ -471,6 +471,9 @@ extern "C" {
|
||||
#define OSSL_ASYM_CIPHER_PARAM_OAEP_LABEL "oaep-label"
|
||||
#define OSSL_ASYM_CIPHER_PARAM_TLS_CLIENT_VERSION "tls-client-version"
|
||||
#define OSSL_ASYM_CIPHER_PARAM_TLS_NEGOTIATED_VERSION "tls-negotiated-version"
|
||||
|
@ -133,32 +116,26 @@ index 59a6e79566..11216fb8f8 100644
|
|||
/*
|
||||
* Encoder / decoder parameters
|
||||
diff --git a/providers/fips/self_test_data.inc b/providers/fips/self_test_data.inc
|
||||
index 4e30ec56dd..0103c87528 100644
|
||||
index e0fdc0daa4..aa2012c04a 100644
|
||||
--- a/providers/fips/self_test_data.inc
|
||||
+++ b/providers/fips/self_test_data.inc
|
||||
@@ -1294,15 +1294,22 @@ static const ST_KAT_PARAM rsa_priv_key[] = {
|
||||
ST_KAT_PARAM_END()
|
||||
@@ -1296,14 +1296,21 @@ static const ST_KAT_PARAM rsa_priv_key[] = {
|
||||
};
|
||||
|
||||
-/*-
|
||||
/*-
|
||||
- * Using OSSL_PKEY_RSA_PAD_MODE_NONE directly in the expansion of the
|
||||
- * ST_KAT_PARAM_UTF8STRING macro below causes a failure on ancient
|
||||
- * HP/UX PA-RISC compilers.
|
||||
- */
|
||||
-static const char pad_mode_none[] = OSSL_PKEY_RSA_PAD_MODE_NONE;
|
||||
-
|
||||
+/*-
|
||||
+ * Using OSSL_PKEY_RSA_PAD_MODE_OAEP directly in the expansion of the
|
||||
+ * ST_KAT_PARAM_UTF8STRING macro below causes a failure on ancient
|
||||
+ * HP/UX PA-RISC compilers.
|
||||
+ */
|
||||
* ST_KAT_PARAM_UTF8STRING macro below causes a failure on ancient
|
||||
* HP/UX PA-RISC compilers.
|
||||
*/
|
||||
-static const char pad_mode_none[] = OSSL_PKEY_RSA_PAD_MODE_NONE;
|
||||
+static const char pad_mode_oaep[] = OSSL_PKEY_RSA_PAD_MODE_OAEP;
|
||||
+static const char oaep_fixed_seed[] = {
|
||||
+ 0xf6, 0x10, 0xef, 0x0a, 0x97, 0xbf, 0x91, 0x25,
|
||||
+ 0x97, 0xcf, 0x8e, 0x0a, 0x75, 0x51, 0x2f, 0xab,
|
||||
+ 0x2e, 0x4b, 0x2c, 0xe6
|
||||
+};
|
||||
+
|
||||
|
||||
static const ST_KAT_PARAM rsa_enc_params[] = {
|
||||
- ST_KAT_PARAM_UTF8STRING(OSSL_ASYM_CIPHER_PARAM_PAD_MODE, pad_mode_none),
|
||||
+ ST_KAT_PARAM_UTF8STRING(OSSL_ASYM_CIPHER_PARAM_PAD_MODE, pad_mode_oaep),
|
||||
|
@ -167,7 +144,7 @@ index 4e30ec56dd..0103c87528 100644
|
|||
ST_KAT_PARAM_END()
|
||||
};
|
||||
|
||||
@@ -1335,43 +1348,43 @@ static const unsigned char rsa_expected_sig[256] = {
|
||||
@@ -1342,43 +1349,43 @@ static const unsigned char rsa_expected_sig[256] = {
|
||||
0x2c, 0x68, 0xf0, 0x37, 0xa9, 0xd2, 0x56, 0xd6
|
||||
};
|
||||
|
||||
|
@ -245,10 +222,10 @@ index 4e30ec56dd..0103c87528 100644
|
|||
|
||||
#ifndef OPENSSL_NO_EC
|
||||
diff --git a/providers/fips/self_test_kats.c b/providers/fips/self_test_kats.c
|
||||
index 064794d9bf..b6d5e8e134 100644
|
||||
index 74ee25dcb6..a9bc8be7fa 100644
|
||||
--- a/providers/fips/self_test_kats.c
|
||||
+++ b/providers/fips/self_test_kats.c
|
||||
@@ -647,14 +647,21 @@ static int self_test_ciphers(OSSL_SELF_TEST *st, OSSL_LIB_CTX *libctx)
|
||||
@@ -641,14 +641,21 @@ static int self_test_ciphers(OSSL_SELF_TEST *st, OSSL_LIB_CTX *libctx)
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
@ -271,7 +248,7 @@ index 064794d9bf..b6d5e8e134 100644
|
|||
}
|
||||
|
||||
diff --git a/providers/implementations/asymciphers/rsa_enc.c b/providers/implementations/asymciphers/rsa_enc.c
|
||||
index 00cf65fcd6..83be3d8ede 100644
|
||||
index 9cd8904131..40de5ce8fa 100644
|
||||
--- a/providers/implementations/asymciphers/rsa_enc.c
|
||||
+++ b/providers/implementations/asymciphers/rsa_enc.c
|
||||
@@ -30,6 +30,9 @@
|
||||
|
@ -294,8 +271,8 @@ index 00cf65fcd6..83be3d8ede 100644
|
|||
} PROV_RSA_CTX;
|
||||
|
||||
static void *rsa_newctx(void *provctx)
|
||||
@@ -190,12 +196,21 @@ static int rsa_encrypt(void *vprsactx, unsigned char *out, size_t *outlen,
|
||||
return 0;
|
||||
@@ -192,12 +198,21 @@ static int rsa_encrypt(void *vprsactx, unsigned char *out, size_t *outlen,
|
||||
}
|
||||
}
|
||||
ret =
|
||||
- ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex(prsactx->libctx, tbuf,
|
||||
|
@ -318,7 +295,7 @@ index 00cf65fcd6..83be3d8ede 100644
|
|||
|
||||
if (!ret) {
|
||||
OPENSSL_free(tbuf);
|
||||
@@ -326,6 +341,9 @@ static void rsa_freectx(void *vprsactx)
|
||||
@@ -328,6 +343,9 @@ static void rsa_freectx(void *vprsactx)
|
||||
EVP_MD_free(prsactx->oaep_md);
|
||||
EVP_MD_free(prsactx->mgf1_md);
|
||||
OPENSSL_free(prsactx->oaep_label);
|
||||
|
@ -328,7 +305,7 @@ index 00cf65fcd6..83be3d8ede 100644
|
|||
|
||||
OPENSSL_free(prsactx);
|
||||
}
|
||||
@@ -445,6 +463,9 @@ static const OSSL_PARAM known_gettable_ctx_params[] = {
|
||||
@@ -447,6 +465,9 @@ static const OSSL_PARAM known_gettable_ctx_params[] = {
|
||||
NULL, 0),
|
||||
OSSL_PARAM_uint(OSSL_ASYM_CIPHER_PARAM_TLS_CLIENT_VERSION, NULL),
|
||||
OSSL_PARAM_uint(OSSL_ASYM_CIPHER_PARAM_TLS_NEGOTIATED_VERSION, NULL),
|
||||
|
@ -338,7 +315,7 @@ index 00cf65fcd6..83be3d8ede 100644
|
|||
OSSL_PARAM_END
|
||||
};
|
||||
|
||||
@@ -454,6 +475,10 @@ static const OSSL_PARAM *rsa_gettable_ctx_params(ossl_unused void *vprsactx,
|
||||
@@ -456,6 +477,10 @@ static const OSSL_PARAM *rsa_gettable_ctx_params(ossl_unused void *vprsactx,
|
||||
return known_gettable_ctx_params;
|
||||
}
|
||||
|
||||
|
@ -349,7 +326,7 @@ index 00cf65fcd6..83be3d8ede 100644
|
|||
static int rsa_set_ctx_params(void *vprsactx, const OSSL_PARAM params[])
|
||||
{
|
||||
PROV_RSA_CTX *prsactx = (PROV_RSA_CTX *)vprsactx;
|
||||
@@ -563,6 +588,18 @@ static int rsa_set_ctx_params(void *vprsactx, const OSSL_PARAM params[])
|
||||
@@ -567,6 +592,18 @@ static int rsa_set_ctx_params(void *vprsactx, const OSSL_PARAM params[])
|
||||
prsactx->oaep_labellen = tmp_labellen;
|
||||
}
|
||||
|
||||
|
@ -369,5 +346,5 @@ index 00cf65fcd6..83be3d8ede 100644
|
|||
if (p != NULL) {
|
||||
unsigned int client_version;
|
||||
--
|
||||
2.37.1
|
||||
2.41.0
|
||||
|
||||
|
|
|
@ -90,7 +90,7 @@ index db1a1d7bc3..c94c3c53bd 100644
|
|||
&& !EVP_PKEY_is_a(locpctx->pkey, SN_hmac)
|
||||
&& !EVP_PKEY_is_a(locpctx->pkey, SN_tls1_prf)
|
||||
@@ -334,6 +344,7 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
|
||||
}
|
||||
goto err;
|
||||
}
|
||||
}
|
||||
+#endif /* !defined(FIPS_MODULE) */
|
||||
|
@ -231,7 +231,7 @@ diff --git a/providers/fips/self_test_kats.c b/providers/fips/self_test_kats.c
|
|||
index b6d5e8e134..77eec075e6 100644
|
||||
--- a/providers/fips/self_test_kats.c
|
||||
+++ b/providers/fips/self_test_kats.c
|
||||
@@ -444,11 +444,14 @@ static int self_test_sign(const ST_KAT_SIGN *t,
|
||||
@@ -444,10 +444,13 @@ static int self_test_sign(const ST_KAT_SIGN *t,
|
||||
int ret = 0;
|
||||
OSSL_PARAM *params = NULL, *params_sig = NULL;
|
||||
OSSL_PARAM_BLD *bld = NULL;
|
||||
|
@ -241,7 +241,6 @@ index b6d5e8e134..77eec075e6 100644
|
|||
EVP_PKEY *pkey = NULL;
|
||||
- unsigned char sig[256];
|
||||
BN_CTX *bnctx = NULL;
|
||||
BIGNUM *K = NULL;
|
||||
+ const char *msg = "Hello World!";
|
||||
+ unsigned char sig[256];
|
||||
size_t siglen = sizeof(sig);
|
||||
|
|
|
@ -1,6 +1,106 @@
|
|||
diff -up openssl-3.0.1/providers/implementations/rands/seeding/rand_unix.c.fipsrand openssl-3.0.1/providers/implementations/rands/seeding/rand_unix.c
|
||||
--- openssl-3.0.1/providers/implementations/rands/seeding/rand_unix.c.fipsrand 2022-08-03 11:09:01.301637515 +0200
|
||||
+++ openssl-3.0.1/providers/implementations/rands/seeding/rand_unix.c 2022-08-03 11:13:00.058688605 +0200
|
||||
From 89c00cc67b9b34bc94f9dc3a9fce9374bbaade03 Mon Sep 17 00:00:00 2001
|
||||
From: rpm-build <rpm-build>
|
||||
Date: Mon, 31 Jul 2023 09:41:29 +0200
|
||||
Subject: [PATCH 32/48] 0076-FIPS-140-3-DRBG.patch
|
||||
|
||||
Patch-name: 0076-FIPS-140-3-DRBG.patch
|
||||
Patch-id: 76
|
||||
Patch-status: |
|
||||
# Downstream only. Reseed DRBG using getrandom(GRND_RANDOM)
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=2102541
|
||||
From-dist-git-commit: 9409bc7044cf4b5773639cce20f51399888c45fd
|
||||
---
|
||||
crypto/rand/prov_seed.c | 9 ++-
|
||||
providers/implementations/rands/crngt.c | 6 +-
|
||||
providers/implementations/rands/drbg.c | 11 +++-
|
||||
providers/implementations/rands/drbg_local.h | 2 +-
|
||||
.../implementations/rands/seeding/rand_unix.c | 64 ++-----------------
|
||||
5 files changed, 28 insertions(+), 64 deletions(-)
|
||||
|
||||
diff --git a/crypto/rand/prov_seed.c b/crypto/rand/prov_seed.c
|
||||
index 96c499c957..61c4cd8779 100644
|
||||
--- a/crypto/rand/prov_seed.c
|
||||
+++ b/crypto/rand/prov_seed.c
|
||||
@@ -20,7 +20,14 @@ size_t ossl_rand_get_entropy(ossl_unused const OSSL_CORE_HANDLE *handle,
|
||||
size_t entropy_available;
|
||||
RAND_POOL *pool;
|
||||
|
||||
- pool = ossl_rand_pool_new(entropy, 1, min_len, max_len);
|
||||
+ /*
|
||||
+ * OpenSSL still implements an internal entropy pool of
|
||||
+ * some size that is hashed to get seed data.
|
||||
+ * Note that this is a conditioning step for which SP800-90C requires
|
||||
+ * 64 additional bits from the entropy source to claim the requested
|
||||
+ * amount of entropy.
|
||||
+ */
|
||||
+ pool = ossl_rand_pool_new(entropy + 64, 1, min_len, max_len);
|
||||
if (pool == NULL) {
|
||||
ERR_raise(ERR_LIB_RAND, ERR_R_MALLOC_FAILURE);
|
||||
return 0;
|
||||
diff --git a/providers/implementations/rands/crngt.c b/providers/implementations/rands/crngt.c
|
||||
index fa4a2db14a..1f13fc759e 100644
|
||||
--- a/providers/implementations/rands/crngt.c
|
||||
+++ b/providers/implementations/rands/crngt.c
|
||||
@@ -133,7 +133,11 @@ size_t ossl_crngt_get_entropy(PROV_DRBG *drbg,
|
||||
* to the nearest byte. If the entropy is of less than full quality,
|
||||
* the amount required should be scaled up appropriately here.
|
||||
*/
|
||||
- bytes_needed = (entropy + 7) / 8;
|
||||
+ /*
|
||||
+ * FIPS 140-3: the yet draft SP800-90C requires requested entropy
|
||||
+ * + 128 bits during initial seeding
|
||||
+ */
|
||||
+ bytes_needed = (entropy + 128 + 7) / 8;
|
||||
if (bytes_needed < min_len)
|
||||
bytes_needed = min_len;
|
||||
if (bytes_needed > max_len)
|
||||
diff --git a/providers/implementations/rands/drbg.c b/providers/implementations/rands/drbg.c
|
||||
index ea55363bf8..1b2410b3db 100644
|
||||
--- a/providers/implementations/rands/drbg.c
|
||||
+++ b/providers/implementations/rands/drbg.c
|
||||
@@ -570,6 +570,9 @@ int ossl_prov_drbg_reseed(PROV_DRBG *drbg, int prediction_resistance,
|
||||
#endif
|
||||
}
|
||||
|
||||
+#ifdef FIPS_MODULE
|
||||
+ prediction_resistance = 1;
|
||||
+#endif
|
||||
/* Reseed using our sources in addition */
|
||||
entropylen = get_entropy(drbg, &entropy, drbg->strength,
|
||||
drbg->min_entropylen, drbg->max_entropylen,
|
||||
@@ -662,8 +665,14 @@ int ossl_prov_drbg_generate(PROV_DRBG *drbg, unsigned char *out, size_t outlen,
|
||||
reseed_required = 1;
|
||||
}
|
||||
if (drbg->parent != NULL
|
||||
- && get_parent_reseed_count(drbg) != drbg->parent_reseed_counter)
|
||||
+ && get_parent_reseed_count(drbg) != drbg->parent_reseed_counter) {
|
||||
+#ifdef FIPS_MODULE
|
||||
+ /* Red Hat patches provide chain reseeding when necessary so just sync counters*/
|
||||
+ drbg->parent_reseed_counter = get_parent_reseed_count(drbg);
|
||||
+#else
|
||||
reseed_required = 1;
|
||||
+#endif
|
||||
+ }
|
||||
|
||||
if (reseed_required || prediction_resistance) {
|
||||
if (!ossl_prov_drbg_reseed(drbg, prediction_resistance, NULL, 0,
|
||||
diff --git a/providers/implementations/rands/drbg_local.h b/providers/implementations/rands/drbg_local.h
|
||||
index 3b5417b43b..d27c50950b 100644
|
||||
--- a/providers/implementations/rands/drbg_local.h
|
||||
+++ b/providers/implementations/rands/drbg_local.h
|
||||
@@ -38,7 +38,7 @@
|
||||
*
|
||||
* The value is in bytes.
|
||||
*/
|
||||
-#define CRNGT_BUFSIZ 16
|
||||
+#define CRNGT_BUFSIZ 32
|
||||
|
||||
/*
|
||||
* Maximum input size for the DRBG (entropy, nonce, personalization string)
|
||||
diff --git a/providers/implementations/rands/seeding/rand_unix.c b/providers/implementations/rands/seeding/rand_unix.c
|
||||
index cd02a0236d..98c917b6d8 100644
|
||||
--- a/providers/implementations/rands/seeding/rand_unix.c
|
||||
+++ b/providers/implementations/rands/seeding/rand_unix.c
|
||||
@@ -48,6 +48,8 @@
|
||||
# include <fcntl.h>
|
||||
# include <unistd.h>
|
||||
|
@ -9,8 +109,8 @@ diff -up openssl-3.0.1/providers/implementations/rands/seeding/rand_unix.c.fipsr
|
|||
+# include <openssl/evp.h>
|
||||
|
||||
static uint64_t get_time_stamp(void);
|
||||
static uint64_t get_timer_bits(void);
|
||||
@@ -342,66 +342,8 @@ static ssize_t syscall_random(void *buf,
|
||||
|
||||
@@ -341,66 +343,8 @@ static ssize_t syscall_random(void *buf, size_t buflen)
|
||||
* which is way below the OSSL_SSIZE_MAX limit. Therefore sign conversion
|
||||
* between size_t and ssize_t is safe even without a range check.
|
||||
*/
|
||||
|
@ -79,51 +179,6 @@ diff -up openssl-3.0.1/providers/implementations/rands/seeding/rand_unix.c.fipsr
|
|||
}
|
||||
# endif /* defined(OPENSSL_RAND_SEED_GETRANDOM) */
|
||||
|
||||
diff -up openssl-3.0.1/providers/implementations/rands/drbg.c.fipsrand openssl-3.0.1/providers/implementations/rands/drbg.c
|
||||
--- openssl-3.0.1/providers/implementations/rands/drbg.c.fipsrand 2022-08-03 12:14:39.409370134 +0200
|
||||
+++ openssl-3.0.1/providers/implementations/rands/drbg.c 2022-08-03 12:19:06.320700346 +0200
|
||||
@@ -575,6 +575,9 @@ int ossl_prov_drbg_reseed(PROV_DRBG *drb
|
||||
#endif
|
||||
}
|
||||
|
||||
+#ifdef FIPS_MODULE
|
||||
+ prediction_resistance = 1;
|
||||
+#endif
|
||||
/* Reseed using our sources in addition */
|
||||
entropylen = get_entropy(drbg, &entropy, drbg->strength,
|
||||
drbg->min_entropylen, drbg->max_entropylen,
|
||||
diff -up openssl-3.0.1/crypto/rand/prov_seed.c.fipsrand openssl-3.0.1/crypto/rand/prov_seed.c
|
||||
--- openssl-3.0.1/crypto/rand/prov_seed.c.fipsrand 2022-08-04 12:17:52.148556301 +0200
|
||||
+++ openssl-3.0.1/crypto/rand/prov_seed.c 2022-08-04 12:19:41.783533552 +0200
|
||||
@@ -20,7 +20,14 @@ size_t ossl_rand_get_entropy(ossl_unused
|
||||
size_t entropy_available;
|
||||
RAND_POOL *pool;
|
||||
|
||||
- pool = ossl_rand_pool_new(entropy, 1, min_len, max_len);
|
||||
+ /*
|
||||
+ * OpenSSL still implements an internal entropy pool of
|
||||
+ * some size that is hashed to get seed data.
|
||||
+ * Note that this is a conditioning step for which SP800-90C requires
|
||||
+ * 64 additional bits from the entropy source to claim the requested
|
||||
+ * amount of entropy.
|
||||
+ */
|
||||
+ pool = ossl_rand_pool_new(entropy + 64, 1, min_len, max_len);
|
||||
if (pool == NULL) {
|
||||
ERR_raise(ERR_LIB_RAND, ERR_R_MALLOC_FAILURE);
|
||||
return 0;
|
||||
diff -up openssl-3.0.1/providers/implementations/rands/crngt.c.fipsrand openssl-3.0.1/providers/implementations/rands/crngt.c
|
||||
--- openssl-3.0.1/providers/implementations/rands/crngt.c.fipsrand 2022-08-04 11:56:10.100950299 +0200
|
||||
+++ openssl-3.0.1/providers/implementations/rands/crngt.c 2022-08-04 11:59:11.241564925 +0200
|
||||
@@ -139,7 +139,11 @@ size_t ossl_crngt_get_entropy(PROV_DRBG
|
||||
* to the nearest byte. If the entropy is of less than full quality,
|
||||
* the amount required should be scaled up appropriately here.
|
||||
*/
|
||||
- bytes_needed = (entropy + 7) / 8;
|
||||
+ /*
|
||||
+ * FIPS 140-3: the yet draft SP800-90C requires requested entropy
|
||||
+ * + 128 bits during initial seeding
|
||||
+ */
|
||||
+ bytes_needed = (entropy + 128 + 7) / 8;
|
||||
if (bytes_needed < min_len)
|
||||
bytes_needed = min_len;
|
||||
if (bytes_needed > max_len)
|
||||
--
|
||||
2.41.0
|
||||
|
||||
|
|
|
@ -1,63 +1,26 @@
|
|||
diff -up openssl-3.0.1/crypto/ffc/ffc_params.c.fipszero openssl-3.0.1/crypto/ffc/ffc_params.c
|
||||
--- openssl-3.0.1/crypto/ffc/ffc_params.c.fipszero 2022-08-05 13:11:27.211413931 +0200
|
||||
+++ openssl-3.0.1/crypto/ffc/ffc_params.c 2022-08-05 13:11:34.151475891 +0200
|
||||
@@ -27,10 +27,10 @@ void ossl_ffc_params_init(FFC_PARAMS *pa
|
||||
|
||||
void ossl_ffc_params_cleanup(FFC_PARAMS *params)
|
||||
{
|
||||
- BN_free(params->p);
|
||||
- BN_free(params->q);
|
||||
- BN_free(params->g);
|
||||
- BN_free(params->j);
|
||||
+ BN_clear_free(params->p);
|
||||
+ BN_clear_free(params->q);
|
||||
+ BN_clear_free(params->g);
|
||||
+ BN_clear_free(params->j);
|
||||
OPENSSL_free(params->seed);
|
||||
ossl_ffc_params_init(params);
|
||||
}
|
||||
diff -up openssl-3.0.1/crypto/rsa/rsa_lib.c.fipszero openssl-3.0.1/crypto/rsa/rsa_lib.c
|
||||
--- openssl-3.0.1/crypto/rsa/rsa_lib.c.fipszero 2022-08-05 13:08:31.875848536 +0200
|
||||
+++ openssl-3.0.1/crypto/rsa/rsa_lib.c 2022-08-05 13:09:35.438416025 +0200
|
||||
@@ -155,8 +155,8 @@ void RSA_free(RSA *r)
|
||||
|
||||
CRYPTO_THREAD_lock_free(r->lock);
|
||||
|
||||
- BN_free(r->n);
|
||||
- BN_free(r->e);
|
||||
+ BN_clear_free(r->n);
|
||||
+ BN_clear_free(r->e);
|
||||
BN_clear_free(r->d);
|
||||
BN_clear_free(r->p);
|
||||
BN_clear_free(r->q);
|
||||
diff -up openssl-3.0.1/providers/implementations/kdfs/hkdf.c.fipszero openssl-3.0.1/providers/implementations/kdfs/hkdf.c
|
||||
--- openssl-3.0.1/providers/implementations/kdfs/hkdf.c.fipszero 2022-08-05 13:14:58.827303241 +0200
|
||||
+++ openssl-3.0.1/providers/implementations/kdfs/hkdf.c 2022-08-05 13:16:24.530068399 +0200
|
||||
@@ -116,7 +116,7 @@ static void kdf_hkdf_reset(void *vctx)
|
||||
void *provctx = ctx->provctx;
|
||||
|
||||
ossl_prov_digest_reset(&ctx->digest);
|
||||
- OPENSSL_free(ctx->salt);
|
||||
+ OPENSSL_clear_free(ctx->salt, ctx->salt_len);
|
||||
OPENSSL_free(ctx->prefix);
|
||||
OPENSSL_free(ctx->label);
|
||||
OPENSSL_clear_free(ctx->data, ctx->data_len);
|
||||
diff -up openssl-3.0.1/providers/implementations/kdfs/pbkdf2.c.fipszero openssl-3.0.1/providers/implementations/kdfs/pbkdf2.c
|
||||
--- openssl-3.0.1/providers/implementations/kdfs/pbkdf2.c.fipszero 2022-08-05 13:12:40.552068717 +0200
|
||||
+++ openssl-3.0.1/providers/implementations/kdfs/pbkdf2.c 2022-08-05 13:13:34.324548799 +0200
|
||||
@@ -83,7 +83,7 @@ static void *kdf_pbkdf2_new(void *provct
|
||||
static void kdf_pbkdf2_cleanup(KDF_PBKDF2 *ctx)
|
||||
{
|
||||
ossl_prov_digest_reset(&ctx->digest);
|
||||
- OPENSSL_free(ctx->salt);
|
||||
+ OPENSSL_clear_free(ctx->salt, ctx->salt_len);
|
||||
OPENSSL_clear_free(ctx->pass, ctx->pass_len);
|
||||
memset(ctx, 0, sizeof(*ctx));
|
||||
}
|
||||
diff -up openssl-3.0.1/crypto/ec/ec_lib.c.fipszero openssl-3.0.1/crypto/ec/ec_lib.c
|
||||
--- openssl-3.0.1/crypto/ec/ec_lib.c.fipszero 2022-08-05 13:48:32.221345774 +0200
|
||||
+++ openssl-3.0.1/crypto/ec/ec_lib.c 2022-08-05 13:49:16.138741452 +0200
|
||||
@@ -744,12 +744,16 @@ EC_POINT *EC_POINT_new(const EC_GROUP *g
|
||||
From 9c667a7ba589329f3a777b012bf69a0db7f7eda9 Mon Sep 17 00:00:00 2001
|
||||
From: rpm-build <rpm-build>
|
||||
Date: Mon, 31 Jul 2023 09:41:29 +0200
|
||||
Subject: [PATCH 33/35] 0077-FIPS-140-3-zeroization.patch
|
||||
|
||||
Patch-name: 0077-FIPS-140-3-zeroization.patch
|
||||
Patch-id: 77
|
||||
Patch-status: |
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=2102542
|
||||
From-dist-git-commit: 9409bc7044cf4b5773639cce20f51399888c45fd
|
||||
---
|
||||
crypto/ec/ec_lib.c | 4 ++++
|
||||
crypto/ffc/ffc_params.c | 8 ++++----
|
||||
crypto/rsa/rsa_lib.c | 4 ++--
|
||||
providers/implementations/kdfs/hkdf.c | 2 +-
|
||||
providers/implementations/kdfs/pbkdf2.c | 2 +-
|
||||
5 files changed, 12 insertions(+), 8 deletions(-)
|
||||
|
||||
diff --git a/crypto/ec/ec_lib.c b/crypto/ec/ec_lib.c
|
||||
index 6c37bf78ae..cfbc3c3c1d 100644
|
||||
--- a/crypto/ec/ec_lib.c
|
||||
+++ b/crypto/ec/ec_lib.c
|
||||
@@ -744,12 +744,16 @@ EC_POINT *EC_POINT_new(const EC_GROUP *group)
|
||||
|
||||
void EC_POINT_free(EC_POINT *point)
|
||||
{
|
||||
|
@ -74,3 +37,66 @@ diff -up openssl-3.0.1/crypto/ec/ec_lib.c.fipszero openssl-3.0.1/crypto/ec/ec_li
|
|||
}
|
||||
|
||||
void EC_POINT_clear_free(EC_POINT *point)
|
||||
diff --git a/crypto/ffc/ffc_params.c b/crypto/ffc/ffc_params.c
|
||||
index 3536efd1ad..f3c164b8fc 100644
|
||||
--- a/crypto/ffc/ffc_params.c
|
||||
+++ b/crypto/ffc/ffc_params.c
|
||||
@@ -27,10 +27,10 @@ void ossl_ffc_params_init(FFC_PARAMS *params)
|
||||
|
||||
void ossl_ffc_params_cleanup(FFC_PARAMS *params)
|
||||
{
|
||||
- BN_free(params->p);
|
||||
- BN_free(params->q);
|
||||
- BN_free(params->g);
|
||||
- BN_free(params->j);
|
||||
+ BN_clear_free(params->p);
|
||||
+ BN_clear_free(params->q);
|
||||
+ BN_clear_free(params->g);
|
||||
+ BN_clear_free(params->j);
|
||||
OPENSSL_free(params->seed);
|
||||
ossl_ffc_params_init(params);
|
||||
}
|
||||
diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c
|
||||
index 9588a75964..76b4aac6fc 100644
|
||||
--- a/crypto/rsa/rsa_lib.c
|
||||
+++ b/crypto/rsa/rsa_lib.c
|
||||
@@ -155,8 +155,8 @@ void RSA_free(RSA *r)
|
||||
|
||||
CRYPTO_THREAD_lock_free(r->lock);
|
||||
|
||||
- BN_free(r->n);
|
||||
- BN_free(r->e);
|
||||
+ BN_clear_free(r->n);
|
||||
+ BN_clear_free(r->e);
|
||||
BN_clear_free(r->d);
|
||||
BN_clear_free(r->p);
|
||||
BN_clear_free(r->q);
|
||||
diff --git a/providers/implementations/kdfs/hkdf.c b/providers/implementations/kdfs/hkdf.c
|
||||
index daa619b8af..5304baa6c9 100644
|
||||
--- a/providers/implementations/kdfs/hkdf.c
|
||||
+++ b/providers/implementations/kdfs/hkdf.c
|
||||
@@ -118,7 +118,7 @@ static void kdf_hkdf_reset(void *vctx)
|
||||
void *provctx = ctx->provctx;
|
||||
|
||||
ossl_prov_digest_reset(&ctx->digest);
|
||||
- OPENSSL_free(ctx->salt);
|
||||
+ OPENSSL_clear_free(ctx->salt, ctx->salt_len);
|
||||
OPENSSL_free(ctx->prefix);
|
||||
OPENSSL_free(ctx->label);
|
||||
OPENSSL_clear_free(ctx->data, ctx->data_len);
|
||||
diff --git a/providers/implementations/kdfs/pbkdf2.c b/providers/implementations/kdfs/pbkdf2.c
|
||||
index 5c3e7b95ce..349c3dd657 100644
|
||||
--- a/providers/implementations/kdfs/pbkdf2.c
|
||||
+++ b/providers/implementations/kdfs/pbkdf2.c
|
||||
@@ -92,7 +92,7 @@ static void *kdf_pbkdf2_new(void *provctx)
|
||||
static void kdf_pbkdf2_cleanup(KDF_PBKDF2 *ctx)
|
||||
{
|
||||
ossl_prov_digest_reset(&ctx->digest);
|
||||
- OPENSSL_free(ctx->salt);
|
||||
+ OPENSSL_clear_free(ctx->salt, ctx->salt_len);
|
||||
OPENSSL_clear_free(ctx->pass, ctx->pass_len);
|
||||
memset(ctx, 0, sizeof(*ctx));
|
||||
}
|
||||
--
|
||||
2.41.0
|
||||
|
||||
|
|
|
@ -1,119 +1,874 @@
|
|||
From c4b086fc4de06128695e1fe428f56d776d25e748 Mon Sep 17 00:00:00 2001
|
||||
From: Clemens Lang <cllang@redhat.com>
|
||||
Date: Thu, 11 Aug 2022 09:27:12 +0200
|
||||
Subject: [PATCH] Add FIPS indicator parameter to HKDF
|
||||
From 2000eaead63732669283e6b54c8ef02e268eaeb8 Mon Sep 17 00:00:00 2001
|
||||
From: rpm-build <rpm-build>
|
||||
Date: Mon, 31 Jul 2023 09:41:29 +0200
|
||||
Subject: [PATCH 34/48] 0078-Add-FIPS-indicator-parameter-to-HKDF.patch
|
||||
|
||||
NIST considers HKDF only acceptable when used as in TLS 1.3, and
|
||||
otherwise unapproved. Add an explicit indicator attached to the
|
||||
EVP_KDF_CTX that can be queried using EVP_KDF_CTX_get_params() to
|
||||
determine whether the KDF operation was approved after performing it.
|
||||
|
||||
Related: rhbz#2114772
|
||||
Signed-off-by: Clemens Lang <cllang@redhat.com>
|
||||
Patch-name: 0078-Add-FIPS-indicator-parameter-to-HKDF.patch
|
||||
Patch-id: 78
|
||||
Patch-status: |
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=2114772
|
||||
From-dist-git-commit: 9409bc7044cf4b5773639cce20f51399888c45fd
|
||||
---
|
||||
include/openssl/core_names.h | 1 +
|
||||
include/openssl/kdf.h | 4 ++
|
||||
providers/implementations/kdfs/hkdf.c | 53 +++++++++++++++++++++++++++
|
||||
3 files changed, 58 insertions(+)
|
||||
include/crypto/evp.h | 7 ++
|
||||
include/openssl/core_names.h | 1 +
|
||||
include/openssl/kdf.h | 4 +
|
||||
providers/implementations/kdfs/hkdf.c | 100 +++++++++++++++++++++-
|
||||
providers/implementations/kdfs/kbkdf.c | 82 ++++++++++++++++--
|
||||
providers/implementations/kdfs/sshkdf.c | 75 +++++++++++++++-
|
||||
providers/implementations/kdfs/sskdf.c | 100 +++++++++++++++++++++-
|
||||
providers/implementations/kdfs/tls1_prf.c | 74 +++++++++++++++-
|
||||
providers/implementations/kdfs/x942kdf.c | 66 +++++++++++++-
|
||||
9 files changed, 487 insertions(+), 22 deletions(-)
|
||||
|
||||
diff --git a/include/crypto/evp.h b/include/crypto/evp.h
|
||||
index dbbdcccbda..aa07153441 100644
|
||||
--- a/include/crypto/evp.h
|
||||
+++ b/include/crypto/evp.h
|
||||
@@ -219,6 +219,13 @@ struct evp_mac_st {
|
||||
OSSL_FUNC_mac_set_ctx_params_fn *set_ctx_params;
|
||||
};
|
||||
|
||||
+#ifdef FIPS_MODULE
|
||||
+/* According to NIST Special Publication 800-131Ar2, Section 8: Deriving
|
||||
+ * Additional Keys from a Cryptographic Key, "[t]he length of the
|
||||
+ * key-derivation key [i.e., the input key] shall be at least 112 bits". */
|
||||
+# define EVP_KDF_FIPS_MIN_KEY_LEN (112 / 8)
|
||||
+#endif
|
||||
+
|
||||
struct evp_kdf_st {
|
||||
OSSL_PROVIDER *prov;
|
||||
int name_id;
|
||||
diff --git a/include/openssl/core_names.h b/include/openssl/core_names.h
|
||||
index 21c94d0488..87786680d7 100644
|
||||
index c0cce14297..b431b9f871 100644
|
||||
--- a/include/openssl/core_names.h
|
||||
+++ b/include/openssl/core_names.h
|
||||
@@ -223,6 +223,7 @@ extern "C" {
|
||||
@@ -226,6 +226,7 @@ extern "C" {
|
||||
#define OSSL_KDF_PARAM_X942_SUPP_PUBINFO "supp-pubinfo"
|
||||
#define OSSL_KDF_PARAM_X942_SUPP_PRIVINFO "supp-privinfo"
|
||||
#define OSSL_KDF_PARAM_X942_USE_KEYBITS "use-keybits"
|
||||
+#define OSSL_KDF_PARAM_HKDF_REDHAT_FIPS_INDICATOR "hkdf-fips-indicator"
|
||||
+#define OSSL_KDF_PARAM_REDHAT_FIPS_INDICATOR "redhat-fips-indicator"
|
||||
|
||||
/* Known KDF names */
|
||||
#define OSSL_KDF_NAME_HKDF "HKDF"
|
||||
diff --git a/include/openssl/kdf.h b/include/openssl/kdf.h
|
||||
index 0983230a48..869f23d8fb 100644
|
||||
index 0983230a48..86171635ea 100644
|
||||
--- a/include/openssl/kdf.h
|
||||
+++ b/include/openssl/kdf.h
|
||||
@@ -63,6 +63,10 @@ int EVP_KDF_names_do_all(const EVP_KDF *kdf,
|
||||
# define EVP_KDF_HKDF_MODE_EXTRACT_ONLY 1
|
||||
# define EVP_KDF_HKDF_MODE_EXPAND_ONLY 2
|
||||
|
||||
+# define EVP_KDF_HKDF_FIPS_INDICATOR_UNDETERMINED 0
|
||||
+# define EVP_KDF_HKDF_FIPS_INDICATOR_APPROVED 1
|
||||
+# define EVP_KDF_HKDF_FIPS_INDICATOR_NOT_APPROVED 2
|
||||
+# define EVP_KDF_REDHAT_FIPS_INDICATOR_UNDETERMINED 0
|
||||
+# define EVP_KDF_REDHAT_FIPS_INDICATOR_APPROVED 1
|
||||
+# define EVP_KDF_REDHAT_FIPS_INDICATOR_NOT_APPROVED 2
|
||||
+
|
||||
#define EVP_KDF_SSHKDF_TYPE_INITIAL_IV_CLI_TO_SRV 65
|
||||
#define EVP_KDF_SSHKDF_TYPE_INITIAL_IV_SRV_TO_CLI 66
|
||||
#define EVP_KDF_SSHKDF_TYPE_ENCRYPTION_KEY_CLI_TO_SRV 67
|
||||
diff --git a/providers/implementations/kdfs/hkdf.c b/providers/implementations/kdfs/hkdf.c
|
||||
index afdb7138e1..9d28d292d8 100644
|
||||
index 5304baa6c9..f9c77f4236 100644
|
||||
--- a/providers/implementations/kdfs/hkdf.c
|
||||
+++ b/providers/implementations/kdfs/hkdf.c
|
||||
@@ -298,6 +298,56 @@ static int kdf_hkdf_get_ctx_params(void *vctx, OSSL_PARAM params[])
|
||||
return 0;
|
||||
return OSSL_PARAM_set_size_t(p, sz);
|
||||
@@ -43,6 +43,7 @@ static OSSL_FUNC_kdf_settable_ctx_params_fn kdf_hkdf_settable_ctx_params;
|
||||
static OSSL_FUNC_kdf_set_ctx_params_fn kdf_hkdf_set_ctx_params;
|
||||
static OSSL_FUNC_kdf_gettable_ctx_params_fn kdf_hkdf_gettable_ctx_params;
|
||||
static OSSL_FUNC_kdf_get_ctx_params_fn kdf_hkdf_get_ctx_params;
|
||||
+static OSSL_FUNC_kdf_newctx_fn kdf_tls1_3_new;
|
||||
static OSSL_FUNC_kdf_derive_fn kdf_tls1_3_derive;
|
||||
static OSSL_FUNC_kdf_settable_ctx_params_fn kdf_tls1_3_settable_ctx_params;
|
||||
static OSSL_FUNC_kdf_set_ctx_params_fn kdf_tls1_3_set_ctx_params;
|
||||
@@ -86,6 +87,10 @@ typedef struct {
|
||||
size_t data_len;
|
||||
unsigned char *info;
|
||||
size_t info_len;
|
||||
+ int is_tls13;
|
||||
+#ifdef FIPS_MODULE
|
||||
+ int fips_indicator;
|
||||
+#endif /* defined(FIPS_MODULE) */
|
||||
} KDF_HKDF;
|
||||
|
||||
static void *kdf_hkdf_new(void *provctx)
|
||||
@@ -201,6 +206,11 @@ static int kdf_hkdf_derive(void *vctx, unsigned char *key, size_t keylen,
|
||||
return 0;
|
||||
}
|
||||
|
||||
+#ifdef FIPS_MODULE
|
||||
+ if (keylen < EVP_KDF_FIPS_MIN_KEY_LEN)
|
||||
+ ctx->fips_indicator = EVP_KDF_REDHAT_FIPS_INDICATOR_NOT_APPROVED;
|
||||
+#endif /* defined(FIPS_MODULE) */
|
||||
+
|
||||
switch (ctx->mode) {
|
||||
case EVP_KDF_HKDF_MODE_EXTRACT_AND_EXPAND:
|
||||
default:
|
||||
@@ -363,15 +373,78 @@ static int kdf_hkdf_get_ctx_params(void *vctx, OSSL_PARAM params[])
|
||||
{
|
||||
KDF_HKDF *ctx = (KDF_HKDF *)vctx;
|
||||
OSSL_PARAM *p;
|
||||
+ int any_valid = 0; /* set to 1 when at least one parameter was valid */
|
||||
|
||||
if ((p = OSSL_PARAM_locate(params, OSSL_KDF_PARAM_SIZE)) != NULL) {
|
||||
size_t sz = kdf_hkdf_size(ctx);
|
||||
|
||||
- if (sz == 0)
|
||||
+ any_valid = 1;
|
||||
+
|
||||
+ if (sz == 0 || !OSSL_PARAM_set_size_t(p, sz))
|
||||
return 0;
|
||||
- return OSSL_PARAM_set_size_t(p, sz);
|
||||
}
|
||||
- return -2;
|
||||
+
|
||||
+#ifdef FIPS_MODULE
|
||||
+ if ((p = OSSL_PARAM_locate(params,
|
||||
+ OSSL_KDF_PARAM_HKDF_REDHAT_FIPS_INDICATOR)) != NULL) {
|
||||
+ int fips_indicator = EVP_KDF_HKDF_FIPS_INDICATOR_UNDETERMINED;
|
||||
+ switch (ctx->mode) {
|
||||
+ case EVP_KDF_HKDF_MODE_EXTRACT_AND_EXPAND:
|
||||
+ /* TLS 1.3 never uses extract-and-expand */
|
||||
+ fips_indicator = EVP_KDF_HKDF_FIPS_INDICATOR_NOT_APPROVED;
|
||||
+ break;
|
||||
+ case EVP_KDF_HKDF_MODE_EXTRACT_ONLY:
|
||||
+ {
|
||||
+ /* When TLS 1.3 uses extract, the following holds:
|
||||
+ * 1. The salt length matches the hash length, and either
|
||||
+ * 2.1. the key is all zeroes and matches the hash length, or
|
||||
+ * 2.2. the key originates from a PSK (resumption_master_secret
|
||||
+ * or some externally esablished key), or an ECDH or DH key
|
||||
+ * derivation. See
|
||||
+ * https://www.rfc-editor.org/rfc/rfc8446#section-7.1.
|
||||
+ * Unfortunately at this point, we cannot verify where the key
|
||||
+ * comes from, so all we can do is check the salt length.
|
||||
+ */
|
||||
+ const EVP_MD *md = ossl_prov_digest_md(&ctx->digest);
|
||||
+ if (md != NULL && ctx->salt_len == EVP_MD_get_size(md))
|
||||
+ fips_indicator = EVP_KDF_HKDF_FIPS_INDICATOR_APPROVED;
|
||||
+ else
|
||||
+ fips_indicator = EVP_KDF_HKDF_FIPS_INDICATOR_NOT_APPROVED;
|
||||
+ if ((p = OSSL_PARAM_locate(params, OSSL_KDF_PARAM_REDHAT_FIPS_INDICATOR))
|
||||
+ != NULL) {
|
||||
+ int fips_indicator = EVP_KDF_REDHAT_FIPS_INDICATOR_APPROVED;
|
||||
+ const EVP_MD *md = ossl_prov_digest_md(&ctx->digest);
|
||||
+
|
||||
+ any_valid = 1;
|
||||
+
|
||||
+ /* According to NIST Special Publication 800-131Ar2, Section 8:
|
||||
+ * Deriving Additional Keys from a Cryptographic Key, "[t]he length of
|
||||
+ * the key-derivation key [i.e., the input key] shall be at least 112
|
||||
+ * bits". */
|
||||
+ if (ctx->key_len < EVP_KDF_FIPS_MIN_KEY_LEN)
|
||||
+ fips_indicator = EVP_KDF_REDHAT_FIPS_INDICATOR_NOT_APPROVED;
|
||||
+
|
||||
+ /* Implementation Guidance for FIPS 140-3 and the Cryptographic Module
|
||||
+ * Verification Program, Section D.B and NIST Special Publication
|
||||
+ * 800-131Ar2, Section 1.2.2 say that any algorithm at a security
|
||||
+ * strength < 112 bits is legacy use only, so all derived keys should
|
||||
+ * be longer than that. If a derived key has ever been shorter than
|
||||
+ * that, ctx->output_keyelen_indicator will be NOT_APPROVED, and we
|
||||
+ * should also set the returned FIPS indicator to unapproved. */
|
||||
+ if (ctx->fips_indicator == EVP_KDF_REDHAT_FIPS_INDICATOR_NOT_APPROVED)
|
||||
+ fips_indicator = EVP_KDF_REDHAT_FIPS_INDICATOR_NOT_APPROVED;
|
||||
+
|
||||
+ if (ctx->is_tls13) {
|
||||
+ if (md != NULL
|
||||
+ && !EVP_MD_is_a(md, "SHA2-256")
|
||||
+ && !EVP_MD_is_a(md, "SHA2-384")) {
|
||||
+ /* Implementation Guidance for FIPS 140-3 and the Cryptographic
|
||||
+ * Module Validation Program, Section 2.4.B, (5): "The TLS 1.3
|
||||
+ * key derivation function documented in Section 7.1 of RFC
|
||||
+ * 8446. This is considered an approved CVL because the
|
||||
+ * underlying functions performed within the TLS 1.3 KDF map to
|
||||
+ * NIST approved standards, namely: SP 800-133rev2 (Section 6.3
|
||||
+ * Option #3), SP 800-56Crev2, and SP 800-108."
|
||||
+ *
|
||||
+ * RFC 8446 appendix B.4 only lists SHA-256 and SHA-384. */
|
||||
+ fips_indicator = EVP_KDF_REDHAT_FIPS_INDICATOR_NOT_APPROVED;
|
||||
+ }
|
||||
+ } else {
|
||||
+ if (md != NULL
|
||||
+ && (EVP_MD_is_a(md, "SHAKE-128") ||
|
||||
+ EVP_MD_is_a(md, "SHAKE-256"))) {
|
||||
+ /* HKDF is a SP 800-56Cr2 TwoStep KDF, for which all SHA-1,
|
||||
+ * SHA-2 and SHA-3 are approved. SHAKE is not approved, because
|
||||
+ * of FIPS 140-3 IG, section C.C: "The SHAKE128 and SHAKE256
|
||||
+ * extendable-output functions may only be used as the
|
||||
+ * standalone algorithms." */
|
||||
+ fips_indicator = EVP_KDF_REDHAT_FIPS_INDICATOR_NOT_APPROVED;
|
||||
+ }
|
||||
+ break;
|
||||
+ case EVP_KDF_HKDF_MODE_EXPAND_ONLY:
|
||||
+ /* When TLS 1.3 uses expand, it always provides a label that
|
||||
+ * contains an uint16 for the length, followed by between 7 and 255
|
||||
+ * bytes for a label string that starts with "tls13 " or "dtls13".
|
||||
+ * For compatibility with future versions, we only check for "tls"
|
||||
+ * or "dtls". See
|
||||
+ * https://www.rfc-editor.org/rfc/rfc8446#section-7.1 and
|
||||
+ * https://www.rfc-editor.org/rfc/rfc9147#section-5.9. */
|
||||
+ if (ctx->label != NULL
|
||||
+ && ctx->label_len >= 2 /* length */ + 4 /* "dtls" */
|
||||
+ && (strncmp("tls", (const char *)ctx->label + 2, 3) == 0 ||
|
||||
+ strncmp("dtls", (const char *)ctx->label + 2, 4) == 0))
|
||||
+ fips_indicator = EVP_KDF_HKDF_FIPS_INDICATOR_APPROVED;
|
||||
+ else
|
||||
+ fips_indicator = EVP_KDF_HKDF_FIPS_INDICATOR_NOT_APPROVED;
|
||||
+ break;
|
||||
+ }
|
||||
+ return OSSL_PARAM_set_int(p, fips_indicator);
|
||||
+ if (!OSSL_PARAM_set_int(p, fips_indicator))
|
||||
+ return 0;
|
||||
+ }
|
||||
+#endif /* defined(FIPS_MODULE) */
|
||||
+
|
||||
return -2;
|
||||
+ if (!any_valid)
|
||||
+ return -2;
|
||||
+
|
||||
+ return 1;
|
||||
}
|
||||
|
||||
@@ -306,6 +356,9 @@ static const OSSL_PARAM *kdf_hkdf_gettable_ctx_params(ossl_unused void *ctx,
|
||||
static const OSSL_PARAM *kdf_hkdf_gettable_ctx_params(ossl_unused void *ctx,
|
||||
@@ -379,6 +452,9 @@ static const OSSL_PARAM *kdf_hkdf_gettable_ctx_params(ossl_unused void *ctx,
|
||||
{
|
||||
static const OSSL_PARAM known_gettable_ctx_params[] = {
|
||||
OSSL_PARAM_size_t(OSSL_KDF_PARAM_SIZE, NULL),
|
||||
+#ifdef FIPS_MODULE
|
||||
+ OSSL_PARAM_int(OSSL_KDF_PARAM_HKDF_REDHAT_FIPS_INDICATOR, NULL),
|
||||
+ OSSL_PARAM_int(OSSL_KDF_PARAM_REDHAT_FIPS_INDICATOR, NULL),
|
||||
+#endif /* defined(FIPS_MODULE) */
|
||||
OSSL_PARAM_END
|
||||
};
|
||||
return known_gettable_ctx_params;
|
||||
@@ -709,6 +785,17 @@ static int prov_tls13_hkdf_generate_secret(OSSL_LIB_CTX *libctx,
|
||||
return ret;
|
||||
}
|
||||
|
||||
+static void *kdf_tls1_3_new(void *provctx)
|
||||
+{
|
||||
+ KDF_HKDF *hkdf = kdf_hkdf_new(provctx);
|
||||
+
|
||||
+ if (hkdf != NULL)
|
||||
+ hkdf->is_tls13 = 1;
|
||||
+
|
||||
+ return hkdf;
|
||||
+}
|
||||
+
|
||||
+
|
||||
static int kdf_tls1_3_derive(void *vctx, unsigned char *key, size_t keylen,
|
||||
const OSSL_PARAM params[])
|
||||
{
|
||||
@@ -724,6 +811,11 @@ static int kdf_tls1_3_derive(void *vctx, unsigned char *key, size_t keylen,
|
||||
return 0;
|
||||
}
|
||||
|
||||
+#ifdef FIPS_MODULE
|
||||
+ if (keylen < EVP_KDF_FIPS_MIN_KEY_LEN)
|
||||
+ ctx->fips_indicator = EVP_KDF_REDHAT_FIPS_INDICATOR_NOT_APPROVED;
|
||||
+#endif /* defined(FIPS_MODULE) */
|
||||
+
|
||||
switch (ctx->mode) {
|
||||
default:
|
||||
return 0;
|
||||
@@ -801,7 +893,7 @@ static const OSSL_PARAM *kdf_tls1_3_settable_ctx_params(ossl_unused void *ctx,
|
||||
}
|
||||
|
||||
const OSSL_DISPATCH ossl_kdf_tls1_3_kdf_functions[] = {
|
||||
- { OSSL_FUNC_KDF_NEWCTX, (void(*)(void))kdf_hkdf_new },
|
||||
+ { OSSL_FUNC_KDF_NEWCTX, (void(*)(void))kdf_tls1_3_new },
|
||||
{ OSSL_FUNC_KDF_DUPCTX, (void(*)(void))kdf_hkdf_dup },
|
||||
{ OSSL_FUNC_KDF_FREECTX, (void(*)(void))kdf_hkdf_free },
|
||||
{ OSSL_FUNC_KDF_RESET, (void(*)(void))kdf_hkdf_reset },
|
||||
diff --git a/providers/implementations/kdfs/kbkdf.c b/providers/implementations/kdfs/kbkdf.c
|
||||
index aa3df15bc7..3f82710061 100644
|
||||
--- a/providers/implementations/kdfs/kbkdf.c
|
||||
+++ b/providers/implementations/kdfs/kbkdf.c
|
||||
@@ -59,6 +59,9 @@ typedef struct {
|
||||
kbkdf_mode mode;
|
||||
EVP_MAC_CTX *ctx_init;
|
||||
|
||||
+ /* HMAC digest algorithm, if any; used to compute FIPS indicator */
|
||||
+ PROV_DIGEST digest;
|
||||
+
|
||||
/* Names are lowercased versions of those found in SP800-108. */
|
||||
int r;
|
||||
unsigned char *ki;
|
||||
@@ -72,6 +75,9 @@ typedef struct {
|
||||
int use_l;
|
||||
int is_kmac;
|
||||
int use_separator;
|
||||
+#ifdef FIPS_MODULE
|
||||
+ int fips_indicator;
|
||||
+#endif /* defined(FIPS_MODULE) */
|
||||
} KBKDF;
|
||||
|
||||
/* Definitions needed for typechecking. */
|
||||
@@ -143,6 +149,7 @@ static void kbkdf_reset(void *vctx)
|
||||
void *provctx = ctx->provctx;
|
||||
|
||||
EVP_MAC_CTX_free(ctx->ctx_init);
|
||||
+ ossl_prov_digest_reset(&ctx->digest);
|
||||
OPENSSL_clear_free(ctx->context, ctx->context_len);
|
||||
OPENSSL_clear_free(ctx->label, ctx->label_len);
|
||||
OPENSSL_clear_free(ctx->ki, ctx->ki_len);
|
||||
@@ -308,6 +315,11 @@ static int kbkdf_derive(void *vctx, unsigned char *key, size_t keylen,
|
||||
goto done;
|
||||
}
|
||||
|
||||
+#ifdef FIPS_MODULE
|
||||
+ if (keylen < EVP_KDF_FIPS_MIN_KEY_LEN)
|
||||
+ ctx->fips_indicator = EVP_KDF_REDHAT_FIPS_INDICATOR_NOT_APPROVED;
|
||||
+#endif /* defined(FIPS_MODULE) */
|
||||
+
|
||||
h = EVP_MAC_CTX_get_mac_size(ctx->ctx_init);
|
||||
if (h == 0)
|
||||
goto done;
|
||||
@@ -381,6 +393,9 @@ static int kbkdf_set_ctx_params(void *vctx, const OSSL_PARAM params[])
|
||||
}
|
||||
}
|
||||
|
||||
+ if (!ossl_prov_digest_load_from_params(&ctx->digest, params, libctx))
|
||||
+ return 0;
|
||||
+
|
||||
p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_MODE);
|
||||
if (p != NULL
|
||||
&& OPENSSL_strncasecmp("counter", p->data, p->data_size) == 0) {
|
||||
@@ -461,20 +476,77 @@ static const OSSL_PARAM *kbkdf_settable_ctx_params(ossl_unused void *ctx,
|
||||
static int kbkdf_get_ctx_params(void *vctx, OSSL_PARAM params[])
|
||||
{
|
||||
OSSL_PARAM *p;
|
||||
+ int any_valid = 0; /* set to 1 when at least one parameter was valid */
|
||||
|
||||
p = OSSL_PARAM_locate(params, OSSL_KDF_PARAM_SIZE);
|
||||
- if (p == NULL)
|
||||
+ if (p != NULL) {
|
||||
+ any_valid = 1;
|
||||
+
|
||||
+ /* KBKDF can produce results as large as you like. */
|
||||
+ if (!OSSL_PARAM_set_size_t(p, SIZE_MAX))
|
||||
+ return 0;
|
||||
+ }
|
||||
+
|
||||
+#ifdef FIPS_MODULE
|
||||
+ p = OSSL_PARAM_locate(params, OSSL_KDF_PARAM_REDHAT_FIPS_INDICATOR);
|
||||
+ if (p != NULL) {
|
||||
+ KBKDF *ctx = (KBKDF *)vctx;
|
||||
+ int fips_indicator = EVP_KDF_REDHAT_FIPS_INDICATOR_APPROVED;
|
||||
+
|
||||
+ any_valid = 1;
|
||||
+
|
||||
+ /* According to NIST Special Publication 800-131Ar2, Section 8:
|
||||
+ * Deriving Additional Keys from a Cryptographic Key, "[t]he length of
|
||||
+ * the key-derivation key [i.e., the input key] shall be at least 112
|
||||
+ * bits". */
|
||||
+ if (ctx->ki_len < EVP_KDF_FIPS_MIN_KEY_LEN)
|
||||
+ fips_indicator = EVP_KDF_REDHAT_FIPS_INDICATOR_NOT_APPROVED;
|
||||
+
|
||||
+ /* Implementation Guidance for FIPS 140-3 and the Cryptographic Module
|
||||
+ * Verification Program, Section D.B and NIST Special Publication
|
||||
+ * 800-131Ar2, Section 1.2.2 say that any algorithm at a security
|
||||
+ * strength < 112 bits is legacy use only, so all derived keys should
|
||||
+ * be longer than that. If a derived key has ever been shorter than
|
||||
+ * that, ctx->output_keyelen_indicator will be NOT_APPROVED, and we
|
||||
+ * should also set the returned FIPS indicator to unapproved. */
|
||||
+ if (ctx->fips_indicator == EVP_KDF_REDHAT_FIPS_INDICATOR_NOT_APPROVED)
|
||||
+ fips_indicator = EVP_KDF_REDHAT_FIPS_INDICATOR_NOT_APPROVED;
|
||||
+
|
||||
+ /* Implementation Guidance for FIPS 140-3 and the Cryptographic Module
|
||||
+ * Validation Program, Section C.C: "The SHAKE128 and SHAKE256
|
||||
+ * extendable-output functions may only be used as the standalone
|
||||
+ * algorithms." Note that the digest is only used when the MAC
|
||||
+ * algorithm is HMAC. */
|
||||
+ if (ctx->ctx_init != NULL
|
||||
+ && EVP_MAC_is_a(EVP_MAC_CTX_get0_mac(ctx->ctx_init), OSSL_MAC_NAME_HMAC)) {
|
||||
+ const EVP_MD *md = ossl_prov_digest_md(&ctx->digest);
|
||||
+ if (md != NULL
|
||||
+ && (EVP_MD_is_a(md, "SHAKE-128") || EVP_MD_is_a(md, "SHAKE-256"))) {
|
||||
+ fips_indicator = EVP_KDF_REDHAT_FIPS_INDICATOR_NOT_APPROVED;
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ if (!OSSL_PARAM_set_int(p, fips_indicator))
|
||||
+ return 0;
|
||||
+ }
|
||||
+#endif
|
||||
+
|
||||
+ if (!any_valid)
|
||||
return -2;
|
||||
|
||||
- /* KBKDF can produce results as large as you like. */
|
||||
- return OSSL_PARAM_set_size_t(p, SIZE_MAX);
|
||||
+ return 1;
|
||||
}
|
||||
|
||||
static const OSSL_PARAM *kbkdf_gettable_ctx_params(ossl_unused void *ctx,
|
||||
ossl_unused void *provctx)
|
||||
{
|
||||
- static const OSSL_PARAM known_gettable_ctx_params[] =
|
||||
- { OSSL_PARAM_size_t(OSSL_KDF_PARAM_SIZE, NULL), OSSL_PARAM_END };
|
||||
+ static const OSSL_PARAM known_gettable_ctx_params[] = {
|
||||
+ OSSL_PARAM_size_t(OSSL_KDF_PARAM_SIZE, NULL),
|
||||
+#ifdef FIPS_MODULE
|
||||
+ OSSL_PARAM_int(OSSL_KDF_PARAM_REDHAT_FIPS_INDICATOR, NULL),
|
||||
+#endif /* defined(FIPS_MODULE) */
|
||||
+ OSSL_PARAM_END
|
||||
+ };
|
||||
return known_gettable_ctx_params;
|
||||
}
|
||||
|
||||
diff --git a/providers/implementations/kdfs/sshkdf.c b/providers/implementations/kdfs/sshkdf.c
|
||||
index 1afac4e477..389b82b714 100644
|
||||
--- a/providers/implementations/kdfs/sshkdf.c
|
||||
+++ b/providers/implementations/kdfs/sshkdf.c
|
||||
@@ -49,6 +49,9 @@ typedef struct {
|
||||
char type; /* X */
|
||||
unsigned char *session_id;
|
||||
size_t session_id_len;
|
||||
+#ifdef FIPS_MODULE
|
||||
+ int fips_indicator;
|
||||
+#endif /* defined(FIPS_MODULE) */
|
||||
} KDF_SSHKDF;
|
||||
|
||||
static void *kdf_sshkdf_new(void *provctx)
|
||||
@@ -151,6 +154,12 @@ static int kdf_sshkdf_derive(void *vctx, unsigned char *key, size_t keylen,
|
||||
ERR_raise(ERR_LIB_PROV, PROV_R_MISSING_TYPE);
|
||||
return 0;
|
||||
}
|
||||
+
|
||||
+#ifdef FIPS_MODULE
|
||||
+ if (keylen < EVP_KDF_FIPS_MIN_KEY_LEN)
|
||||
+ ctx->fips_indicator = EVP_KDF_REDHAT_FIPS_INDICATOR_NOT_APPROVED;
|
||||
+#endif /* defined(FIPS_MODULE) */
|
||||
+
|
||||
return SSHKDF(md, ctx->key, ctx->key_len,
|
||||
ctx->xcghash, ctx->xcghash_len,
|
||||
ctx->session_id, ctx->session_id_len,
|
||||
@@ -219,10 +228,67 @@ static const OSSL_PARAM *kdf_sshkdf_settable_ctx_params(ossl_unused void *ctx,
|
||||
static int kdf_sshkdf_get_ctx_params(void *vctx, OSSL_PARAM params[])
|
||||
{
|
||||
OSSL_PARAM *p;
|
||||
+ int any_valid = 0; /* set to 1 when at least one parameter was valid */
|
||||
|
||||
- if ((p = OSSL_PARAM_locate(params, OSSL_KDF_PARAM_SIZE)) != NULL)
|
||||
- return OSSL_PARAM_set_size_t(p, SIZE_MAX);
|
||||
- return -2;
|
||||
+ if ((p = OSSL_PARAM_locate(params, OSSL_KDF_PARAM_SIZE)) != NULL) {
|
||||
+ any_valid = 1;
|
||||
+
|
||||
+ if (!OSSL_PARAM_set_size_t(p, SIZE_MAX))
|
||||
+ return 0;
|
||||
+ }
|
||||
+
|
||||
+#ifdef FIPS_MODULE
|
||||
+ p = OSSL_PARAM_locate(params, OSSL_KDF_PARAM_REDHAT_FIPS_INDICATOR);
|
||||
+ if (p != NULL) {
|
||||
+ KDF_SSHKDF *ctx = vctx;
|
||||
+ int fips_indicator = EVP_KDF_REDHAT_FIPS_INDICATOR_APPROVED;
|
||||
+
|
||||
+ any_valid = 1;
|
||||
+
|
||||
+ /* According to NIST Special Publication 800-131Ar2, Section 8:
|
||||
+ * Deriving Additional Keys from a Cryptographic Key, "[t]he length of
|
||||
+ * the key-derivation key [i.e., the input key] shall be at least 112
|
||||
+ * bits". */
|
||||
+ if (ctx->key_len < EVP_KDF_FIPS_MIN_KEY_LEN)
|
||||
+ fips_indicator = EVP_KDF_REDHAT_FIPS_INDICATOR_NOT_APPROVED;
|
||||
+
|
||||
+ /* Implementation Guidance for FIPS 140-3 and the Cryptographic Module
|
||||
+ * Verification Program, Section D.B and NIST Special Publication
|
||||
+ * 800-131Ar2, Section 1.2.2 say that any algorithm at a security
|
||||
+ * strength < 112 bits is legacy use only, so all derived keys should
|
||||
+ * be longer than that. If a derived key has ever been shorter than
|
||||
+ * that, ctx->output_keyelen_indicator will be NOT_APPROVED, and we
|
||||
+ * should also set the returned FIPS indicator to unapproved. */
|
||||
+ if (ctx->fips_indicator == EVP_KDF_REDHAT_FIPS_INDICATOR_NOT_APPROVED)
|
||||
+ fips_indicator = EVP_KDF_REDHAT_FIPS_INDICATOR_NOT_APPROVED;
|
||||
+
|
||||
+ /* Implementation Guidance for FIPS 140-3 and the Cryptographic Module
|
||||
+ * Validation Program, Section C.C: "The SHAKE128 and SHAKE256
|
||||
+ * extendable-output functions may only be used as the standalone
|
||||
+ * algorithms."
|
||||
+ *
|
||||
+ * Additionally, SP 800-135r1 section 5.2 specifies that the hash
|
||||
+ * function used in SSHKDF "is one of the hash functions specified in
|
||||
+ * FIPS 180-3.", which rules out SHA-3 and truncated variants of SHA-2.
|
||||
+ * */
|
||||
+ if (ctx->digest.md != NULL
|
||||
+ && !EVP_MD_is_a(ctx->digest.md, "SHA-1")
|
||||
+ && !EVP_MD_is_a(ctx->digest.md, "SHA2-224")
|
||||
+ && !EVP_MD_is_a(ctx->digest.md, "SHA2-256")
|
||||
+ && !EVP_MD_is_a(ctx->digest.md, "SHA2-384")
|
||||
+ && !EVP_MD_is_a(ctx->digest.md, "SHA2-512")) {
|
||||
+ fips_indicator = EVP_KDF_REDHAT_FIPS_INDICATOR_NOT_APPROVED;
|
||||
+ }
|
||||
+
|
||||
+ if (!OSSL_PARAM_set_int(p, fips_indicator))
|
||||
+ return 0;
|
||||
+ }
|
||||
+#endif
|
||||
+
|
||||
+ if (!any_valid)
|
||||
+ return -2;
|
||||
+
|
||||
+ return 1;
|
||||
}
|
||||
|
||||
static const OSSL_PARAM *kdf_sshkdf_gettable_ctx_params(ossl_unused void *ctx,
|
||||
@@ -230,6 +296,9 @@ static const OSSL_PARAM *kdf_sshkdf_gettable_ctx_params(ossl_unused void *ctx,
|
||||
{
|
||||
static const OSSL_PARAM known_gettable_ctx_params[] = {
|
||||
OSSL_PARAM_size_t(OSSL_KDF_PARAM_SIZE, NULL),
|
||||
+#ifdef FIPS_MODULE
|
||||
+ OSSL_PARAM_int(OSSL_KDF_PARAM_REDHAT_FIPS_INDICATOR, NULL),
|
||||
+#endif /* defined(FIPS_MODULE) */
|
||||
OSSL_PARAM_END
|
||||
};
|
||||
return known_gettable_ctx_params;
|
||||
diff --git a/providers/implementations/kdfs/sskdf.c b/providers/implementations/kdfs/sskdf.c
|
||||
index ecb98de6fd..98fcc583d8 100644
|
||||
--- a/providers/implementations/kdfs/sskdf.c
|
||||
+++ b/providers/implementations/kdfs/sskdf.c
|
||||
@@ -63,6 +63,10 @@ typedef struct {
|
||||
size_t salt_len;
|
||||
size_t out_len; /* optional KMAC parameter */
|
||||
int is_kmac;
|
||||
+ int is_x963kdf;
|
||||
+#ifdef FIPS_MODULE
|
||||
+ int fips_indicator;
|
||||
+#endif /* defined(FIPS_MODULE) */
|
||||
} KDF_SSKDF;
|
||||
|
||||
#define SSKDF_MAX_INLEN (1<<30)
|
||||
@@ -73,6 +77,7 @@ typedef struct {
|
||||
static const unsigned char kmac_custom_str[] = { 0x4B, 0x44, 0x46 };
|
||||
|
||||
static OSSL_FUNC_kdf_newctx_fn sskdf_new;
|
||||
+static OSSL_FUNC_kdf_newctx_fn x963kdf_new;
|
||||
static OSSL_FUNC_kdf_dupctx_fn sskdf_dup;
|
||||
static OSSL_FUNC_kdf_freectx_fn sskdf_free;
|
||||
static OSSL_FUNC_kdf_reset_fn sskdf_reset;
|
||||
@@ -297,6 +302,16 @@ static void *sskdf_new(void *provctx)
|
||||
return ctx;
|
||||
}
|
||||
|
||||
+static void *x963kdf_new(void *provctx)
|
||||
+{
|
||||
+ KDF_SSKDF *ctx = sskdf_new(provctx);
|
||||
+
|
||||
+ if (ctx)
|
||||
+ ctx->is_x963kdf = 1;
|
||||
+
|
||||
+ return ctx;
|
||||
+}
|
||||
+
|
||||
static void sskdf_reset(void *vctx)
|
||||
{
|
||||
KDF_SSKDF *ctx = (KDF_SSKDF *)vctx;
|
||||
@@ -392,6 +407,11 @@ static int sskdf_derive(void *vctx, unsigned char *key, size_t keylen,
|
||||
}
|
||||
md = ossl_prov_digest_md(&ctx->digest);
|
||||
|
||||
+#ifdef FIPS_MODULE
|
||||
+ if (keylen < EVP_KDF_FIPS_MIN_KEY_LEN)
|
||||
+ ctx->fips_indicator = EVP_KDF_REDHAT_FIPS_INDICATOR_NOT_APPROVED;
|
||||
+#endif /* defined(FIPS_MODULE) */
|
||||
+
|
||||
if (ctx->macctx != NULL) {
|
||||
/* H(x) = KMAC or H(x) = HMAC */
|
||||
int ret;
|
||||
@@ -473,6 +493,11 @@ static int x963kdf_derive(void *vctx, unsigned char *key, size_t keylen,
|
||||
return 0;
|
||||
}
|
||||
|
||||
+#ifdef FIPS_MODULE
|
||||
+ if (keylen < EVP_KDF_FIPS_MIN_KEY_LEN)
|
||||
+ ctx->fips_indicator = EVP_KDF_REDHAT_FIPS_INDICATOR_NOT_APPROVED;
|
||||
+#endif /* defined(FIPS_MODULE) */
|
||||
+
|
||||
return SSKDF_hash_kdm(md, ctx->secret, ctx->secret_len,
|
||||
ctx->info, ctx->info_len, 1, key, keylen);
|
||||
}
|
||||
@@ -545,10 +570,74 @@ static int sskdf_get_ctx_params(void *vctx, OSSL_PARAM params[])
|
||||
{
|
||||
KDF_SSKDF *ctx = (KDF_SSKDF *)vctx;
|
||||
OSSL_PARAM *p;
|
||||
+ int any_valid = 0; /* set to 1 when at least one parameter was valid */
|
||||
+
|
||||
+ if ((p = OSSL_PARAM_locate(params, OSSL_KDF_PARAM_SIZE)) != NULL) {
|
||||
+ any_valid = 1;
|
||||
+
|
||||
+ if (!OSSL_PARAM_set_size_t(p, sskdf_size(ctx)))
|
||||
+ return 0;
|
||||
+ }
|
||||
|
||||
- if ((p = OSSL_PARAM_locate(params, OSSL_KDF_PARAM_SIZE)) != NULL)
|
||||
- return OSSL_PARAM_set_size_t(p, sskdf_size(ctx));
|
||||
- return -2;
|
||||
+#ifdef FIPS_MODULE
|
||||
+ p = OSSL_PARAM_locate(params, OSSL_KDF_PARAM_REDHAT_FIPS_INDICATOR);
|
||||
+ if (p != NULL) {
|
||||
+ int fips_indicator = EVP_KDF_REDHAT_FIPS_INDICATOR_APPROVED;
|
||||
+
|
||||
+ any_valid = 1;
|
||||
+
|
||||
+ /* According to NIST Special Publication 800-131Ar2, Section 8:
|
||||
+ * Deriving Additional Keys from a Cryptographic Key, "[t]he length of
|
||||
+ * the key-derivation key [i.e., the input key] shall be at least 112
|
||||
+ * bits". */
|
||||
+ if (ctx->secret_len < EVP_KDF_FIPS_MIN_KEY_LEN)
|
||||
+ fips_indicator = EVP_KDF_REDHAT_FIPS_INDICATOR_NOT_APPROVED;
|
||||
+
|
||||
+ /* Implementation Guidance for FIPS 140-3 and the Cryptographic Module
|
||||
+ * Verification Program, Section D.B and NIST Special Publication
|
||||
+ * 800-131Ar2, Section 1.2.2 say that any algorithm at a security
|
||||
+ * strength < 112 bits is legacy use only, so all derived keys should
|
||||
+ * be longer than that. If a derived key has ever been shorter than
|
||||
+ * that, ctx->output_keyelen_indicator will be NOT_APPROVED, and we
|
||||
+ * should also set the returned FIPS indicator to unapproved. */
|
||||
+ if (ctx->fips_indicator == EVP_KDF_REDHAT_FIPS_INDICATOR_NOT_APPROVED)
|
||||
+ fips_indicator = EVP_KDF_REDHAT_FIPS_INDICATOR_NOT_APPROVED;
|
||||
+
|
||||
+ /* Implementation Guidance for FIPS 140-3 and the Cryptographic Module
|
||||
+ * Validation Program, Section C.C: "The SHAKE128 and SHAKE256
|
||||
+ * extendable-output functions may only be used as the standalone
|
||||
+ * algorithms." */
|
||||
+ if (ctx->macctx == NULL
|
||||
+ || (ctx->macctx != NULL &&
|
||||
+ EVP_MAC_is_a(EVP_MAC_CTX_get0_mac(ctx->macctx), OSSL_MAC_NAME_HMAC))) {
|
||||
+ if (ctx->digest.md != NULL
|
||||
+ && (EVP_MD_is_a(ctx->digest.md, "SHAKE-128") ||
|
||||
+ EVP_MD_is_a(ctx->digest.md, "SHAKE-256"))) {
|
||||
+ fips_indicator = EVP_KDF_REDHAT_FIPS_INDICATOR_NOT_APPROVED;
|
||||
+ }
|
||||
+
|
||||
+ /* Table H-3 in ANS X9.63-2001 says that 160-bit hash functions
|
||||
+ * should only be used for 80-bit key agreement, but FIPS 140-3
|
||||
+ * requires a security strength of 112 bits, so SHA-1 cannot be
|
||||
+ * used with X9.63. See the discussion in
|
||||
+ * https://github.com/usnistgov/ACVP/issues/1403#issuecomment-1435300395.
|
||||
+ */
|
||||
+ if (ctx->is_x963kdf
|
||||
+ && ctx->digest.md != NULL
|
||||
+ && EVP_MD_is_a(ctx->digest.md, "SHA-1")) {
|
||||
+ fips_indicator = EVP_KDF_REDHAT_FIPS_INDICATOR_NOT_APPROVED;
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ if (!OSSL_PARAM_set_int(p, fips_indicator))
|
||||
+ return 0;
|
||||
+ }
|
||||
+#endif
|
||||
+
|
||||
+ if (!any_valid)
|
||||
+ return -2;
|
||||
+
|
||||
+ return 1;
|
||||
}
|
||||
|
||||
static const OSSL_PARAM *sskdf_gettable_ctx_params(ossl_unused void *ctx,
|
||||
@@ -556,6 +645,9 @@ static const OSSL_PARAM *sskdf_gettable_ctx_params(ossl_unused void *ctx,
|
||||
{
|
||||
static const OSSL_PARAM known_gettable_ctx_params[] = {
|
||||
OSSL_PARAM_size_t(OSSL_KDF_PARAM_SIZE, NULL),
|
||||
+#ifdef FIPS_MODULE
|
||||
+ OSSL_PARAM_int(OSSL_KDF_PARAM_REDHAT_FIPS_INDICATOR, 0),
|
||||
+#endif /* defined(FIPS_MODULE) */
|
||||
OSSL_PARAM_END
|
||||
};
|
||||
return known_gettable_ctx_params;
|
||||
@@ -577,7 +669,7 @@ const OSSL_DISPATCH ossl_kdf_sskdf_functions[] = {
|
||||
};
|
||||
|
||||
const OSSL_DISPATCH ossl_kdf_x963_kdf_functions[] = {
|
||||
- { OSSL_FUNC_KDF_NEWCTX, (void(*)(void))sskdf_new },
|
||||
+ { OSSL_FUNC_KDF_NEWCTX, (void(*)(void))x963kdf_new },
|
||||
{ OSSL_FUNC_KDF_DUPCTX, (void(*)(void))sskdf_dup },
|
||||
{ OSSL_FUNC_KDF_FREECTX, (void(*)(void))sskdf_free },
|
||||
{ OSSL_FUNC_KDF_RESET, (void(*)(void))sskdf_reset },
|
||||
diff --git a/providers/implementations/kdfs/tls1_prf.c b/providers/implementations/kdfs/tls1_prf.c
|
||||
index 54124ad4cb..25a6c79a2e 100644
|
||||
--- a/providers/implementations/kdfs/tls1_prf.c
|
||||
+++ b/providers/implementations/kdfs/tls1_prf.c
|
||||
@@ -104,6 +104,13 @@ typedef struct {
|
||||
/* Buffer of concatenated seed data */
|
||||
unsigned char seed[TLS1_PRF_MAXBUF];
|
||||
size_t seedlen;
|
||||
+
|
||||
+ /* MAC digest algorithm; used to compute FIPS indicator */
|
||||
+ PROV_DIGEST digest;
|
||||
+
|
||||
+#ifdef FIPS_MODULE
|
||||
+ int fips_indicator;
|
||||
+#endif /* defined(FIPS_MODULE) */
|
||||
} TLS1_PRF;
|
||||
|
||||
static void *kdf_tls1_prf_new(void *provctx)
|
||||
@@ -140,6 +147,7 @@ static void kdf_tls1_prf_reset(void *vctx)
|
||||
EVP_MAC_CTX_free(ctx->P_sha1);
|
||||
OPENSSL_clear_free(ctx->sec, ctx->seclen);
|
||||
OPENSSL_cleanse(ctx->seed, ctx->seedlen);
|
||||
+ ossl_prov_digest_reset(&ctx->digest);
|
||||
memset(ctx, 0, sizeof(*ctx));
|
||||
ctx->provctx = provctx;
|
||||
}
|
||||
@@ -194,6 +202,10 @@ static int kdf_tls1_prf_derive(void *vctx, unsigned char *key, size_t keylen,
|
||||
ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH);
|
||||
return 0;
|
||||
}
|
||||
+#ifdef FIPS_MODULE
|
||||
+ if (keylen < EVP_KDF_FIPS_MIN_KEY_LEN)
|
||||
+ ctx->fips_indicator = EVP_KDF_REDHAT_FIPS_INDICATOR_NOT_APPROVED;
|
||||
+#endif /* defined(FIPS_MODULE) */
|
||||
|
||||
/*
|
||||
* The seed buffer is prepended with a label.
|
||||
@@ -243,6 +255,9 @@ static int kdf_tls1_prf_set_ctx_params(void *vctx, const OSSL_PARAM params[])
|
||||
}
|
||||
}
|
||||
|
||||
+ if (!ossl_prov_digest_load_from_params(&ctx->digest, params, libctx))
|
||||
+ return 0;
|
||||
+
|
||||
if ((p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_SECRET)) != NULL) {
|
||||
OPENSSL_clear_free(ctx->sec, ctx->seclen);
|
||||
ctx->sec = NULL;
|
||||
@@ -284,10 +299,60 @@ static const OSSL_PARAM *kdf_tls1_prf_settable_ctx_params(
|
||||
static int kdf_tls1_prf_get_ctx_params(void *vctx, OSSL_PARAM params[])
|
||||
{
|
||||
OSSL_PARAM *p;
|
||||
+#ifdef FIPS_MODULE
|
||||
+ TLS1_PRF *ctx = vctx;
|
||||
+#endif /* defined(FIPS_MODULE) */
|
||||
+ int any_valid = 0; /* set to 1 when at least one parameter was valid */
|
||||
+
|
||||
+ if ((p = OSSL_PARAM_locate(params, OSSL_KDF_PARAM_SIZE)) != NULL) {
|
||||
+ any_valid = 1;
|
||||
+
|
||||
+ if (!OSSL_PARAM_set_size_t(p, SIZE_MAX))
|
||||
+ return 0;
|
||||
+ }
|
||||
+
|
||||
+#ifdef FIPS_MODULE
|
||||
+ p = OSSL_PARAM_locate(params, OSSL_KDF_PARAM_REDHAT_FIPS_INDICATOR);
|
||||
+ if (p != NULL) {
|
||||
+ int fips_indicator = EVP_KDF_REDHAT_FIPS_INDICATOR_APPROVED;
|
||||
+
|
||||
+ any_valid = 1;
|
||||
+
|
||||
+ /* According to NIST Special Publication 800-131Ar2, Section 8:
|
||||
+ * Deriving Additional Keys from a Cryptographic Key, "[t]he length of
|
||||
+ * the key-derivation key [i.e., the input key] shall be at least 112
|
||||
+ * bits". */
|
||||
+ if (ctx->seclen < EVP_KDF_FIPS_MIN_KEY_LEN)
|
||||
+ fips_indicator = EVP_KDF_REDHAT_FIPS_INDICATOR_NOT_APPROVED;
|
||||
+
|
||||
+ /* Implementation Guidance for FIPS 140-3 and the Cryptographic Module
|
||||
+ * Verification Program, Section D.B and NIST Special Publication
|
||||
+ * 800-131Ar2, Section 1.2.2 say that any algorithm at a security
|
||||
+ * strength < 112 bits is legacy use only, so all derived keys should
|
||||
+ * be longer than that. If a derived key has ever been shorter than
|
||||
+ * that, ctx->output_keyelen_indicator will be NOT_APPROVED, and we
|
||||
+ * should also set the returned FIPS indicator to unapproved. */
|
||||
+ if (ctx->fips_indicator == EVP_KDF_REDHAT_FIPS_INDICATOR_NOT_APPROVED)
|
||||
+ fips_indicator = EVP_KDF_REDHAT_FIPS_INDICATOR_NOT_APPROVED;
|
||||
+
|
||||
+ /* SP 800-135r1 section 4.2.2 says TLS 1.2 KDF is approved when "(3)
|
||||
+ * P_HASH uses either SHA-256, SHA-384 or SHA-512." */
|
||||
+ if (ctx->digest.md != NULL
|
||||
+ && !EVP_MD_is_a(ctx->digest.md, "SHA2-256")
|
||||
+ && !EVP_MD_is_a(ctx->digest.md, "SHA2-384")
|
||||
+ && !EVP_MD_is_a(ctx->digest.md, "SHA2-512")) {
|
||||
+ fips_indicator = EVP_KDF_REDHAT_FIPS_INDICATOR_NOT_APPROVED;
|
||||
+ }
|
||||
+
|
||||
+ if (!OSSL_PARAM_set_int(p, fips_indicator))
|
||||
+ return 0;
|
||||
+ }
|
||||
+#endif
|
||||
|
||||
- if ((p = OSSL_PARAM_locate(params, OSSL_KDF_PARAM_SIZE)) != NULL)
|
||||
- return OSSL_PARAM_set_size_t(p, SIZE_MAX);
|
||||
- return -2;
|
||||
+ if (!any_valid)
|
||||
+ return -2;
|
||||
+
|
||||
+ return 1;
|
||||
}
|
||||
|
||||
static const OSSL_PARAM *kdf_tls1_prf_gettable_ctx_params(
|
||||
@@ -295,6 +360,9 @@ static const OSSL_PARAM *kdf_tls1_prf_gettable_ctx_params(
|
||||
{
|
||||
static const OSSL_PARAM known_gettable_ctx_params[] = {
|
||||
OSSL_PARAM_size_t(OSSL_KDF_PARAM_SIZE, NULL),
|
||||
+#ifdef FIPS_MODULE
|
||||
+ OSSL_PARAM_int(OSSL_KDF_PARAM_REDHAT_FIPS_INDICATOR, 0),
|
||||
+#endif /* defined(FIPS_MODULE) */
|
||||
OSSL_PARAM_END
|
||||
};
|
||||
return known_gettable_ctx_params;
|
||||
diff --git a/providers/implementations/kdfs/x942kdf.c b/providers/implementations/kdfs/x942kdf.c
|
||||
index 4c274fe27a..5ce23c8eb9 100644
|
||||
--- a/providers/implementations/kdfs/x942kdf.c
|
||||
+++ b/providers/implementations/kdfs/x942kdf.c
|
||||
@@ -13,11 +13,13 @@
|
||||
#include <openssl/core_dispatch.h>
|
||||
#include <openssl/err.h>
|
||||
#include <openssl/evp.h>
|
||||
+#include <openssl/kdf.h>
|
||||
#include <openssl/params.h>
|
||||
#include <openssl/proverr.h>
|
||||
#include "internal/packet.h"
|
||||
#include "internal/der.h"
|
||||
#include "internal/nelem.h"
|
||||
+#include "crypto/evp.h"
|
||||
#include "prov/provider_ctx.h"
|
||||
#include "prov/providercommon.h"
|
||||
#include "prov/implementations.h"
|
||||
@@ -49,6 +51,9 @@ typedef struct {
|
||||
const unsigned char *cek_oid;
|
||||
size_t cek_oid_len;
|
||||
int use_keybits;
|
||||
+#ifdef FIPS_MODULE
|
||||
+ int fips_indicator;
|
||||
+#endif /* defined(FIPS_MODULE) */
|
||||
} KDF_X942;
|
||||
|
||||
/*
|
||||
@@ -497,6 +502,10 @@ static int x942kdf_derive(void *vctx, unsigned char *key, size_t keylen,
|
||||
ERR_raise(ERR_LIB_PROV, PROV_R_BAD_ENCODING);
|
||||
return 0;
|
||||
}
|
||||
+#ifdef FIPS_MODULE
|
||||
+ if (keylen < EVP_KDF_FIPS_MIN_KEY_LEN)
|
||||
+ ctx->fips_indicator = EVP_KDF_REDHAT_FIPS_INDICATOR_NOT_APPROVED;
|
||||
+#endif /* defined(FIPS_MODULE) */
|
||||
ret = x942kdf_hash_kdm(md, ctx->secret, ctx->secret_len,
|
||||
der, der_len, ctr, key, keylen);
|
||||
OPENSSL_free(der);
|
||||
@@ -600,10 +609,58 @@ static int x942kdf_get_ctx_params(void *vctx, OSSL_PARAM params[])
|
||||
{
|
||||
KDF_X942 *ctx = (KDF_X942 *)vctx;
|
||||
OSSL_PARAM *p;
|
||||
+ int any_valid = 0; /* set to 1 when at least one parameter was valid */
|
||||
|
||||
- if ((p = OSSL_PARAM_locate(params, OSSL_KDF_PARAM_SIZE)) != NULL)
|
||||
- return OSSL_PARAM_set_size_t(p, x942kdf_size(ctx));
|
||||
- return -2;
|
||||
+ if ((p = OSSL_PARAM_locate(params, OSSL_KDF_PARAM_SIZE)) != NULL) {
|
||||
+ any_valid = 1;
|
||||
+
|
||||
+ if (!OSSL_PARAM_set_size_t(p, x942kdf_size(ctx)))
|
||||
+ return 0;
|
||||
+ }
|
||||
+
|
||||
+#ifdef FIPS_MODULE
|
||||
+ p = OSSL_PARAM_locate(params, OSSL_KDF_PARAM_REDHAT_FIPS_INDICATOR);
|
||||
+ if (p != NULL) {
|
||||
+ int fips_indicator = EVP_KDF_REDHAT_FIPS_INDICATOR_APPROVED;
|
||||
+
|
||||
+ any_valid = 1;
|
||||
+
|
||||
+ /* According to NIST Special Publication 800-131Ar2, Section 8:
|
||||
+ * Deriving Additional Keys from a Cryptographic Key, "[t]he length of
|
||||
+ * the key-derivation key [i.e., the input key] shall be at least 112
|
||||
+ * bits". */
|
||||
+ if (ctx->secret_len < EVP_KDF_FIPS_MIN_KEY_LEN)
|
||||
+ fips_indicator = EVP_KDF_REDHAT_FIPS_INDICATOR_NOT_APPROVED;
|
||||
+
|
||||
+ /* Implementation Guidance for FIPS 140-3 and the Cryptographic Module
|
||||
+ * Verification Program, Section D.B and NIST Special Publication
|
||||
+ * 800-131Ar2, Section 1.2.2 say that any algorithm at a security
|
||||
+ * strength < 112 bits is legacy use only, so all derived keys should
|
||||
+ * be longer than that. If a derived key has ever been shorter than
|
||||
+ * that, ctx->output_keyelen_indicator will be NOT_APPROVED, and we
|
||||
+ * should also set the returned FIPS indicator to unapproved. */
|
||||
+ if (ctx->fips_indicator == EVP_KDF_REDHAT_FIPS_INDICATOR_NOT_APPROVED)
|
||||
+ fips_indicator = EVP_KDF_REDHAT_FIPS_INDICATOR_NOT_APPROVED;
|
||||
+
|
||||
+ /* Implementation Guidance for FIPS 140-3 and the Cryptographic Module
|
||||
+ * Validation Program, Section C.C: "The SHAKE128 and SHAKE256
|
||||
+ * extendable-output functions may only be used as the standalone
|
||||
+ * algorithms." */
|
||||
+ if (ctx->digest.md != NULL
|
||||
+ && (EVP_MD_is_a(ctx->digest.md, "SHAKE-128") ||
|
||||
+ EVP_MD_is_a(ctx->digest.md, "SHAKE-256"))) {
|
||||
+ fips_indicator = EVP_KDF_REDHAT_FIPS_INDICATOR_NOT_APPROVED;
|
||||
+ }
|
||||
+
|
||||
+ if (!OSSL_PARAM_set_int(p, fips_indicator))
|
||||
+ return 0;
|
||||
+ }
|
||||
+#endif
|
||||
+
|
||||
+ if (!any_valid)
|
||||
+ return -2;
|
||||
+
|
||||
+ return 1;
|
||||
}
|
||||
|
||||
static const OSSL_PARAM *x942kdf_gettable_ctx_params(ossl_unused void *ctx,
|
||||
@@ -611,6 +668,9 @@ static const OSSL_PARAM *x942kdf_gettable_ctx_params(ossl_unused void *ctx,
|
||||
{
|
||||
static const OSSL_PARAM known_gettable_ctx_params[] = {
|
||||
OSSL_PARAM_size_t(OSSL_KDF_PARAM_SIZE, NULL),
|
||||
+#ifdef FIPS_MODULE
|
||||
+ OSSL_PARAM_int(OSSL_KDF_PARAM_REDHAT_FIPS_INDICATOR, 0),
|
||||
+#endif /* defined(FIPS_MODULE) */
|
||||
OSSL_PARAM_END
|
||||
};
|
||||
return known_gettable_ctx_params;
|
||||
--
|
||||
2.37.1
|
||||
2.41.0
|
||||
|
||||
|
|
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,273 @@
|
|||
From 930e7acf7dd225102b6e88d23f5e2a3f4acea9fa Mon Sep 17 00:00:00 2001
|
||||
From: Dmitry Belyavskiy <dbelyavs@redhat.com>
|
||||
Date: Mon, 21 Aug 2023 15:43:57 +0200
|
||||
Subject: [PATCH 37/48]
|
||||
0081-signature-Remove-X9.31-padding-from-FIPS-prov.patch
|
||||
|
||||
Patch-name: 0081-signature-Remove-X9.31-padding-from-FIPS-prov.patch
|
||||
Patch-id: 81
|
||||
---
|
||||
providers/implementations/signature/rsa_sig.c | 6 +
|
||||
test/acvp_test.inc | 214 ------------------
|
||||
2 files changed, 6 insertions(+), 214 deletions(-)
|
||||
|
||||
diff --git a/providers/implementations/signature/rsa_sig.c b/providers/implementations/signature/rsa_sig.c
|
||||
index 63ee11e566..cfaa4841cb 100644
|
||||
--- a/providers/implementations/signature/rsa_sig.c
|
||||
+++ b/providers/implementations/signature/rsa_sig.c
|
||||
@@ -1279,7 +1279,13 @@ static int rsa_set_ctx_params(void *vprsactx, const OSSL_PARAM params[])
|
||||
err_extra_text = "No padding not allowed with RSA-PSS";
|
||||
goto cont;
|
||||
case RSA_X931_PADDING:
|
||||
+#ifndef FIPS_MODULE
|
||||
err_extra_text = "X.931 padding not allowed with RSA-PSS";
|
||||
+#else /* !defined(FIPS_MODULE) */
|
||||
+ err_extra_text = "X.931 padding no longer allowed in FIPS mode,"
|
||||
+ " since it was removed from FIPS 186-5";
|
||||
+ goto bad_pad;
|
||||
+#endif /* !defined(FIPS_MODULE) */
|
||||
cont:
|
||||
if (RSA_test_flags(prsactx->rsa,
|
||||
RSA_FLAG_TYPE_MASK) == RSA_FLAG_TYPE_RSA)
|
||||
diff --git a/test/acvp_test.inc b/test/acvp_test.inc
|
||||
index 73b24bdb0c..96a72073f9 100644
|
||||
--- a/test/acvp_test.inc
|
||||
+++ b/test/acvp_test.inc
|
||||
@@ -1204,13 +1204,6 @@ static const struct rsa_siggen_st rsa_siggen_data[] = {
|
||||
ITM(rsa_siggen0_msg),
|
||||
NO_PSS_SALT_LEN,
|
||||
},
|
||||
- {
|
||||
- "x931",
|
||||
- 2048,
|
||||
- "SHA384",
|
||||
- ITM(rsa_siggen0_msg),
|
||||
- NO_PSS_SALT_LEN,
|
||||
- },
|
||||
{
|
||||
"pss",
|
||||
2048,
|
||||
@@ -1622,202 +1615,6 @@ static const unsigned char rsa_sigverpss_1_sig[] = {
|
||||
0x5c, 0xea, 0x8a, 0x92, 0x31, 0xd2, 0x11, 0x4b,
|
||||
};
|
||||
|
||||
-static const unsigned char rsa_sigverx931_0_n[] = {
|
||||
- 0xa0, 0x16, 0x14, 0x80, 0x8b, 0x17, 0x2b, 0xad,
|
||||
- 0xd7, 0x07, 0x31, 0x6d, 0xfc, 0xba, 0x25, 0x83,
|
||||
- 0x09, 0xa0, 0xf7, 0x71, 0xc6, 0x06, 0x22, 0x87,
|
||||
- 0xd6, 0xbd, 0x13, 0xd9, 0xfe, 0x7c, 0xf7, 0xe6,
|
||||
- 0x48, 0xdb, 0x27, 0xd8, 0xa5, 0x49, 0x8e, 0x8c,
|
||||
- 0xea, 0xbe, 0xe0, 0x04, 0x6f, 0x3d, 0x3b, 0x73,
|
||||
- 0xdc, 0xc5, 0xd4, 0xdc, 0x85, 0xef, 0xea, 0x10,
|
||||
- 0x46, 0xf3, 0x88, 0xb9, 0x93, 0xbc, 0xa0, 0xb6,
|
||||
- 0x06, 0x02, 0x82, 0xb4, 0x2d, 0x54, 0xec, 0x79,
|
||||
- 0x50, 0x8a, 0xfc, 0xfa, 0x62, 0x45, 0xbb, 0xd7,
|
||||
- 0x26, 0xcd, 0x88, 0xfa, 0xe8, 0x0f, 0x26, 0x5b,
|
||||
- 0x1f, 0x21, 0x3f, 0x3b, 0x5d, 0x98, 0x3f, 0x02,
|
||||
- 0x8c, 0xa1, 0xbf, 0xc0, 0x70, 0x4d, 0xd1, 0x41,
|
||||
- 0xfd, 0xb9, 0x55, 0x12, 0x90, 0xc8, 0x6e, 0x0f,
|
||||
- 0x19, 0xa8, 0x5c, 0x31, 0xd6, 0x16, 0x0e, 0xdf,
|
||||
- 0x08, 0x84, 0xcd, 0x4b, 0xfd, 0x28, 0x8d, 0x7d,
|
||||
- 0x6e, 0xea, 0xc7, 0x95, 0x4a, 0xc3, 0x84, 0x54,
|
||||
- 0x7f, 0xb0, 0x20, 0x29, 0x96, 0x39, 0x4c, 0x3e,
|
||||
- 0x85, 0xec, 0x22, 0xdd, 0xb9, 0x14, 0xbb, 0x04,
|
||||
- 0x2f, 0x4c, 0x0c, 0xe3, 0xfa, 0xae, 0x47, 0x79,
|
||||
- 0x59, 0x8e, 0x4e, 0x7d, 0x4a, 0x17, 0xae, 0x16,
|
||||
- 0x38, 0x66, 0x4e, 0xff, 0x45, 0x7f, 0xac, 0x5e,
|
||||
- 0x75, 0x9f, 0x51, 0x18, 0xe6, 0xad, 0x6b, 0x8b,
|
||||
- 0x3d, 0x08, 0x4d, 0x9a, 0xd2, 0x11, 0xba, 0xa8,
|
||||
- 0xc3, 0xb5, 0x17, 0xb5, 0xdf, 0xe7, 0x39, 0x89,
|
||||
- 0x27, 0x7b, 0xeb, 0xf4, 0xe5, 0x7e, 0xa9, 0x7b,
|
||||
- 0x39, 0x40, 0x6f, 0xe4, 0x82, 0x14, 0x3d, 0x62,
|
||||
- 0xb6, 0xd4, 0x43, 0xd0, 0x0a, 0x2f, 0xc1, 0x73,
|
||||
- 0x3d, 0x99, 0x37, 0xbe, 0x62, 0x13, 0x6a, 0x8b,
|
||||
- 0xeb, 0xc5, 0x64, 0xd5, 0x2a, 0x8b, 0x4f, 0x7f,
|
||||
- 0x82, 0x48, 0x69, 0x3e, 0x08, 0x1b, 0xb5, 0x77,
|
||||
- 0xd3, 0xdc, 0x1b, 0x2c, 0xe5, 0x59, 0xf6, 0x33,
|
||||
- 0x47, 0xa0, 0x0f, 0xff, 0x8a, 0x6a, 0x1d, 0x66,
|
||||
- 0x24, 0x67, 0x36, 0x7d, 0x21, 0xda, 0xc1, 0xd4,
|
||||
- 0x11, 0x6c, 0xe8, 0x5f, 0xd7, 0x8a, 0x53, 0x5c,
|
||||
- 0xb2, 0xe2, 0xf9, 0x14, 0x29, 0x0f, 0xcf, 0x28,
|
||||
- 0x32, 0x4f, 0xc6, 0x17, 0xf6, 0xbc, 0x0e, 0xb8,
|
||||
- 0x99, 0x7c, 0x14, 0xa3, 0x40, 0x3f, 0xf3, 0xe4,
|
||||
- 0x31, 0xbe, 0x54, 0x64, 0x5a, 0xad, 0x1d, 0xb0,
|
||||
- 0x37, 0xcc, 0xd9, 0x0b, 0xa4, 0xbc, 0xe0, 0x07,
|
||||
- 0x37, 0xd1, 0xe1, 0x65, 0xc6, 0x53, 0xfe, 0x60,
|
||||
- 0x6a, 0x64, 0xa4, 0x01, 0x00, 0xf3, 0x5b, 0x9a,
|
||||
- 0x28, 0x61, 0xde, 0x7a, 0xd7, 0x0d, 0x56, 0x1e,
|
||||
- 0x4d, 0xa8, 0x6a, 0xb5, 0xf2, 0x86, 0x2a, 0x4e,
|
||||
- 0xaa, 0x37, 0x23, 0x5a, 0x3b, 0x69, 0x66, 0x81,
|
||||
- 0xc8, 0x8e, 0x1b, 0x31, 0x0f, 0x28, 0x31, 0x9a,
|
||||
- 0x2d, 0xe5, 0x79, 0xcc, 0xa4, 0xca, 0x60, 0x45,
|
||||
- 0xf7, 0x83, 0x73, 0x5a, 0x01, 0x29, 0xda, 0xf7,
|
||||
-
|
||||
-};
|
||||
-static const unsigned char rsa_sigverx931_0_e[] = {
|
||||
- 0x01, 0x00, 0x01,
|
||||
-};
|
||||
-static const unsigned char rsa_sigverx931_0_msg[] = {
|
||||
- 0x82, 0x2e, 0x41, 0x70, 0x9d, 0x1f, 0xe9, 0x47,
|
||||
- 0xec, 0xf1, 0x79, 0xcc, 0x05, 0xef, 0xdb, 0xcd,
|
||||
- 0xca, 0x8b, 0x8e, 0x61, 0x45, 0xad, 0xa6, 0xd9,
|
||||
- 0xd7, 0x4b, 0x15, 0xf4, 0x92, 0x3a, 0x2a, 0x52,
|
||||
- 0xe3, 0x44, 0x57, 0x2b, 0x74, 0x7a, 0x37, 0x41,
|
||||
- 0x50, 0xcb, 0xcf, 0x13, 0x49, 0xd6, 0x15, 0x54,
|
||||
- 0x97, 0xfd, 0xae, 0x9b, 0xc1, 0xbb, 0xfc, 0x5c,
|
||||
- 0xc1, 0x37, 0x58, 0x17, 0x63, 0x19, 0x9c, 0xcf,
|
||||
- 0xee, 0x9c, 0xe5, 0xbe, 0x06, 0xe4, 0x97, 0x47,
|
||||
- 0xd1, 0x93, 0xa1, 0x2c, 0x59, 0x97, 0x02, 0x01,
|
||||
- 0x31, 0x45, 0x8c, 0xe1, 0x5c, 0xac, 0xe7, 0x5f,
|
||||
- 0x6a, 0x23, 0xda, 0xbf, 0xe4, 0x25, 0xc6, 0x67,
|
||||
- 0xea, 0x5f, 0x73, 0x90, 0x1b, 0x06, 0x0f, 0x41,
|
||||
- 0xb5, 0x6e, 0x74, 0x7e, 0xfd, 0xd9, 0xaa, 0xbd,
|
||||
- 0xe2, 0x8d, 0xad, 0x99, 0xdd, 0x29, 0x70, 0xca,
|
||||
- 0x1b, 0x38, 0x21, 0x55, 0xde, 0x07, 0xaf, 0x00,
|
||||
-
|
||||
-};
|
||||
-static const unsigned char rsa_sigverx931_0_sig[] = {
|
||||
- 0x29, 0xa9, 0x3a, 0x8e, 0x9e, 0x90, 0x1b, 0xdb,
|
||||
- 0xaf, 0x0b, 0x47, 0x5b, 0xb5, 0xc3, 0x8c, 0xc3,
|
||||
- 0x70, 0xbe, 0x73, 0xf9, 0x65, 0x8e, 0xc6, 0x1e,
|
||||
- 0x95, 0x0b, 0xdb, 0x24, 0x76, 0x79, 0xf1, 0x00,
|
||||
- 0x71, 0xcd, 0xc5, 0x6a, 0x7b, 0xd2, 0x8b, 0x18,
|
||||
- 0xc4, 0xdd, 0xf1, 0x2a, 0x31, 0x04, 0x3f, 0xfc,
|
||||
- 0x36, 0x06, 0x20, 0x71, 0x3d, 0x62, 0xf2, 0xb5,
|
||||
- 0x79, 0x0a, 0xd5, 0xd2, 0x81, 0xf1, 0xb1, 0x4f,
|
||||
- 0x9a, 0x17, 0xe8, 0x67, 0x64, 0x48, 0x09, 0x75,
|
||||
- 0xff, 0x2d, 0xee, 0x36, 0xca, 0xca, 0x1d, 0x74,
|
||||
- 0x99, 0xbe, 0x5c, 0x94, 0x31, 0xcc, 0x12, 0xf4,
|
||||
- 0x59, 0x7e, 0x17, 0x00, 0x4f, 0x7b, 0xa4, 0xb1,
|
||||
- 0xda, 0xdb, 0x3e, 0xa4, 0x34, 0x10, 0x4a, 0x19,
|
||||
- 0x0a, 0xd2, 0xa7, 0xa0, 0xc5, 0xe6, 0xef, 0x82,
|
||||
- 0xd4, 0x2e, 0x21, 0xbe, 0x15, 0x73, 0xac, 0xef,
|
||||
- 0x05, 0xdb, 0x6a, 0x8a, 0x1a, 0xcb, 0x8e, 0xa5,
|
||||
- 0xee, 0xfb, 0x28, 0xbf, 0x96, 0xa4, 0x2b, 0xd2,
|
||||
- 0x85, 0x2b, 0x20, 0xc3, 0xaf, 0x9a, 0x32, 0x04,
|
||||
- 0xa0, 0x49, 0x24, 0x47, 0xd0, 0x09, 0xf7, 0xcf,
|
||||
- 0x73, 0xb6, 0xf6, 0x70, 0xda, 0x3b, 0xf8, 0x5a,
|
||||
- 0x28, 0x2e, 0x14, 0x6c, 0x52, 0xbd, 0x2a, 0x7c,
|
||||
- 0x8e, 0xc1, 0xa8, 0x0e, 0xb1, 0x1e, 0x6b, 0x8d,
|
||||
- 0x76, 0xea, 0x70, 0x81, 0xa0, 0x02, 0x63, 0x74,
|
||||
- 0xbc, 0x7e, 0xb9, 0xac, 0x0e, 0x7b, 0x1b, 0x75,
|
||||
- 0x82, 0xe2, 0x98, 0x4e, 0x24, 0x55, 0xd4, 0xbd,
|
||||
- 0x14, 0xde, 0x58, 0x56, 0x3a, 0x5d, 0x4e, 0x57,
|
||||
- 0x0d, 0x54, 0x74, 0xe8, 0x86, 0x8c, 0xcb, 0x07,
|
||||
- 0x9f, 0x0b, 0xfb, 0xc2, 0x08, 0x5c, 0xd7, 0x05,
|
||||
- 0x3b, 0xc8, 0xd2, 0x15, 0x68, 0x8f, 0x3d, 0x3c,
|
||||
- 0x4e, 0x85, 0xa9, 0x25, 0x6f, 0xf5, 0x2e, 0xca,
|
||||
- 0xca, 0xa8, 0x27, 0x89, 0x61, 0x4e, 0x1f, 0x57,
|
||||
- 0x2d, 0x99, 0x10, 0x3f, 0xbc, 0x9e, 0x96, 0x5e,
|
||||
- 0x2f, 0x0a, 0x25, 0xa7, 0x5c, 0xea, 0x65, 0x2a,
|
||||
- 0x22, 0x35, 0xa3, 0xf9, 0x13, 0x89, 0x05, 0x2e,
|
||||
- 0x19, 0x73, 0x1d, 0x70, 0x74, 0x98, 0x15, 0x4b,
|
||||
- 0xab, 0x56, 0x52, 0xe0, 0x01, 0x42, 0x95, 0x6a,
|
||||
- 0x46, 0x2c, 0x78, 0xff, 0x26, 0xbc, 0x48, 0x10,
|
||||
- 0x38, 0x25, 0xab, 0x32, 0x7c, 0x79, 0x7c, 0x5d,
|
||||
- 0x6f, 0x45, 0x54, 0x74, 0x2d, 0x93, 0x56, 0x52,
|
||||
- 0x11, 0x34, 0x1e, 0xe3, 0x4b, 0x6a, 0x17, 0x4f,
|
||||
- 0x37, 0x14, 0x75, 0xac, 0xa3, 0xa1, 0xca, 0xda,
|
||||
- 0x38, 0x06, 0xa9, 0x78, 0xb9, 0x5d, 0xd0, 0x59,
|
||||
- 0x1b, 0x5d, 0x1e, 0xc2, 0x0b, 0xfb, 0x39, 0x37,
|
||||
- 0x44, 0x85, 0xb6, 0x36, 0x06, 0x95, 0xbc, 0x15,
|
||||
- 0x35, 0xb9, 0xe6, 0x27, 0x42, 0xe3, 0xc8, 0xec,
|
||||
- 0x30, 0x37, 0x20, 0x26, 0x9a, 0x11, 0x61, 0xc0,
|
||||
- 0xdb, 0xb2, 0x5a, 0x26, 0x78, 0x27, 0xb9, 0x13,
|
||||
- 0xc9, 0x1a, 0xa7, 0x67, 0x93, 0xe8, 0xbe, 0xcb,
|
||||
-};
|
||||
-
|
||||
-#define rsa_sigverx931_1_n rsa_sigverx931_0_n
|
||||
-#define rsa_sigverx931_1_e rsa_sigverx931_0_e
|
||||
-static const unsigned char rsa_sigverx931_1_msg[] = {
|
||||
- 0x79, 0x02, 0xb9, 0xd2, 0x3e, 0x84, 0x02, 0xc8,
|
||||
- 0x2a, 0x94, 0x92, 0x14, 0x8d, 0xd5, 0xd3, 0x8d,
|
||||
- 0xb2, 0xf6, 0x00, 0x8b, 0x61, 0x2c, 0xd2, 0xf9,
|
||||
- 0xa8, 0xe0, 0x5d, 0xac, 0xdc, 0xa5, 0x34, 0xf3,
|
||||
- 0xda, 0x6c, 0xd4, 0x70, 0x92, 0xfb, 0x40, 0x26,
|
||||
- 0xc7, 0x9b, 0xe8, 0xd2, 0x10, 0x11, 0xcf, 0x7f,
|
||||
- 0x23, 0xd0, 0xed, 0x55, 0x52, 0x6d, 0xd3, 0xb2,
|
||||
- 0x56, 0x53, 0x8d, 0x7c, 0x4c, 0xb8, 0xcc, 0xb5,
|
||||
- 0xfd, 0xd0, 0x45, 0x4f, 0x62, 0x40, 0x54, 0x42,
|
||||
- 0x68, 0xd5, 0xe5, 0xdd, 0xf0, 0x76, 0x94, 0x59,
|
||||
- 0x1a, 0x57, 0x13, 0xb4, 0xc3, 0x70, 0xcc, 0xbd,
|
||||
- 0x4c, 0x2e, 0xc8, 0x6b, 0x9d, 0x68, 0xd0, 0x72,
|
||||
- 0x6a, 0x94, 0xd2, 0x18, 0xb5, 0x3b, 0x86, 0x45,
|
||||
- 0x95, 0xaa, 0x50, 0xda, 0x35, 0xeb, 0x69, 0x44,
|
||||
- 0x1f, 0xf3, 0x3a, 0x51, 0xbb, 0x1d, 0x08, 0x42,
|
||||
- 0x12, 0xd7, 0xd6, 0x21, 0xd8, 0x9b, 0x87, 0x55,
|
||||
-};
|
||||
-
|
||||
-static const unsigned char rsa_sigverx931_1_sig[] = {
|
||||
- 0x3b, 0xba, 0xb3, 0xb1, 0xb2, 0x6a, 0x29, 0xb5,
|
||||
- 0xf9, 0x94, 0xf1, 0x00, 0x5c, 0x16, 0x67, 0x67,
|
||||
- 0x73, 0xd3, 0xde, 0x7e, 0x07, 0xfa, 0xaa, 0x95,
|
||||
- 0xeb, 0x5a, 0x55, 0xdc, 0xb2, 0xa9, 0x70, 0x5a,
|
||||
- 0xee, 0x8f, 0x8d, 0x69, 0x85, 0x2b, 0x00, 0xe3,
|
||||
- 0xdc, 0xe2, 0x73, 0x9b, 0x68, 0xeb, 0x93, 0x69,
|
||||
- 0x08, 0x03, 0x17, 0xd6, 0x50, 0x21, 0x14, 0x23,
|
||||
- 0x8c, 0xe6, 0x54, 0x3a, 0xd9, 0xfc, 0x8b, 0x14,
|
||||
- 0x81, 0xb1, 0x8b, 0x9d, 0xd2, 0xbe, 0x58, 0x75,
|
||||
- 0x94, 0x74, 0x93, 0xc9, 0xbb, 0x4e, 0xf6, 0x1f,
|
||||
- 0x73, 0x7d, 0x1a, 0x5f, 0xbd, 0xbf, 0x59, 0x37,
|
||||
- 0x5b, 0x98, 0x54, 0xad, 0x3a, 0xef, 0xa0, 0xef,
|
||||
- 0xcb, 0xc3, 0xe8, 0x84, 0xd8, 0x3d, 0xf5, 0x60,
|
||||
- 0xb8, 0xc3, 0x8d, 0x1e, 0x78, 0xa0, 0x91, 0x94,
|
||||
- 0xb7, 0xd7, 0xb1, 0xd4, 0xe2, 0xee, 0x81, 0x93,
|
||||
- 0xfc, 0x41, 0xf0, 0x31, 0xbb, 0x03, 0x52, 0xde,
|
||||
- 0x80, 0x20, 0x3a, 0x68, 0xe6, 0xc5, 0x50, 0x1b,
|
||||
- 0x08, 0x3f, 0x40, 0xde, 0xb3, 0xe5, 0x81, 0x99,
|
||||
- 0x7f, 0xdb, 0xb6, 0x5d, 0x61, 0x27, 0xd4, 0xfb,
|
||||
- 0xcd, 0xc5, 0x7a, 0xea, 0xde, 0x7a, 0x66, 0xef,
|
||||
- 0x55, 0x3f, 0x85, 0xea, 0x84, 0xc5, 0x0a, 0xf6,
|
||||
- 0x3c, 0x40, 0x38, 0xf7, 0x6c, 0x66, 0xe5, 0xbe,
|
||||
- 0x61, 0x41, 0xd3, 0xb1, 0x08, 0xe1, 0xb4, 0xf9,
|
||||
- 0x6e, 0xf6, 0x0e, 0x4a, 0x72, 0x6c, 0x61, 0x63,
|
||||
- 0x3e, 0x41, 0x33, 0x94, 0xd6, 0x27, 0xa4, 0xd9,
|
||||
- 0x3a, 0x20, 0x2b, 0x39, 0xea, 0xe5, 0x82, 0x48,
|
||||
- 0xd6, 0x5b, 0x58, 0x85, 0x44, 0xb0, 0xd2, 0xfd,
|
||||
- 0xfb, 0x3e, 0xeb, 0x78, 0xac, 0xbc, 0xba, 0x16,
|
||||
- 0x92, 0x0e, 0x20, 0xc1, 0xb2, 0xd1, 0x92, 0xa8,
|
||||
- 0x00, 0x88, 0xc0, 0x41, 0x46, 0x38, 0xb6, 0x54,
|
||||
- 0x70, 0x0c, 0x00, 0x62, 0x97, 0x6a, 0x8e, 0x66,
|
||||
- 0x5a, 0xa1, 0x6c, 0xf7, 0x6d, 0xc2, 0x27, 0x56,
|
||||
- 0x60, 0x5b, 0x0c, 0x52, 0xac, 0x5c, 0xae, 0x99,
|
||||
- 0x55, 0x11, 0x62, 0x52, 0x09, 0x48, 0x53, 0x90,
|
||||
- 0x3c, 0x0b, 0xd4, 0xdc, 0x7b, 0xe3, 0x4c, 0xe3,
|
||||
- 0xa8, 0x6d, 0xc5, 0xdf, 0xc1, 0x5c, 0x59, 0x25,
|
||||
- 0x99, 0x30, 0xde, 0x57, 0x6a, 0x84, 0x25, 0x34,
|
||||
- 0x3e, 0x64, 0x11, 0xdb, 0x7a, 0x82, 0x8e, 0x70,
|
||||
- 0xd2, 0x5c, 0x0e, 0x81, 0xa0, 0x24, 0x53, 0x75,
|
||||
- 0x98, 0xd6, 0x10, 0x01, 0x6a, 0x14, 0xed, 0xc3,
|
||||
- 0x6f, 0xc4, 0x18, 0xb8, 0xd2, 0x9f, 0x59, 0x53,
|
||||
- 0x81, 0x3a, 0x86, 0x31, 0xfc, 0x9e, 0xbf, 0x6c,
|
||||
- 0x52, 0x93, 0x86, 0x9c, 0xaa, 0x6c, 0x6f, 0x07,
|
||||
- 0x8a, 0x40, 0x33, 0x64, 0xb2, 0x70, 0x48, 0x85,
|
||||
- 0x05, 0x59, 0x65, 0x2d, 0x6b, 0x9a, 0xad, 0xab,
|
||||
- 0x20, 0x7e, 0x02, 0x6d, 0xde, 0xcf, 0x22, 0x0b,
|
||||
- 0xea, 0x6e, 0xbd, 0x1c, 0x39, 0x3a, 0xfd, 0xa4,
|
||||
- 0xde, 0x54, 0xae, 0xde, 0x5e, 0xf7, 0xb0, 0x6d,
|
||||
-};
|
||||
-
|
||||
static const struct rsa_sigver_st rsa_sigver_data[] = {
|
||||
{
|
||||
"pkcs1", /* pkcs1v1.5 */
|
||||
@@ -1841,17 +1638,6 @@ static const struct rsa_sigver_st rsa_sigver_data[] = {
|
||||
NO_PSS_SALT_LEN,
|
||||
FAIL
|
||||
},
|
||||
- {
|
||||
- "x931",
|
||||
- 3072,
|
||||
- "SHA256",
|
||||
- ITM(rsa_sigverx931_1_msg),
|
||||
- ITM(rsa_sigverx931_1_n),
|
||||
- ITM(rsa_sigverx931_1_e),
|
||||
- ITM(rsa_sigverx931_1_sig),
|
||||
- NO_PSS_SALT_LEN,
|
||||
- FAIL
|
||||
- },
|
||||
{
|
||||
"pss",
|
||||
4096,
|
||||
--
|
||||
2.41.0
|
||||
|
|
@ -0,0 +1,104 @@
|
|||
From 8e388e194e665286a8996d7d5926bab5c1a6b4f9 Mon Sep 17 00:00:00 2001
|
||||
From: Dmitry Belyavskiy <dbelyavs@redhat.com>
|
||||
Date: Mon, 21 Aug 2023 15:46:40 +0200
|
||||
Subject: [PATCH 38/48]
|
||||
0083-hmac-Add-explicit-FIPS-indicator-for-key-length.patch
|
||||
|
||||
Patch-name: 0083-hmac-Add-explicit-FIPS-indicator-for-key-length.patch
|
||||
Patch-id: 83
|
||||
---
|
||||
include/crypto/evp.h | 7 +++++++
|
||||
include/openssl/core_names.h | 1 +
|
||||
include/openssl/evp.h | 3 +++
|
||||
providers/implementations/macs/hmac_prov.c | 17 +++++++++++++++++
|
||||
4 files changed, 28 insertions(+)
|
||||
|
||||
diff --git a/include/crypto/evp.h b/include/crypto/evp.h
|
||||
index aa07153441..a13127bd59 100644
|
||||
--- a/include/crypto/evp.h
|
||||
+++ b/include/crypto/evp.h
|
||||
@@ -196,6 +196,13 @@ const EVP_PKEY_METHOD *ossl_ed448_pkey_method(void);
|
||||
const EVP_PKEY_METHOD *ossl_rsa_pkey_method(void);
|
||||
const EVP_PKEY_METHOD *ossl_rsa_pss_pkey_method(void);
|
||||
|
||||
+#ifdef FIPS_MODULE
|
||||
+/* NIST SP 800-131Ar2, Table 9: Approval Status of MAC Algorithms specifies key
|
||||
+ * lengths < 112 bytes are disallowed for HMAC generation and legacy use for
|
||||
+ * HMAC verification. */
|
||||
+# define EVP_HMAC_GEN_FIPS_MIN_KEY_LEN (112 / 8)
|
||||
+#endif
|
||||
+
|
||||
struct evp_mac_st {
|
||||
OSSL_PROVIDER *prov;
|
||||
int name_id;
|
||||
diff --git a/include/openssl/core_names.h b/include/openssl/core_names.h
|
||||
index f185bc9342..1d1da4d3ca 100644
|
||||
--- a/include/openssl/core_names.h
|
||||
+++ b/include/openssl/core_names.h
|
||||
@@ -175,6 +175,7 @@ extern "C" {
|
||||
#define OSSL_MAC_PARAM_SIZE "size" /* size_t */
|
||||
#define OSSL_MAC_PARAM_BLOCK_SIZE "block-size" /* size_t */
|
||||
#define OSSL_MAC_PARAM_TLS_DATA_SIZE "tls-data-size" /* size_t */
|
||||
+#define OSSL_MAC_PARAM_REDHAT_FIPS_INDICATOR "redhat-fips-indicator"
|
||||
|
||||
/* Known MAC names */
|
||||
#define OSSL_MAC_NAME_BLAKE2BMAC "BLAKE2BMAC"
|
||||
diff --git a/include/openssl/evp.h b/include/openssl/evp.h
|
||||
index 86f4e22c70..615857caf5 100644
|
||||
--- a/include/openssl/evp.h
|
||||
+++ b/include/openssl/evp.h
|
||||
@@ -1194,6 +1194,9 @@ void EVP_MD_do_all_provided(OSSL_LIB_CTX *libctx,
|
||||
void *arg);
|
||||
|
||||
/* MAC stuff */
|
||||
+# define EVP_MAC_REDHAT_FIPS_INDICATOR_UNDETERMINED 0
|
||||
+# define EVP_MAC_REDHAT_FIPS_INDICATOR_APPROVED 1
|
||||
+# define EVP_MAC_REDHAT_FIPS_INDICATOR_NOT_APPROVED 2
|
||||
|
||||
EVP_MAC *EVP_MAC_fetch(OSSL_LIB_CTX *libctx, const char *algorithm,
|
||||
const char *properties);
|
||||
diff --git a/providers/implementations/macs/hmac_prov.c b/providers/implementations/macs/hmac_prov.c
|
||||
index 52ebb08b8f..cf5c3ecbe7 100644
|
||||
--- a/providers/implementations/macs/hmac_prov.c
|
||||
+++ b/providers/implementations/macs/hmac_prov.c
|
||||
@@ -21,6 +21,8 @@
|
||||
#include <openssl/evp.h>
|
||||
#include <openssl/hmac.h>
|
||||
|
||||
+#include "crypto/evp.h"
|
||||
+
|
||||
#include "prov/implementations.h"
|
||||
#include "prov/provider_ctx.h"
|
||||
#include "prov/provider_util.h"
|
||||
@@ -244,6 +246,9 @@ static int hmac_final(void *vmacctx, unsigned char *out, size_t *outl,
|
||||
static const OSSL_PARAM known_gettable_ctx_params[] = {
|
||||
OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL),
|
||||
OSSL_PARAM_size_t(OSSL_MAC_PARAM_BLOCK_SIZE, NULL),
|
||||
+#ifdef FIPS_MODULE
|
||||
+ OSSL_PARAM_int(OSSL_MAC_PARAM_REDHAT_FIPS_INDICATOR, NULL),
|
||||
+#endif /* defined(FIPS_MODULE) */
|
||||
OSSL_PARAM_END
|
||||
};
|
||||
static const OSSL_PARAM *hmac_gettable_ctx_params(ossl_unused void *ctx,
|
||||
@@ -265,6 +270,18 @@ static int hmac_get_ctx_params(void *vmacctx, OSSL_PARAM params[])
|
||||
&& !OSSL_PARAM_set_int(p, hmac_block_size(macctx)))
|
||||
return 0;
|
||||
|
||||
+#ifdef FIPS_MODULE
|
||||
+ if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_REDHAT_FIPS_INDICATOR)) != NULL) {
|
||||
+ int fips_indicator = EVP_MAC_REDHAT_FIPS_INDICATOR_APPROVED;
|
||||
+ /* NIST SP 800-131Ar2, Table 9: Approval Status of MAC Algorithms
|
||||
+ * specifies key lengths < 112 bytes are disallowed for HMAC generation
|
||||
+ * and legacy use for HMAC verification. */
|
||||
+ if (macctx->keylen < EVP_HMAC_GEN_FIPS_MIN_KEY_LEN)
|
||||
+ fips_indicator = EVP_MAC_REDHAT_FIPS_INDICATOR_NOT_APPROVED;
|
||||
+ return OSSL_PARAM_set_int(p, fips_indicator);
|
||||
+ }
|
||||
+#endif /* defined(FIPS_MODULE) */
|
||||
+
|
||||
return 1;
|
||||
}
|
||||
|
||||
--
|
||||
2.41.0
|
||||
|
|
@ -0,0 +1,69 @@
|
|||
From 915990e450e769e370fcacbfd8ed58ab6afaf2bf Mon Sep 17 00:00:00 2001
|
||||
From: Dmitry Belyavskiy <dbelyavs@redhat.com>
|
||||
Date: Mon, 21 Aug 2023 15:47:55 +0200
|
||||
Subject: [PATCH 39/48]
|
||||
0084-pbkdf2-Set-minimum-password-length-of-8-bytes.patch
|
||||
|
||||
Patch-name: 0084-pbkdf2-Set-minimum-password-length-of-8-bytes.patch
|
||||
Patch-id: 84
|
||||
---
|
||||
providers/implementations/kdfs/pbkdf2.c | 27 ++++++++++++++++++++++++-
|
||||
1 file changed, 26 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/providers/implementations/kdfs/pbkdf2.c b/providers/implementations/kdfs/pbkdf2.c
|
||||
index 349c3dd657..11820d1e69 100644
|
||||
--- a/providers/implementations/kdfs/pbkdf2.c
|
||||
+++ b/providers/implementations/kdfs/pbkdf2.c
|
||||
@@ -35,6 +35,21 @@
|
||||
#define KDF_PBKDF2_MAX_KEY_LEN_DIGEST_RATIO 0xFFFFFFFF
|
||||
#define KDF_PBKDF2_MIN_ITERATIONS 1000
|
||||
#define KDF_PBKDF2_MIN_SALT_LEN (128 / 8)
|
||||
+/* The Implementation Guidance for FIPS 140-3 says in section D.N
|
||||
+ * "Password-Based Key Derivation for Storage Applications" that "the vendor
|
||||
+ * shall document in the module’s Security Policy the length of
|
||||
+ * a password/passphrase used in key derivation and establish an upper bound
|
||||
+ * for the probability of having this parameter guessed at random. This
|
||||
+ * probability shall take into account not only the length of the
|
||||
+ * password/passphrase, but also the difficulty of guessing it. The decision on
|
||||
+ * the minimum length of a password used for key derivation is the vendor’s,
|
||||
+ * but the vendor shall at a minimum informally justify the decision."
|
||||
+ *
|
||||
+ * We are choosing a minimum password length of 8 bytes, because NIST's ACVP
|
||||
+ * testing uses passwords as short as 8 bytes, and requiring longer passwords
|
||||
+ * combined with an implicit indicator (i.e., returning an error) would cause
|
||||
+ * the module to fail ACVP testing. */
|
||||
+#define KDF_PBKDF2_MIN_PASSWORD_LEN (8)
|
||||
|
||||
static OSSL_FUNC_kdf_newctx_fn kdf_pbkdf2_new;
|
||||
static OSSL_FUNC_kdf_dupctx_fn kdf_pbkdf2_dup;
|
||||
@@ -219,9 +234,15 @@ static int kdf_pbkdf2_set_ctx_params(void *vctx, const OSSL_PARAM params[])
|
||||
ctx->lower_bound_checks = pkcs5 == 0;
|
||||
}
|
||||
|
||||
- if ((p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_PASSWORD)) != NULL)
|
||||
+ if ((p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_PASSWORD)) != NULL) {
|
||||
+ if (ctx->lower_bound_checks != 0
|
||||
+ && p->data_size < KDF_PBKDF2_MIN_PASSWORD_LEN) {
|
||||
+ ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH);
|
||||
+ return 0;
|
||||
+ }
|
||||
if (!pbkdf2_set_membuf(&ctx->pass, &ctx->pass_len, p))
|
||||
return 0;
|
||||
+ }
|
||||
|
||||
if ((p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_SALT)) != NULL) {
|
||||
if (ctx->lower_bound_checks != 0
|
||||
@@ -331,6 +352,10 @@ static int pbkdf2_derive(const char *pass, size_t passlen,
|
||||
}
|
||||
|
||||
if (lower_bound_checks) {
|
||||
+ if (passlen < KDF_PBKDF2_MIN_PASSWORD_LEN) {
|
||||
+ ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH);
|
||||
+ return 0;
|
||||
+ }
|
||||
if ((keylen * 8) < KDF_PBKDF2_MIN_KEY_LEN_BITS) {
|
||||
ERR_raise(ERR_LIB_PROV, PROV_R_KEY_SIZE_TOO_SMALL);
|
||||
return 0;
|
||||
--
|
||||
2.41.0
|
||||
|
|
@ -0,0 +1,101 @@
|
|||
From 2306fde5556cbcb875d095c09fed01a0f16fe7ec Mon Sep 17 00:00:00 2001
|
||||
From: Dmitry Belyavskiy <dbelyavs@redhat.com>
|
||||
Date: Mon, 21 Aug 2023 15:51:55 +0200
|
||||
Subject: [PATCH 40/48] 0085-FIPS-RSA-disable-shake.patch
|
||||
|
||||
Patch-name: 0085-FIPS-RSA-disable-shake.patch
|
||||
Patch-id: 85
|
||||
---
|
||||
crypto/rsa/rsa_oaep.c | 28 ++++++++++++++++++++++++++++
|
||||
crypto/rsa/rsa_pss.c | 16 ++++++++++++++++
|
||||
2 files changed, 44 insertions(+)
|
||||
|
||||
diff --git a/crypto/rsa/rsa_oaep.c b/crypto/rsa/rsa_oaep.c
|
||||
index b2f7f7dc4b..af2b0b026c 100644
|
||||
--- a/crypto/rsa/rsa_oaep.c
|
||||
+++ b/crypto/rsa/rsa_oaep.c
|
||||
@@ -78,9 +78,23 @@ int ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex2(OSSL_LIB_CTX *libctx,
|
||||
return 0;
|
||||
#endif
|
||||
}
|
||||
+
|
||||
+#ifdef FIPS_MODULE
|
||||
+ if (EVP_MD_is_a(md, "SHAKE-128") || EVP_MD_is_a(md, "SHAKE-256")) {
|
||||
+ ERR_raise(ERR_LIB_RSA, RSA_R_DIGEST_NOT_ALLOWED);
|
||||
+ return 0;
|
||||
+ }
|
||||
+#endif
|
||||
if (mgf1md == NULL)
|
||||
mgf1md = md;
|
||||
|
||||
+#ifdef FIPS_MODULE
|
||||
+ if (EVP_MD_is_a(mgf1md, "SHAKE-128") || EVP_MD_is_a(mgf1md, "SHAKE-256")) {
|
||||
+ ERR_raise(ERR_LIB_RSA, RSA_R_DIGEST_NOT_ALLOWED);
|
||||
+ return 0;
|
||||
+ }
|
||||
+#endif
|
||||
+
|
||||
mdlen = EVP_MD_get_size(md);
|
||||
if (mdlen <= 0) {
|
||||
ERR_raise(ERR_LIB_RSA, RSA_R_INVALID_LENGTH);
|
||||
@@ -203,9 +217,23 @@ int RSA_padding_check_PKCS1_OAEP_mgf1(unsigned char *to, int tlen,
|
||||
#endif
|
||||
}
|
||||
|
||||
+#ifdef FIPS_MODULE
|
||||
+ if (EVP_MD_is_a(md, "SHAKE-128") || EVP_MD_is_a(md, "SHAKE-256")) {
|
||||
+ ERR_raise(ERR_LIB_RSA, RSA_R_DIGEST_NOT_ALLOWED);
|
||||
+ return -1;
|
||||
+ }
|
||||
+#endif
|
||||
+
|
||||
if (mgf1md == NULL)
|
||||
mgf1md = md;
|
||||
|
||||
+#ifdef FIPS_MODULE
|
||||
+ if (EVP_MD_is_a(mgf1md, "SHAKE-128") || EVP_MD_is_a(mgf1md, "SHAKE-256")) {
|
||||
+ ERR_raise(ERR_LIB_RSA, RSA_R_DIGEST_NOT_ALLOWED);
|
||||
+ return -1;
|
||||
+ }
|
||||
+#endif
|
||||
+
|
||||
mdlen = EVP_MD_get_size(md);
|
||||
|
||||
if (tlen <= 0 || flen <= 0)
|
||||
diff --git a/crypto/rsa/rsa_pss.c b/crypto/rsa/rsa_pss.c
|
||||
index bb46ec64c7..c0fdf232da 100644
|
||||
--- a/crypto/rsa/rsa_pss.c
|
||||
+++ b/crypto/rsa/rsa_pss.c
|
||||
@@ -53,6 +53,14 @@ int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash,
|
||||
if (mgf1Hash == NULL)
|
||||
mgf1Hash = Hash;
|
||||
|
||||
+#ifdef FIPS_MODULE
|
||||
+ if (EVP_MD_is_a(Hash, "SHAKE-128") || EVP_MD_is_a(Hash, "SHAKE-256"))
|
||||
+ goto err;
|
||||
+
|
||||
+ if (EVP_MD_is_a(mgf1Hash, "SHAKE-128") || EVP_MD_is_a(mgf1Hash, "SHAKE-256"))
|
||||
+ goto err;
|
||||
+#endif
|
||||
+
|
||||
hLen = EVP_MD_get_size(Hash);
|
||||
if (hLen < 0)
|
||||
goto err;
|
||||
@@ -168,6 +176,14 @@ int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM,
|
||||
if (mgf1Hash == NULL)
|
||||
mgf1Hash = Hash;
|
||||
|
||||
+#ifdef FIPS_MODULE
|
||||
+ if (EVP_MD_is_a(Hash, "SHAKE-128") || EVP_MD_is_a(Hash, "SHAKE-256"))
|
||||
+ goto err;
|
||||
+
|
||||
+ if (EVP_MD_is_a(mgf1Hash, "SHAKE-128") || EVP_MD_is_a(mgf1Hash, "SHAKE-256"))
|
||||
+ goto err;
|
||||
+#endif
|
||||
+
|
||||
hLen = EVP_MD_get_size(Hash);
|
||||
if (hLen < 0)
|
||||
goto err;
|
||||
--
|
||||
2.41.0
|
||||
|
|
@ -0,0 +1,82 @@
|
|||
From 98ee6faef3da1439c04f11cd2796132d27d1e607 Mon Sep 17 00:00:00 2001
|
||||
From: Dmitry Belyavskiy <dbelyavs@redhat.com>
|
||||
Date: Mon, 21 Aug 2023 15:58:07 +0200
|
||||
Subject: [PATCH 41/48] 0088-signature-Add-indicator-for-PSS-salt-length.patch
|
||||
|
||||
Patch-name: 0088-signature-Add-indicator-for-PSS-salt-length.patch
|
||||
Patch-id: 88
|
||||
---
|
||||
include/openssl/core_names.h | 1 +
|
||||
include/openssl/evp.h | 4 ++++
|
||||
providers/implementations/signature/rsa_sig.c | 21 +++++++++++++++++++
|
||||
3 files changed, 26 insertions(+)
|
||||
|
||||
diff --git a/include/openssl/core_names.h b/include/openssl/core_names.h
|
||||
index 1d1da4d3ca..48af87e236 100644
|
||||
--- a/include/openssl/core_names.h
|
||||
+++ b/include/openssl/core_names.h
|
||||
@@ -458,6 +458,7 @@ extern "C" {
|
||||
#define OSSL_SIGNATURE_PARAM_MGF1_PROPERTIES \
|
||||
OSSL_PKEY_PARAM_MGF1_PROPERTIES
|
||||
#define OSSL_SIGNATURE_PARAM_DIGEST_SIZE OSSL_PKEY_PARAM_DIGEST_SIZE
|
||||
+#define OSSL_SIGNATURE_PARAM_REDHAT_FIPS_INDICATOR "redhat-fips-indicator"
|
||||
|
||||
/* Asym cipher parameters */
|
||||
#define OSSL_ASYM_CIPHER_PARAM_DIGEST OSSL_PKEY_PARAM_DIGEST
|
||||
diff --git a/include/openssl/evp.h b/include/openssl/evp.h
|
||||
index 615857caf5..05f2d0f75a 100644
|
||||
--- a/include/openssl/evp.h
|
||||
+++ b/include/openssl/evp.h
|
||||
@@ -799,6 +799,10 @@ __owur int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm,
|
||||
__owur int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm,
|
||||
int *outl);
|
||||
|
||||
+# define EVP_SIGNATURE_REDHAT_FIPS_INDICATOR_UNDETERMINED 0
|
||||
+# define EVP_SIGNATURE_REDHAT_FIPS_INDICATOR_APPROVED 1
|
||||
+# define EVP_SIGNATURE_REDHAT_FIPS_INDICATOR_NOT_APPROVED 2
|
||||
+
|
||||
__owur int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s,
|
||||
EVP_PKEY *pkey);
|
||||
__owur int EVP_SignFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s,
|
||||
diff --git a/providers/implementations/signature/rsa_sig.c b/providers/implementations/signature/rsa_sig.c
|
||||
index cfaa4841cb..851671cfb1 100644
|
||||
--- a/providers/implementations/signature/rsa_sig.c
|
||||
+++ b/providers/implementations/signature/rsa_sig.c
|
||||
@@ -1173,6 +1173,24 @@ static int rsa_get_ctx_params(void *vprsactx, OSSL_PARAM *params)
|
||||
}
|
||||
}
|
||||
|
||||
+#ifdef FIPS_MODULE
|
||||
+ p = OSSL_PARAM_locate(params, OSSL_SIGNATURE_PARAM_REDHAT_FIPS_INDICATOR);
|
||||
+ if (p != NULL) {
|
||||
+ int fips_indicator = EVP_SIGNATURE_REDHAT_FIPS_INDICATOR_APPROVED;
|
||||
+ if (prsactx->pad_mode == RSA_PKCS1_PSS_PADDING) {
|
||||
+ if (prsactx->md == NULL) {
|
||||
+ fips_indicator = EVP_SIGNATURE_REDHAT_FIPS_INDICATOR_UNDETERMINED;
|
||||
+ } else if (rsa_pss_compute_saltlen(prsactx) > EVP_MD_get_size(prsactx->md)) {
|
||||
+ fips_indicator = EVP_SIGNATURE_REDHAT_FIPS_INDICATOR_NOT_APPROVED;
|
||||
+ }
|
||||
+ } else if (prsactx->pad_mode == RSA_NO_PADDING) {
|
||||
+ if (prsactx->md == NULL) /* Should always be the case */
|
||||
+ fips_indicator = EVP_SIGNATURE_REDHAT_FIPS_INDICATOR_NOT_APPROVED;
|
||||
+ }
|
||||
+ return OSSL_PARAM_set_int(p, fips_indicator);
|
||||
+ }
|
||||
+#endif
|
||||
+
|
||||
return 1;
|
||||
}
|
||||
|
||||
@@ -1182,6 +1200,9 @@ static const OSSL_PARAM known_gettable_ctx_params[] = {
|
||||
OSSL_PARAM_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST, NULL, 0),
|
||||
OSSL_PARAM_utf8_string(OSSL_SIGNATURE_PARAM_MGF1_DIGEST, NULL, 0),
|
||||
OSSL_PARAM_utf8_string(OSSL_SIGNATURE_PARAM_PSS_SALTLEN, NULL, 0),
|
||||
+#ifdef FIPS_MODULE
|
||||
+ OSSL_PARAM_int(OSSL_SIGNATURE_PARAM_REDHAT_FIPS_INDICATOR, NULL),
|
||||
+#endif
|
||||
OSSL_PARAM_END
|
||||
};
|
||||
|
||||
--
|
||||
2.41.0
|
||||
|
|
@ -0,0 +1,47 @@
|
|||
From afab56d09edb525dd794fcb2ae2295ab7f39400a Mon Sep 17 00:00:00 2001
|
||||
From: Dmitry Belyavskiy <dbelyavs@redhat.com>
|
||||
Date: Mon, 21 Aug 2023 16:01:48 +0200
|
||||
Subject: [PATCH 42/48] 0091-FIPS-RSA-encapsulate.patch
|
||||
|
||||
Patch-name: 0091-FIPS-RSA-encapsulate.patch
|
||||
Patch-id: 91
|
||||
---
|
||||
providers/implementations/kem/rsa_kem.c | 15 +++++++++++++++
|
||||
1 file changed, 15 insertions(+)
|
||||
|
||||
diff --git a/providers/implementations/kem/rsa_kem.c b/providers/implementations/kem/rsa_kem.c
|
||||
index 365ae3d7d6..8a6f585d0b 100644
|
||||
--- a/providers/implementations/kem/rsa_kem.c
|
||||
+++ b/providers/implementations/kem/rsa_kem.c
|
||||
@@ -265,6 +265,14 @@ static int rsasve_generate(PROV_RSA_CTX *prsactx,
|
||||
*secretlen = nlen;
|
||||
return 1;
|
||||
}
|
||||
+
|
||||
+#ifdef FIPS_MODULE
|
||||
+ if (nlen < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS/8) {
|
||||
+ ERR_raise(ERR_LIB_PROV, PROV_R_KEY_SIZE_TOO_SMALL);
|
||||
+ return 0;
|
||||
+ }
|
||||
+#endif
|
||||
+
|
||||
/*
|
||||
* Step (2): Generate a random byte string z of nlen bytes where
|
||||
* 1 < z < n - 1
|
||||
@@ -308,6 +316,13 @@ static int rsasve_recover(PROV_RSA_CTX *prsactx,
|
||||
return 1;
|
||||
}
|
||||
|
||||
+#ifdef FIPS_MODULE
|
||||
+ if (nlen < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS/8) {
|
||||
+ ERR_raise(ERR_LIB_PROV, PROV_R_KEY_SIZE_TOO_SMALL);
|
||||
+ return 0;
|
||||
+ }
|
||||
+#endif
|
||||
+
|
||||
/* Step (2): check the input ciphertext 'inlen' matches the nlen */
|
||||
if (inlen != nlen) {
|
||||
ERR_raise(ERR_LIB_PROV, PROV_R_BAD_LENGTH);
|
||||
--
|
||||
2.41.0
|
||||
|
|
@ -0,0 +1,330 @@
|
|||
From 590babb35e3aa399c889282747965e301333a656 Mon Sep 17 00:00:00 2001
|
||||
From: Dmitry Belyavskiy <dbelyavs@redhat.com>
|
||||
Date: Mon, 21 Aug 2023 16:07:18 +0200
|
||||
Subject: [PATCH 43/48]
|
||||
0093-DH-Disable-FIPS-186-4-type-parameters-in-FIPS-mode.patch
|
||||
|
||||
Patch-name: 0093-DH-Disable-FIPS-186-4-type-parameters-in-FIPS-mode.patch
|
||||
Patch-id: 93
|
||||
---
|
||||
crypto/dh/dh_backend.c | 10 ++++
|
||||
crypto/dh/dh_check.c | 12 ++--
|
||||
crypto/dh/dh_gen.c | 12 +++-
|
||||
crypto/dh/dh_key.c | 13 ++--
|
||||
crypto/dh/dh_pmeth.c | 10 +++-
|
||||
providers/implementations/keymgmt/dh_kmgmt.c | 5 ++
|
||||
test/endecode_test.c | 4 +-
|
||||
test/evp_libctx_test.c | 2 +-
|
||||
test/helpers/predefined_dhparams.c | 62 ++++++++++++++++++++
|
||||
test/helpers/predefined_dhparams.h | 1 +
|
||||
test/recipes/80-test_cms.t | 4 +-
|
||||
test/recipes/80-test_ssl_old.t | 3 +
|
||||
12 files changed, 118 insertions(+), 20 deletions(-)
|
||||
|
||||
diff --git a/crypto/dh/dh_backend.c b/crypto/dh/dh_backend.c
|
||||
index 726843fd30..24c65ca84f 100644
|
||||
--- a/crypto/dh/dh_backend.c
|
||||
+++ b/crypto/dh/dh_backend.c
|
||||
@@ -53,6 +53,16 @@ int ossl_dh_params_fromdata(DH *dh, const OSSL_PARAM params[])
|
||||
if (!dh_ffc_params_fromdata(dh, params))
|
||||
return 0;
|
||||
|
||||
+#ifdef FIPS_MODULE
|
||||
+ if (!ossl_dh_is_named_safe_prime_group(dh)) {
|
||||
+ ERR_raise_data(ERR_LIB_DH, DH_R_BAD_FFC_PARAMETERS,
|
||||
+ "FIPS 186-4 type domain parameters no longer allowed in"
|
||||
+ " FIPS mode, since the required validation routines"
|
||||
+ " were removed from FIPS 186-5");
|
||||
+ return 0;
|
||||
+ }
|
||||
+#endif
|
||||
+
|
||||
param_priv_len =
|
||||
OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_DH_PRIV_LEN);
|
||||
if (param_priv_len != NULL
|
||||
diff --git a/crypto/dh/dh_check.c b/crypto/dh/dh_check.c
|
||||
index 0b391910d6..75581ca347 100644
|
||||
--- a/crypto/dh/dh_check.c
|
||||
+++ b/crypto/dh/dh_check.c
|
||||
@@ -57,13 +57,15 @@ int DH_check_params(const DH *dh, int *ret)
|
||||
nid = DH_get_nid((DH *)dh);
|
||||
if (nid != NID_undef)
|
||||
return 1;
|
||||
+
|
||||
/*
|
||||
- * OR
|
||||
- * (2b) FFC domain params conform to FIPS-186-4 explicit domain param
|
||||
- * validity tests.
|
||||
+ * FIPS 186-4 explicit domain parameters are no longer supported in FIPS mode.
|
||||
*/
|
||||
- return ossl_ffc_params_FIPS186_4_validate(dh->libctx, &dh->params,
|
||||
- FFC_PARAM_TYPE_DH, ret, NULL);
|
||||
+ ERR_raise_data(ERR_LIB_DH, DH_R_BAD_FFC_PARAMETERS,
|
||||
+ "FIPS 186-4 type domain parameters no longer allowed in"
|
||||
+ " FIPS mode, since the required validation routines were"
|
||||
+ " removed from FIPS 186-5");
|
||||
+ return 0;
|
||||
}
|
||||
#else
|
||||
int DH_check_params(const DH *dh, int *ret)
|
||||
diff --git a/crypto/dh/dh_gen.c b/crypto/dh/dh_gen.c
|
||||
index 204662a81c..9961f21920 100644
|
||||
--- a/crypto/dh/dh_gen.c
|
||||
+++ b/crypto/dh/dh_gen.c
|
||||
@@ -39,18 +39,26 @@ static int dh_builtin_genparams(DH *ret, int prime_len, int generator,
|
||||
int ossl_dh_generate_ffc_parameters(DH *dh, int type, int pbits, int qbits,
|
||||
BN_GENCB *cb)
|
||||
{
|
||||
- int ret, res;
|
||||
+ int ret = 0;
|
||||
|
||||
#ifndef FIPS_MODULE
|
||||
+ int res;
|
||||
+
|
||||
if (type == DH_PARAMGEN_TYPE_FIPS_186_2)
|
||||
ret = ossl_ffc_params_FIPS186_2_generate(dh->libctx, &dh->params,
|
||||
FFC_PARAM_TYPE_DH,
|
||||
pbits, qbits, &res, cb);
|
||||
else
|
||||
-#endif
|
||||
ret = ossl_ffc_params_FIPS186_4_generate(dh->libctx, &dh->params,
|
||||
FFC_PARAM_TYPE_DH,
|
||||
pbits, qbits, &res, cb);
|
||||
+#else
|
||||
+ /* In FIPS mode, we no longer support FIPS 186-4 domain parameters */
|
||||
+ ERR_raise_data(ERR_LIB_DH, DH_R_BAD_FFC_PARAMETERS,
|
||||
+ "FIPS 186-4 type domain parameters no longer allowed in"
|
||||
+ " FIPS mode, since the required generation routines were"
|
||||
+ " removed from FIPS 186-5");
|
||||
+#endif
|
||||
if (ret > 0)
|
||||
dh->dirty_cnt++;
|
||||
return ret;
|
||||
diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c
|
||||
index 83773cceea..7e988368d3 100644
|
||||
--- a/crypto/dh/dh_key.c
|
||||
+++ b/crypto/dh/dh_key.c
|
||||
@@ -321,8 +321,12 @@ static int generate_key(DH *dh)
|
||||
goto err;
|
||||
} else {
|
||||
#ifdef FIPS_MODULE
|
||||
- if (dh->params.q == NULL)
|
||||
- goto err;
|
||||
+ ERR_raise_data(ERR_LIB_DH, DH_R_BAD_FFC_PARAMETERS,
|
||||
+ "FIPS 186-4 type domain parameters no longer"
|
||||
+ " allowed in FIPS mode, since the required"
|
||||
+ " generation routines were removed from FIPS"
|
||||
+ " 186-5");
|
||||
+ goto err;
|
||||
#else
|
||||
if (dh->params.q == NULL) {
|
||||
/* secret exponent length, must satisfy 2^(l-1) <= p */
|
||||
@@ -343,9 +347,7 @@ static int generate_key(DH *dh)
|
||||
if (!BN_clear_bit(priv_key, 0))
|
||||
goto err;
|
||||
}
|
||||
- } else
|
||||
-#endif
|
||||
- {
|
||||
+ } else {
|
||||
/* Do a partial check for invalid p, q, g */
|
||||
if (!ossl_ffc_params_simple_validate(dh->libctx, &dh->params,
|
||||
FFC_PARAM_TYPE_DH, NULL))
|
||||
@@ -361,6 +363,7 @@ static int generate_key(DH *dh)
|
||||
priv_key))
|
||||
goto err;
|
||||
}
|
||||
+#endif
|
||||
}
|
||||
}
|
||||
|
||||
diff --git a/crypto/dh/dh_pmeth.c b/crypto/dh/dh_pmeth.c
|
||||
index f201eede0d..30f90d15be 100644
|
||||
--- a/crypto/dh/dh_pmeth.c
|
||||
+++ b/crypto/dh/dh_pmeth.c
|
||||
@@ -305,13 +305,17 @@ static DH *ffc_params_generate(OSSL_LIB_CTX *libctx, DH_PKEY_CTX *dctx,
|
||||
prime_len, subprime_len, &res,
|
||||
pcb);
|
||||
else
|
||||
-# endif
|
||||
- /* For FIPS we always use the DH_PARAMGEN_TYPE_FIPS_186_4 generator */
|
||||
- if (dctx->paramgen_type >= DH_PARAMGEN_TYPE_FIPS_186_2)
|
||||
rv = ossl_ffc_params_FIPS186_4_generate(libctx, &ret->params,
|
||||
FFC_PARAM_TYPE_DH,
|
||||
prime_len, subprime_len, &res,
|
||||
pcb);
|
||||
+# else
|
||||
+ /* In FIPS mode, we no longer support FIPS 186-4 domain parameters */
|
||||
+ ERR_raise_data(ERR_LIB_DH, DH_R_BAD_FFC_PARAMETERS,
|
||||
+ "FIPS 186-4 type domain parameters no longer allowed in"
|
||||
+ " FIPS mode, since the required generation routines were"
|
||||
+ " removed from FIPS 186-5");
|
||||
+# endif
|
||||
if (rv <= 0) {
|
||||
DH_free(ret);
|
||||
return NULL;
|
||||
diff --git a/providers/implementations/keymgmt/dh_kmgmt.c b/providers/implementations/keymgmt/dh_kmgmt.c
|
||||
index 9a7dde7c66..b3e7bca5ac 100644
|
||||
--- a/providers/implementations/keymgmt/dh_kmgmt.c
|
||||
+++ b/providers/implementations/keymgmt/dh_kmgmt.c
|
||||
@@ -414,6 +414,11 @@ static int dh_validate(const void *keydata, int selection, int checktype)
|
||||
if ((selection & DH_POSSIBLE_SELECTIONS) == 0)
|
||||
return 1; /* nothing to validate */
|
||||
|
||||
+#ifdef FIPS_MODULE
|
||||
+ /* In FIPS provider, always check the domain parameters to disallow
|
||||
+ * operations on keys with FIPS 186-4 params. */
|
||||
+ selection |= OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
|
||||
+#endif
|
||||
if ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) != 0) {
|
||||
/*
|
||||
* Both of these functions check parameters. DH_check_params_ex()
|
||||
diff --git a/test/endecode_test.c b/test/endecode_test.c
|
||||
index 53385028fc..169f3ccd73 100644
|
||||
--- a/test/endecode_test.c
|
||||
+++ b/test/endecode_test.c
|
||||
@@ -84,10 +84,10 @@ static EVP_PKEY *make_template(const char *type, OSSL_PARAM *genparams)
|
||||
* for testing only. Use a minimum key size of 2048 for security purposes.
|
||||
*/
|
||||
if (strcmp(type, "DH") == 0)
|
||||
- return get_dh512(keyctx);
|
||||
+ return get_dh2048(keyctx);
|
||||
|
||||
if (strcmp(type, "X9.42 DH") == 0)
|
||||
- return get_dhx512(keyctx);
|
||||
+ return get_dhx_ffdhe2048(keyctx);
|
||||
# endif
|
||||
|
||||
/*
|
||||
diff --git a/test/evp_libctx_test.c b/test/evp_libctx_test.c
|
||||
index a7913cda4c..96a35ac1cc 100644
|
||||
--- a/test/evp_libctx_test.c
|
||||
+++ b/test/evp_libctx_test.c
|
||||
@@ -189,7 +189,7 @@ static int do_dh_param_keygen(int tstid, const BIGNUM **bn)
|
||||
|
||||
if (!TEST_ptr(gen_ctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey_parm, NULL))
|
||||
|| !TEST_int_gt(EVP_PKEY_keygen_init(gen_ctx), 0)
|
||||
- || !TEST_int_eq(EVP_PKEY_keygen(gen_ctx, &pkey), expected))
|
||||
+ || !TEST_int_eq(EVP_PKEY_keygen(gen_ctx, &pkey) == 1, expected))
|
||||
goto err;
|
||||
|
||||
if (expected) {
|
||||
diff --git a/test/helpers/predefined_dhparams.c b/test/helpers/predefined_dhparams.c
|
||||
index 4bdadc4143..e5186e4b4a 100644
|
||||
--- a/test/helpers/predefined_dhparams.c
|
||||
+++ b/test/helpers/predefined_dhparams.c
|
||||
@@ -116,6 +116,68 @@ EVP_PKEY *get_dhx512(OSSL_LIB_CTX *libctx)
|
||||
dhx512_q, sizeof(dhx512_q));
|
||||
}
|
||||
|
||||
+EVP_PKEY *get_dhx_ffdhe2048(OSSL_LIB_CTX *libctx)
|
||||
+{
|
||||
+ /* This is RFC 7919 ffdhe2048, since Red Hat removes support for
|
||||
+ * non-well-known groups in FIPS mode. */
|
||||
+ static unsigned char dhx_p[] = {
|
||||
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xad, 0xf8, 0x54, 0x58,
|
||||
+ 0xa2, 0xbb, 0x4a, 0x9a, 0xaf, 0xdc, 0x56, 0x20, 0x27, 0x3d, 0x3c, 0xf1,
|
||||
+ 0xd8, 0xb9, 0xc5, 0x83, 0xce, 0x2d, 0x36, 0x95, 0xa9, 0xe1, 0x36, 0x41,
|
||||
+ 0x14, 0x64, 0x33, 0xfb, 0xcc, 0x93, 0x9d, 0xce, 0x24, 0x9b, 0x3e, 0xf9,
|
||||
+ 0x7d, 0x2f, 0xe3, 0x63, 0x63, 0x0c, 0x75, 0xd8, 0xf6, 0x81, 0xb2, 0x02,
|
||||
+ 0xae, 0xc4, 0x61, 0x7a, 0xd3, 0xdf, 0x1e, 0xd5, 0xd5, 0xfd, 0x65, 0x61,
|
||||
+ 0x24, 0x33, 0xf5, 0x1f, 0x5f, 0x06, 0x6e, 0xd0, 0x85, 0x63, 0x65, 0x55,
|
||||
+ 0x3d, 0xed, 0x1a, 0xf3, 0xb5, 0x57, 0x13, 0x5e, 0x7f, 0x57, 0xc9, 0x35,
|
||||
+ 0x98, 0x4f, 0x0c, 0x70, 0xe0, 0xe6, 0x8b, 0x77, 0xe2, 0xa6, 0x89, 0xda,
|
||||
+ 0xf3, 0xef, 0xe8, 0x72, 0x1d, 0xf1, 0x58, 0xa1, 0x36, 0xad, 0xe7, 0x35,
|
||||
+ 0x30, 0xac, 0xca, 0x4f, 0x48, 0x3a, 0x79, 0x7a, 0xbc, 0x0a, 0xb1, 0x82,
|
||||
+ 0xb3, 0x24, 0xfb, 0x61, 0xd1, 0x08, 0xa9, 0x4b, 0xb2, 0xc8, 0xe3, 0xfb,
|
||||
+ 0xb9, 0x6a, 0xda, 0xb7, 0x60, 0xd7, 0xf4, 0x68, 0x1d, 0x4f, 0x42, 0xa3,
|
||||
+ 0xde, 0x39, 0x4d, 0xf4, 0xae, 0x56, 0xed, 0xe7, 0x63, 0x72, 0xbb, 0x19,
|
||||
+ 0x0b, 0x07, 0xa7, 0xc8, 0xee, 0x0a, 0x6d, 0x70, 0x9e, 0x02, 0xfc, 0xe1,
|
||||
+ 0xcd, 0xf7, 0xe2, 0xec, 0xc0, 0x34, 0x04, 0xcd, 0x28, 0x34, 0x2f, 0x61,
|
||||
+ 0x91, 0x72, 0xfe, 0x9c, 0xe9, 0x85, 0x83, 0xff, 0x8e, 0x4f, 0x12, 0x32,
|
||||
+ 0xee, 0xf2, 0x81, 0x83, 0xc3, 0xfe, 0x3b, 0x1b, 0x4c, 0x6f, 0xad, 0x73,
|
||||
+ 0x3b, 0xb5, 0xfc, 0xbc, 0x2e, 0xc2, 0x20, 0x05, 0xc5, 0x8e, 0xf1, 0x83,
|
||||
+ 0x7d, 0x16, 0x83, 0xb2, 0xc6, 0xf3, 0x4a, 0x26, 0xc1, 0xb2, 0xef, 0xfa,
|
||||
+ 0x88, 0x6b, 0x42, 0x38, 0x61, 0x28, 0x5c, 0x97, 0xff, 0xff, 0xff, 0xff,
|
||||
+ 0xff, 0xff, 0xff, 0xff
|
||||
+ };
|
||||
+ static unsigned char dhx_g[] = {
|
||||
+ 0x02
|
||||
+ };
|
||||
+ static unsigned char dhx_q[] = {
|
||||
+ 0x7f, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xd6, 0xfc, 0x2a, 0x2c,
|
||||
+ 0x51, 0x5d, 0xa5, 0x4d, 0x57, 0xee, 0x2b, 0x10, 0x13, 0x9e, 0x9e, 0x78,
|
||||
+ 0xec, 0x5c, 0xe2, 0xc1, 0xe7, 0x16, 0x9b, 0x4a, 0xd4, 0xf0, 0x9b, 0x20,
|
||||
+ 0x8a, 0x32, 0x19, 0xfd, 0xe6, 0x49, 0xce, 0xe7, 0x12, 0x4d, 0x9f, 0x7c,
|
||||
+ 0xbe, 0x97, 0xf1, 0xb1, 0xb1, 0x86, 0x3a, 0xec, 0x7b, 0x40, 0xd9, 0x01,
|
||||
+ 0x57, 0x62, 0x30, 0xbd, 0x69, 0xef, 0x8f, 0x6a, 0xea, 0xfe, 0xb2, 0xb0,
|
||||
+ 0x92, 0x19, 0xfa, 0x8f, 0xaf, 0x83, 0x37, 0x68, 0x42, 0xb1, 0xb2, 0xaa,
|
||||
+ 0x9e, 0xf6, 0x8d, 0x79, 0xda, 0xab, 0x89, 0xaf, 0x3f, 0xab, 0xe4, 0x9a,
|
||||
+ 0xcc, 0x27, 0x86, 0x38, 0x70, 0x73, 0x45, 0xbb, 0xf1, 0x53, 0x44, 0xed,
|
||||
+ 0x79, 0xf7, 0xf4, 0x39, 0x0e, 0xf8, 0xac, 0x50, 0x9b, 0x56, 0xf3, 0x9a,
|
||||
+ 0x98, 0x56, 0x65, 0x27, 0xa4, 0x1d, 0x3c, 0xbd, 0x5e, 0x05, 0x58, 0xc1,
|
||||
+ 0x59, 0x92, 0x7d, 0xb0, 0xe8, 0x84, 0x54, 0xa5, 0xd9, 0x64, 0x71, 0xfd,
|
||||
+ 0xdc, 0xb5, 0x6d, 0x5b, 0xb0, 0x6b, 0xfa, 0x34, 0x0e, 0xa7, 0xa1, 0x51,
|
||||
+ 0xef, 0x1c, 0xa6, 0xfa, 0x57, 0x2b, 0x76, 0xf3, 0xb1, 0xb9, 0x5d, 0x8c,
|
||||
+ 0x85, 0x83, 0xd3, 0xe4, 0x77, 0x05, 0x36, 0xb8, 0x4f, 0x01, 0x7e, 0x70,
|
||||
+ 0xe6, 0xfb, 0xf1, 0x76, 0x60, 0x1a, 0x02, 0x66, 0x94, 0x1a, 0x17, 0xb0,
|
||||
+ 0xc8, 0xb9, 0x7f, 0x4e, 0x74, 0xc2, 0xc1, 0xff, 0xc7, 0x27, 0x89, 0x19,
|
||||
+ 0x77, 0x79, 0x40, 0xc1, 0xe1, 0xff, 0x1d, 0x8d, 0xa6, 0x37, 0xd6, 0xb9,
|
||||
+ 0x9d, 0xda, 0xfe, 0x5e, 0x17, 0x61, 0x10, 0x02, 0xe2, 0xc7, 0x78, 0xc1,
|
||||
+ 0xbe, 0x8b, 0x41, 0xd9, 0x63, 0x79, 0xa5, 0x13, 0x60, 0xd9, 0x77, 0xfd,
|
||||
+ 0x44, 0x35, 0xa1, 0x1c, 0x30, 0x94, 0x2e, 0x4b, 0xff, 0xff, 0xff, 0xff,
|
||||
+ 0xff, 0xff, 0xff, 0xff
|
||||
+ };
|
||||
+
|
||||
+ return get_dh_from_pg(libctx, "X9.42 DH",
|
||||
+ dhx_p, sizeof(dhx_p),
|
||||
+ dhx_g, sizeof(dhx_g),
|
||||
+ dhx_q, sizeof(dhx_q));
|
||||
+}
|
||||
+
|
||||
EVP_PKEY *get_dh1024dsa(OSSL_LIB_CTX *libctx)
|
||||
{
|
||||
static unsigned char dh1024_p[] = {
|
||||
diff --git a/test/helpers/predefined_dhparams.h b/test/helpers/predefined_dhparams.h
|
||||
index f0e8709062..2ff6d6e721 100644
|
||||
--- a/test/helpers/predefined_dhparams.h
|
||||
+++ b/test/helpers/predefined_dhparams.h
|
||||
@@ -12,6 +12,7 @@
|
||||
#ifndef OPENSSL_NO_DH
|
||||
EVP_PKEY *get_dh512(OSSL_LIB_CTX *libctx);
|
||||
EVP_PKEY *get_dhx512(OSSL_LIB_CTX *libctx);
|
||||
+EVP_PKEY *get_dhx_ffdhe2048(OSSL_LIB_CTX *libctx);
|
||||
EVP_PKEY *get_dh1024dsa(OSSL_LIB_CTX *libct);
|
||||
EVP_PKEY *get_dh2048(OSSL_LIB_CTX *libctx);
|
||||
EVP_PKEY *get_dh4096(OSSL_LIB_CTX *libctx);
|
||||
diff --git a/test/recipes/80-test_cms.t b/test/recipes/80-test_cms.t
|
||||
index 2a459856f0..afac836fa3 100644
|
||||
--- a/test/recipes/80-test_cms.t
|
||||
+++ b/test/recipes/80-test_cms.t
|
||||
@@ -627,10 +627,10 @@ my @smime_cms_param_tests = (
|
||||
],
|
||||
|
||||
[ "enveloped content test streaming S/MIME format, X9.42 DH",
|
||||
- [ "{cmd1}", @prov, "-encrypt", "-in", $smcont,
|
||||
+ [ "{cmd1}", @defaultprov, "-encrypt", "-in", $smcont,
|
||||
"-stream", "-out", "{output}.cms",
|
||||
"-recip", catfile($smdir, "smdh.pem"), "-aes128" ],
|
||||
- [ "{cmd2}", @prov, "-decrypt", "-recip", catfile($smdir, "smdh.pem"),
|
||||
+ [ "{cmd2}", @defaultprov, "-decrypt", "-recip", catfile($smdir, "smdh.pem"),
|
||||
"-in", "{output}.cms", "-out", "{output}.txt" ],
|
||||
\&final_compare
|
||||
]
|
||||
diff --git a/test/recipes/80-test_ssl_old.t b/test/recipes/80-test_ssl_old.t
|
||||
index 527abcea6e..e1d38b1e62 100644
|
||||
--- a/test/recipes/80-test_ssl_old.t
|
||||
+++ b/test/recipes/80-test_ssl_old.t
|
||||
@@ -390,6 +390,9 @@ sub testssl {
|
||||
skip "skipping dhe1024dsa test", 1
|
||||
if ($no_dh);
|
||||
|
||||
+ skip "FIPS 186-4 type DH groups are no longer supported by the FIPS provider", 1
|
||||
+ if $provider eq "fips";
|
||||
+
|
||||
ok(run(test([@ssltest, "-bio_pair", "-dhe1024dsa", "-v"])),
|
||||
'test sslv2/sslv3 with 1024bit DHE via BIO pair');
|
||||
}
|
||||
--
|
||||
2.41.0
|
||||
|
|
@ -0,0 +1,96 @@
|
|||
From 5db03a4d024f1e396ff54d38ac70d9890b034074 Mon Sep 17 00:00:00 2001
|
||||
From: Dmitry Belyavskiy <dbelyavs@redhat.com>
|
||||
Date: Mon, 21 Aug 2023 16:10:11 +0200
|
||||
Subject: [PATCH 45/48]
|
||||
0110-GCM-Implement-explicit-FIPS-indicator-for-IV-gen.patch
|
||||
|
||||
Patch-name: 0110-GCM-Implement-explicit-FIPS-indicator-for-IV-gen.patch
|
||||
Patch-id: 110
|
||||
---
|
||||
include/openssl/core_names.h | 1 +
|
||||
include/openssl/evp.h | 4 +++
|
||||
.../implementations/ciphers/ciphercommon.c | 4 +++
|
||||
.../ciphers/ciphercommon_gcm.c | 25 +++++++++++++++++++
|
||||
4 files changed, 34 insertions(+)
|
||||
|
||||
diff --git a/include/openssl/core_names.h b/include/openssl/core_names.h
|
||||
index 48af87e236..29459049ad 100644
|
||||
--- a/include/openssl/core_names.h
|
||||
+++ b/include/openssl/core_names.h
|
||||
@@ -99,6 +99,7 @@ extern "C" {
|
||||
#define OSSL_CIPHER_PARAM_CTS_MODE "cts_mode" /* utf8_string */
|
||||
/* For passing the AlgorithmIdentifier parameter in DER form */
|
||||
#define OSSL_CIPHER_PARAM_ALGORITHM_ID_PARAMS "alg_id_param" /* octet_string */
|
||||
+#define OSSL_CIPHER_PARAM_REDHAT_FIPS_INDICATOR "redhat-fips-indicator" /* int */
|
||||
|
||||
#define OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_SEND_FRAGMENT \
|
||||
"tls1multi_maxsndfrag" /* uint */
|
||||
diff --git a/include/openssl/evp.h b/include/openssl/evp.h
|
||||
index 05f2d0f75a..f1a33ff6f2 100644
|
||||
--- a/include/openssl/evp.h
|
||||
+++ b/include/openssl/evp.h
|
||||
@@ -748,6 +748,10 @@ void EVP_CIPHER_CTX_set_flags(EVP_CIPHER_CTX *ctx, int flags);
|
||||
void EVP_CIPHER_CTX_clear_flags(EVP_CIPHER_CTX *ctx, int flags);
|
||||
int EVP_CIPHER_CTX_test_flags(const EVP_CIPHER_CTX *ctx, int flags);
|
||||
|
||||
+# define EVP_CIPHER_REDHAT_FIPS_INDICATOR_UNDETERMINED 0
|
||||
+# define EVP_CIPHER_REDHAT_FIPS_INDICATOR_APPROVED 1
|
||||
+# define EVP_CIPHER_REDHAT_FIPS_INDICATOR_NOT_APPROVED 2
|
||||
+
|
||||
__owur int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
|
||||
const unsigned char *key, const unsigned char *iv);
|
||||
/*__owur*/ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx,
|
||||
diff --git a/providers/implementations/ciphers/ciphercommon.c b/providers/implementations/ciphers/ciphercommon.c
|
||||
index fa383165d8..716add7339 100644
|
||||
--- a/providers/implementations/ciphers/ciphercommon.c
|
||||
+++ b/providers/implementations/ciphers/ciphercommon.c
|
||||
@@ -149,6 +149,10 @@ static const OSSL_PARAM cipher_aead_known_gettable_ctx_params[] = {
|
||||
OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG, NULL, 0),
|
||||
OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD_PAD, NULL),
|
||||
OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TLS1_GET_IV_GEN, NULL, 0),
|
||||
+ /* normally we would hide this under an #ifdef FIPS_MODULE, but that does
|
||||
+ * not work in ciphercommon.c because it is compiled only once into
|
||||
+ * libcommon.a */
|
||||
+ OSSL_PARAM_int(OSSL_CIPHER_PARAM_REDHAT_FIPS_INDICATOR, NULL),
|
||||
OSSL_PARAM_END
|
||||
};
|
||||
const OSSL_PARAM *ossl_cipher_aead_gettable_ctx_params(
|
||||
diff --git a/providers/implementations/ciphers/ciphercommon_gcm.c b/providers/implementations/ciphers/ciphercommon_gcm.c
|
||||
index ed95c97ff4..db7910eb0e 100644
|
||||
--- a/providers/implementations/ciphers/ciphercommon_gcm.c
|
||||
+++ b/providers/implementations/ciphers/ciphercommon_gcm.c
|
||||
@@ -224,6 +224,31 @@ int ossl_gcm_get_ctx_params(void *vctx, OSSL_PARAM params[])
|
||||
|| !getivgen(ctx, p->data, p->data_size))
|
||||
return 0;
|
||||
}
|
||||
+
|
||||
+ /* We would usually hide this under #ifdef FIPS_MODULE, but
|
||||
+ * ciphercommon_gcm.c is only compiled once into libcommon.a, so ifdefs do
|
||||
+ * not work here. */
|
||||
+ p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_REDHAT_FIPS_INDICATOR);
|
||||
+ if (p != NULL) {
|
||||
+ int fips_indicator = EVP_CIPHER_REDHAT_FIPS_INDICATOR_APPROVED;
|
||||
+
|
||||
+ /* Implementation Guidance for FIPS 140-3 and the Cryptographic Module
|
||||
+ * Verification Program, Section C.H requires guarantees about the
|
||||
+ * uniqueness of key/iv pairs, and proposes a few approaches to ensure
|
||||
+ * this. This provides an indicator for option 2 "The IV may be
|
||||
+ * generated internally at its entirety randomly." Note that one of the
|
||||
+ * conditions of this option is that "The IV length shall be at least
|
||||
+ * 96 bits (per SP 800-38D)." We do not specically check for this
|
||||
+ * condition here, because gcm_iv_generate will fail in this case. */
|
||||
+ if (ctx->enc && !ctx->iv_gen_rand)
|
||||
+ fips_indicator = EVP_CIPHER_REDHAT_FIPS_INDICATOR_NOT_APPROVED;
|
||||
+
|
||||
+ if (!OSSL_PARAM_set_int(p, fips_indicator)) {
|
||||
+ ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
|
||||
+ return 0;
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
return 1;
|
||||
}
|
||||
|
||||
--
|
||||
2.41.0
|
||||
|
|
@ -0,0 +1,75 @@
|
|||
From 48c763ed9cc889806bc01222382ce6f918a408a2 Mon Sep 17 00:00:00 2001
|
||||
From: Dmitry Belyavskiy <dbelyavs@redhat.com>
|
||||
Date: Mon, 21 Aug 2023 16:12:33 +0200
|
||||
Subject: [PATCH 46/48]
|
||||
0112-pbdkf2-Set-indicator-if-pkcs5-param-disabled-checks.patch
|
||||
|
||||
Patch-name: 0112-pbdkf2-Set-indicator-if-pkcs5-param-disabled-checks.patch
|
||||
Patch-id: 112
|
||||
---
|
||||
providers/implementations/kdfs/pbkdf2.c | 40 +++++++++++++++++++++++--
|
||||
1 file changed, 37 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/providers/implementations/kdfs/pbkdf2.c b/providers/implementations/kdfs/pbkdf2.c
|
||||
index 11820d1e69..bae2238ab5 100644
|
||||
--- a/providers/implementations/kdfs/pbkdf2.c
|
||||
+++ b/providers/implementations/kdfs/pbkdf2.c
|
||||
@@ -284,11 +284,42 @@ static const OSSL_PARAM *kdf_pbkdf2_settable_ctx_params(ossl_unused void *ctx,
|
||||
|
||||
static int kdf_pbkdf2_get_ctx_params(void *vctx, OSSL_PARAM params[])
|
||||
{
|
||||
+#ifdef FIPS_MODULE
|
||||
+ KDF_PBKDF2 *ctx = (KDF_PBKDF2 *)vctx;
|
||||
+#endif /* defined(FIPS_MODULE) */
|
||||
OSSL_PARAM *p;
|
||||
+ int any_valid = 0; /* set to 1 when at least one parameter was valid */
|
||||
+
|
||||
+ if ((p = OSSL_PARAM_locate(params, OSSL_KDF_PARAM_SIZE)) != NULL) {
|
||||
+ any_valid = 1;
|
||||
+
|
||||
+ if (!OSSL_PARAM_set_size_t(p, SIZE_MAX))
|
||||
+ return 0;
|
||||
+ }
|
||||
+
|
||||
+#ifdef FIPS_MODULE
|
||||
+ if ((p = OSSL_PARAM_locate(params, OSSL_KDF_PARAM_REDHAT_FIPS_INDICATOR))
|
||||
+ != NULL) {
|
||||
+ int fips_indicator = EVP_KDF_REDHAT_FIPS_INDICATOR_APPROVED;
|
||||
+
|
||||
+ /* The lower_bound_checks parameter enables checks required by FIPS. If
|
||||
+ * those checks are disabled, the PBKDF2 implementation will also
|
||||
+ * support non-approved parameters (e.g., salt lengths < 16 bytes, see
|
||||
+ * NIST SP 800-132 section 5.1). */
|
||||
+ if (!ctx->lower_bound_checks)
|
||||
+ fips_indicator = EVP_KDF_REDHAT_FIPS_INDICATOR_NOT_APPROVED;
|
||||
|
||||
- if ((p = OSSL_PARAM_locate(params, OSSL_KDF_PARAM_SIZE)) != NULL)
|
||||
- return OSSL_PARAM_set_size_t(p, SIZE_MAX);
|
||||
- return -2;
|
||||
+ if (!OSSL_PARAM_set_int(p, fips_indicator))
|
||||
+ return 0;
|
||||
+
|
||||
+ any_valid = 1;
|
||||
+ }
|
||||
+#endif /* defined(FIPS_MODULE) */
|
||||
+
|
||||
+ if (!any_valid)
|
||||
+ return -2;
|
||||
+
|
||||
+ return 1;
|
||||
}
|
||||
|
||||
static const OSSL_PARAM *kdf_pbkdf2_gettable_ctx_params(ossl_unused void *ctx,
|
||||
@@ -296,6 +327,9 @@ static const OSSL_PARAM *kdf_pbkdf2_gettable_ctx_params(ossl_unused void *ctx,
|
||||
{
|
||||
static const OSSL_PARAM known_gettable_ctx_params[] = {
|
||||
OSSL_PARAM_size_t(OSSL_KDF_PARAM_SIZE, NULL),
|
||||
+#ifdef FIPS_MODULE
|
||||
+ OSSL_PARAM_int(OSSL_KDF_PARAM_REDHAT_FIPS_INDICATOR, NULL),
|
||||
+#endif /* defined(FIPS_MODULE) */
|
||||
OSSL_PARAM_END
|
||||
};
|
||||
return known_gettable_ctx_params;
|
||||
--
|
||||
2.41.0
|
||||
|
|
@ -0,0 +1,137 @@
|
|||
From 136988155862ce2b45683ef8045e7a8cdd11e215 Mon Sep 17 00:00:00 2001
|
||||
From: Dmitry Belyavskiy <dbelyavs@redhat.com>
|
||||
Date: Mon, 21 Aug 2023 16:13:46 +0200
|
||||
Subject: [PATCH 47/48] 0113-asymciphers-kem-Add-explicit-FIPS-indicator.patch
|
||||
|
||||
Patch-name: 0113-asymciphers-kem-Add-explicit-FIPS-indicator.patch
|
||||
Patch-id: 113
|
||||
---
|
||||
include/openssl/core_names.h | 2 ++
|
||||
include/openssl/evp.h | 4 +++
|
||||
.../implementations/asymciphers/rsa_enc.c | 22 ++++++++++++++
|
||||
providers/implementations/kem/rsa_kem.c | 30 ++++++++++++++++++-
|
||||
4 files changed, 57 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/include/openssl/core_names.h b/include/openssl/core_names.h
|
||||
index 29459049ad..9af0b1847d 100644
|
||||
--- a/include/openssl/core_names.h
|
||||
+++ b/include/openssl/core_names.h
|
||||
@@ -480,6 +480,7 @@ extern "C" {
|
||||
#ifdef FIPS_MODULE
|
||||
#define OSSL_ASYM_CIPHER_PARAM_REDHAT_KAT_OEAP_SEED "redhat-kat-oaep-seed"
|
||||
#endif
|
||||
+#define OSSL_ASYM_CIPHER_PARAM_REDHAT_FIPS_INDICATOR "redhat-fips-indicator"
|
||||
|
||||
/*
|
||||
* Encoder / decoder parameters
|
||||
@@ -514,6 +515,7 @@ extern "C" {
|
||||
|
||||
/* KEM parameters */
|
||||
#define OSSL_KEM_PARAM_OPERATION "operation"
|
||||
+#define OSSL_KEM_PARAM_REDHAT_FIPS_INDICATOR "redhat-fips-indicator" /* int */
|
||||
|
||||
/* OSSL_KEM_PARAM_OPERATION values */
|
||||
#define OSSL_KEM_PARAM_OPERATION_RSASVE "RSASVE"
|
||||
diff --git a/include/openssl/evp.h b/include/openssl/evp.h
|
||||
index f1a33ff6f2..dadbf46a5a 100644
|
||||
--- a/include/openssl/evp.h
|
||||
+++ b/include/openssl/evp.h
|
||||
@@ -1767,6 +1767,10 @@ OSSL_DEPRECATEDIN_3_0 size_t EVP_PKEY_meth_get_count(void);
|
||||
OSSL_DEPRECATEDIN_3_0 const EVP_PKEY_METHOD *EVP_PKEY_meth_get0(size_t idx);
|
||||
# endif
|
||||
|
||||
+# define EVP_PKEY_REDHAT_FIPS_INDICATOR_UNDETERMINED 0
|
||||
+# define EVP_PKEY_REDHAT_FIPS_INDICATOR_APPROVED 1
|
||||
+# define EVP_PKEY_REDHAT_FIPS_INDICATOR_NOT_APPROVED 2
|
||||
+
|
||||
EVP_KEYMGMT *EVP_KEYMGMT_fetch(OSSL_LIB_CTX *ctx, const char *algorithm,
|
||||
const char *properties);
|
||||
int EVP_KEYMGMT_up_ref(EVP_KEYMGMT *keymgmt);
|
||||
diff --git a/providers/implementations/asymciphers/rsa_enc.c b/providers/implementations/asymciphers/rsa_enc.c
|
||||
index d169bfd396..bd4dcb4e27 100644
|
||||
--- a/providers/implementations/asymciphers/rsa_enc.c
|
||||
+++ b/providers/implementations/asymciphers/rsa_enc.c
|
||||
@@ -466,6 +466,27 @@ static int rsa_get_ctx_params(void *vprsactx, OSSL_PARAM *params)
|
||||
if (p != NULL && !OSSL_PARAM_set_uint(p, prsactx->implicit_rejection))
|
||||
return 0;
|
||||
|
||||
+#ifdef FIPS_MODULE
|
||||
+ p = OSSL_PARAM_locate(params, OSSL_ASYM_CIPHER_PARAM_REDHAT_FIPS_INDICATOR);
|
||||
+ if (p != NULL) {
|
||||
+ int fips_indicator = EVP_PKEY_REDHAT_FIPS_INDICATOR_APPROVED;
|
||||
+
|
||||
+ /* NIST SP 800-56Br2 section 6.4.2.1 requires either explicit key
|
||||
+ * confirmation (section 6.4.2.3.2), or assurance from a trusted third
|
||||
+ * party (section 6.4.2.3.1) for the KTS-OAEP key transport scheme, but
|
||||
+ * explicit key confirmation is not implemented here and cannot be
|
||||
+ * implemented without protocol changes, and the FIPS provider does not
|
||||
+ * implement trusted third party validation, since it relies on its
|
||||
+ * callers to do that. We must thus mark RSA-OAEP as unapproved until
|
||||
+ * we have received clarification from NIST on how library modules such
|
||||
+ * as OpenSSL should implement TTP validation. */
|
||||
+ fips_indicator = EVP_PKEY_REDHAT_FIPS_INDICATOR_NOT_APPROVED;
|
||||
+
|
||||
+ if (!OSSL_PARAM_set_int(p, fips_indicator))
|
||||
+ return 0;
|
||||
+ }
|
||||
+#endif /* defined(FIPS_MODULE) */
|
||||
+
|
||||
return 1;
|
||||
}
|
||||
|
||||
@@ -480,6 +501,7 @@ static const OSSL_PARAM known_gettable_ctx_params[] = {
|
||||
OSSL_PARAM_uint(OSSL_ASYM_CIPHER_PARAM_IMPLICIT_REJECTION, NULL),
|
||||
#ifdef FIPS_MODULE
|
||||
OSSL_PARAM_octet_string(OSSL_ASYM_CIPHER_PARAM_REDHAT_KAT_OEAP_SEED, NULL, 0),
|
||||
+ OSSL_PARAM_int(OSSL_ASYM_CIPHER_PARAM_REDHAT_FIPS_INDICATOR, NULL),
|
||||
#endif /* FIPS_MODULE */
|
||||
OSSL_PARAM_END
|
||||
};
|
||||
diff --git a/providers/implementations/kem/rsa_kem.c b/providers/implementations/kem/rsa_kem.c
|
||||
index 8a6f585d0b..f4b7415074 100644
|
||||
--- a/providers/implementations/kem/rsa_kem.c
|
||||
+++ b/providers/implementations/kem/rsa_kem.c
|
||||
@@ -152,11 +152,39 @@ static int rsakem_decapsulate_init(void *vprsactx, void *vrsa,
|
||||
static int rsakem_get_ctx_params(void *vprsactx, OSSL_PARAM *params)
|
||||
{
|
||||
PROV_RSA_CTX *ctx = (PROV_RSA_CTX *)vprsactx;
|
||||
+#ifdef FIPS_MODULE
|
||||
+ OSSL_PARAM *p;
|
||||
+#endif /* defined(FIPS_MODULE) */
|
||||
+
|
||||
+ if (ctx == NULL)
|
||||
+ return 0;
|
||||
+
|
||||
+#ifdef FIPS_MODULE
|
||||
+ p = OSSL_PARAM_locate(params, OSSL_KEM_PARAM_REDHAT_FIPS_INDICATOR);
|
||||
+ if (p != NULL) {
|
||||
+ /* NIST SP 800-56Br2 section 6.4.2.1 requires either explicit key
|
||||
+ * confirmation (section 6.4.2.3.2), or assurance from a trusted third
|
||||
+ * party (section 6.4.2.3.1) for key agreement or key transport, but
|
||||
+ * explicit key confirmation is not implemented here and cannot be
|
||||
+ * implemented without protocol changes, and the FIPS provider does not
|
||||
+ * implement trusted third party validation, since it relies on its
|
||||
+ * callers to do that. We must thus mark RSASVE unapproved until we
|
||||
+ * have received clarification from NIST on how library modules such as
|
||||
+ * OpenSSL should implement TTP validation. */
|
||||
+ int fips_indicator = EVP_PKEY_REDHAT_FIPS_INDICATOR_NOT_APPROVED;
|
||||
+
|
||||
+ if (!OSSL_PARAM_set_int(p, fips_indicator))
|
||||
+ return 0;
|
||||
+ }
|
||||
+#endif /* defined(FIPS_MODULE) */
|
||||
|
||||
- return ctx != NULL;
|
||||
+ return 1;
|
||||
}
|
||||
|
||||
static const OSSL_PARAM known_gettable_rsakem_ctx_params[] = {
|
||||
+#ifdef FIPS_MODULE
|
||||
+ OSSL_PARAM_int(OSSL_KEM_PARAM_REDHAT_FIPS_INDICATOR, NULL),
|
||||
+#endif /* defined(FIPS_MODULE) */
|
||||
OSSL_PARAM_END
|
||||
};
|
||||
|
||||
--
|
||||
2.41.0
|
||||
|
|
@ -0,0 +1,251 @@
|
|||
From 9b02ad7225b74a5b9088b361caead0a41e570e93 Mon Sep 17 00:00:00 2001
|
||||
From: Dmitry Belyavskiy <dbelyavs@redhat.com>
|
||||
Date: Mon, 21 Aug 2023 16:40:56 +0200
|
||||
Subject: [PATCH 48/48] 0114-FIPS-enforce-EMS-support.patch
|
||||
|
||||
Patch-name: 0114-FIPS-enforce-EMS-support.patch
|
||||
Patch-id: 114
|
||||
Patch-status: |
|
||||
# We believe that some changes present in CentOS are not necessary
|
||||
# because ustream has a check for FIPS version
|
||||
---
|
||||
doc/man3/SSL_CONF_cmd.pod | 3 +++
|
||||
doc/man5/fips_config.pod | 13 +++++++++++
|
||||
include/openssl/fips_names.h | 8 +++++++
|
||||
include/openssl/ssl.h.in | 1 +
|
||||
providers/fips/fipsprov.c | 2 +-
|
||||
providers/implementations/kdfs/tls1_prf.c | 22 +++++++++++++++++++
|
||||
ssl/ssl_conf.c | 1 +
|
||||
ssl/statem/extensions_srvr.c | 8 ++++++-
|
||||
ssl/t1_enc.c | 11 ++++++++--
|
||||
.../30-test_evp_data/evpkdf_tls12_prf.txt | 10 +++++++++
|
||||
test/sslapitest.c | 2 +-
|
||||
11 files changed, 76 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/doc/man3/SSL_CONF_cmd.pod b/doc/man3/SSL_CONF_cmd.pod
|
||||
index ae6ca43282..b83c04a308 100644
|
||||
--- a/doc/man3/SSL_CONF_cmd.pod
|
||||
+++ b/doc/man3/SSL_CONF_cmd.pod
|
||||
@@ -524,6 +524,9 @@ B<ExtendedMasterSecret>: use extended master secret extension, enabled by
|
||||
default. Inverse of B<SSL_OP_NO_EXTENDED_MASTER_SECRET>: that is,
|
||||
B<-ExtendedMasterSecret> is the same as setting B<SSL_OP_NO_EXTENDED_MASTER_SECRET>.
|
||||
|
||||
+B<RHNoEnforceEMSinFIPS>: allow establishing connections without EMS in FIPS mode.
|
||||
+This is a RedHat-based OS specific option, and normally it should be set up via crypto policies.
|
||||
+
|
||||
B<CANames>: use CA names extension, enabled by
|
||||
default. Inverse of B<SSL_OP_DISABLE_TLSEXT_CA_NAMES>: that is,
|
||||
B<-CANames> is the same as setting B<SSL_OP_DISABLE_TLSEXT_CA_NAMES>.
|
||||
diff --git a/doc/man5/fips_config.pod b/doc/man5/fips_config.pod
|
||||
index 1c15e32a5c..f2cedaf88d 100644
|
||||
--- a/doc/man5/fips_config.pod
|
||||
+++ b/doc/man5/fips_config.pod
|
||||
@@ -15,6 +15,19 @@ for more information.
|
||||
|
||||
This functionality was added in OpenSSL 3.0.
|
||||
|
||||
+Red Hat Enterprise Linux uses a supplementary config for FIPS module located in
|
||||
+OpenSSL configuration directory and managed by crypto policies. If present, it
|
||||
+should have format
|
||||
+
|
||||
+ [fips_sect]
|
||||
+ tls1-prf-ems-check = 0
|
||||
+ activate = 1
|
||||
+
|
||||
+The B<tls1-prf-ems-check> option specifies whether FIPS module will require the
|
||||
+presence of extended master secret or not.
|
||||
+
|
||||
+The B<activate> option enforces FIPS provider activation.
|
||||
+
|
||||
=head1 COPYRIGHT
|
||||
|
||||
Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
|
||||
diff --git a/include/openssl/fips_names.h b/include/openssl/fips_names.h
|
||||
index 5c77f6d691..8cdd5a6bf7 100644
|
||||
--- a/include/openssl/fips_names.h
|
||||
+++ b/include/openssl/fips_names.h
|
||||
@@ -70,6 +70,14 @@ extern "C" {
|
||||
*/
|
||||
# define OSSL_PROV_FIPS_PARAM_DRBG_TRUNC_DIGEST "drbg-no-trunc-md"
|
||||
|
||||
+/*
|
||||
+ * A boolean that determines if the runtime FIPS check for TLS1_PRF EMS is performed.
|
||||
+ * This is disabled by default.
|
||||
+ *
|
||||
+ * Type: OSSL_PARAM_UTF8_STRING
|
||||
+ */
|
||||
+# define OSSL_PROV_FIPS_PARAM_TLS1_PRF_EMS_CHECK "tls1-prf-ems-check"
|
||||
+
|
||||
# ifdef __cplusplus
|
||||
}
|
||||
# endif
|
||||
diff --git a/include/openssl/ssl.h.in b/include/openssl/ssl.h.in
|
||||
index 0b6de603e2..26a69ca282 100644
|
||||
--- a/include/openssl/ssl.h.in
|
||||
+++ b/include/openssl/ssl.h.in
|
||||
@@ -415,6 +415,7 @@ typedef int (*SSL_async_callback_fn)(SSL *s, void *arg);
|
||||
* interoperability with CryptoPro CSP 3.x
|
||||
*/
|
||||
# define SSL_OP_CRYPTOPRO_TLSEXT_BUG SSL_OP_BIT(31)
|
||||
+# define SSL_OP_RH_PERMIT_NOEMS_FIPS SSL_OP_BIT(48)
|
||||
|
||||
/*
|
||||
* Option "collections."
|
||||
diff --git a/providers/fips/fipsprov.c b/providers/fips/fipsprov.c
|
||||
index 5ff9872bd8..eb9653a9df 100644
|
||||
--- a/providers/fips/fipsprov.c
|
||||
+++ b/providers/fips/fipsprov.c
|
||||
@@ -105,7 +105,7 @@ void *ossl_fips_prov_ossl_ctx_new(OSSL_LIB_CTX *libctx)
|
||||
if (fgbl == NULL)
|
||||
return NULL;
|
||||
init_fips_option(&fgbl->fips_security_checks, 1);
|
||||
- init_fips_option(&fgbl->fips_tls1_prf_ems_check, 0); /* Disabled by default */
|
||||
+ init_fips_option(&fgbl->fips_tls1_prf_ems_check, 1); /* Enabled by default */
|
||||
init_fips_option(&fgbl->fips_restricted_drgb_digests, 0);
|
||||
return fgbl;
|
||||
}
|
||||
diff --git a/providers/implementations/kdfs/tls1_prf.c b/providers/implementations/kdfs/tls1_prf.c
|
||||
index 25a6c79a2e..79bc7a9719 100644
|
||||
--- a/providers/implementations/kdfs/tls1_prf.c
|
||||
+++ b/providers/implementations/kdfs/tls1_prf.c
|
||||
@@ -131,6 +131,7 @@ static void *kdf_tls1_prf_new(void *provctx)
|
||||
static void kdf_tls1_prf_free(void *vctx)
|
||||
{
|
||||
TLS1_PRF *ctx = (TLS1_PRF *)vctx;
|
||||
+ OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(ctx->provctx);
|
||||
|
||||
if (ctx != NULL) {
|
||||
kdf_tls1_prf_reset(ctx);
|
||||
@@ -222,6 +223,27 @@ static int kdf_tls1_prf_derive(void *vctx, unsigned char *key, size_t keylen,
|
||||
}
|
||||
}
|
||||
|
||||
+ /*
|
||||
+ * The seed buffer is prepended with a label.
|
||||
+ * If EMS mode is enforced then the label "master secret" is not allowed,
|
||||
+ * We do the check this way since the PRF is used for other purposes, as well
|
||||
+ * as "extended master secret".
|
||||
+ */
|
||||
+#ifdef FIPS_MODULE
|
||||
+ if (ctx->seedlen >= TLS_MD_MASTER_SECRET_CONST_SIZE
|
||||
+ && memcmp(ctx->seed, TLS_MD_MASTER_SECRET_CONST,
|
||||
+ TLS_MD_MASTER_SECRET_CONST_SIZE) == 0)
|
||||
+ ctx->fips_indicator = EVP_KDF_REDHAT_FIPS_INDICATOR_NOT_APPROVED;
|
||||
+#endif /* defined(FIPS_MODULE) */
|
||||
+ if (ossl_tls1_prf_ems_check_enabled(libctx)) {
|
||||
+ if (ctx->seedlen >= TLS_MD_MASTER_SECRET_CONST_SIZE
|
||||
+ && memcmp(ctx->seed, TLS_MD_MASTER_SECRET_CONST,
|
||||
+ TLS_MD_MASTER_SECRET_CONST_SIZE) == 0) {
|
||||
+ ERR_raise(ERR_LIB_PROV, PROV_R_EMS_NOT_ENABLED);
|
||||
+ return 0;
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
return tls1_prf_alg(ctx->P_hash, ctx->P_sha1,
|
||||
ctx->sec, ctx->seclen,
|
||||
ctx->seed, ctx->seedlen,
|
||||
diff --git a/ssl/ssl_conf.c b/ssl/ssl_conf.c
|
||||
index 5146cedb96..086db98c33 100644
|
||||
--- a/ssl/ssl_conf.c
|
||||
+++ b/ssl/ssl_conf.c
|
||||
@@ -389,6 +389,7 @@ static int cmd_Options(SSL_CONF_CTX *cctx, const char *value)
|
||||
SSL_FLAG_TBL("ClientRenegotiation",
|
||||
SSL_OP_ALLOW_CLIENT_RENEGOTIATION),
|
||||
SSL_FLAG_TBL_INV("EncryptThenMac", SSL_OP_NO_ENCRYPT_THEN_MAC),
|
||||
+ SSL_FLAG_TBL("RHNoEnforceEMSinFIPS", SSL_OP_RH_PERMIT_NOEMS_FIPS),
|
||||
SSL_FLAG_TBL("NoRenegotiation", SSL_OP_NO_RENEGOTIATION),
|
||||
SSL_FLAG_TBL("AllowNoDHEKEX", SSL_OP_ALLOW_NO_DHE_KEX),
|
||||
SSL_FLAG_TBL("PrioritizeChaCha", SSL_OP_PRIORITIZE_CHACHA),
|
||||
diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c
|
||||
index 00b1ee531e..22cdabb308 100644
|
||||
--- a/ssl/statem/extensions_srvr.c
|
||||
+++ b/ssl/statem/extensions_srvr.c
|
||||
@@ -11,6 +11,7 @@
|
||||
#include "../ssl_local.h"
|
||||
#include "statem_local.h"
|
||||
#include "internal/cryptlib.h"
|
||||
+#include <openssl/fips.h>
|
||||
|
||||
#define COOKIE_STATE_FORMAT_VERSION 1
|
||||
|
||||
@@ -1552,8 +1553,13 @@ EXT_RETURN tls_construct_stoc_etm(SSL *s, WPACKET *pkt, unsigned int context,
|
||||
EXT_RETURN tls_construct_stoc_ems(SSL *s, WPACKET *pkt, unsigned int context,
|
||||
X509 *x, size_t chainidx)
|
||||
{
|
||||
- if ((s->s3.flags & TLS1_FLAGS_RECEIVED_EXTMS) == 0)
|
||||
+ if ((s->s3.flags & TLS1_FLAGS_RECEIVED_EXTMS) == 0) {
|
||||
+ if (FIPS_mode() && !(SSL_get_options(s) & SSL_OP_RH_PERMIT_NOEMS_FIPS) ) {
|
||||
+ SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, ERR_R_UNSUPPORTED);
|
||||
+ return EXT_RETURN_FAIL;
|
||||
+ }
|
||||
return EXT_RETURN_NOT_SENT;
|
||||
+ }
|
||||
|
||||
if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_extended_master_secret)
|
||||
|| !WPACKET_put_bytes_u16(pkt, 0)) {
|
||||
diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
|
||||
index 91238e6457..e8ad8ecd9e 100644
|
||||
--- a/ssl/t1_enc.c
|
||||
+++ b/ssl/t1_enc.c
|
||||
@@ -20,6 +20,7 @@
|
||||
#include <openssl/obj_mac.h>
|
||||
#include <openssl/core_names.h>
|
||||
#include <openssl/trace.h>
|
||||
+#include <openssl/fips.h>
|
||||
|
||||
/* seed1 through seed5 are concatenated */
|
||||
static int tls1_PRF(SSL *s,
|
||||
@@ -75,8 +76,14 @@ static int tls1_PRF(SSL *s,
|
||||
}
|
||||
|
||||
err:
|
||||
- if (fatal)
|
||||
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
|
||||
+ if (fatal) {
|
||||
+ /* The calls to this function are local so it's safe to implement the check */
|
||||
+ if (FIPS_mode() && seed1_len >= TLS_MD_MASTER_SECRET_CONST_SIZE
|
||||
+ && memcmp(seed1, TLS_MD_MASTER_SECRET_CONST, TLS_MD_MASTER_SECRET_CONST_SIZE) == 0)
|
||||
+ SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, ERR_R_UNSUPPORTED);
|
||||
+ else
|
||||
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
|
||||
+ }
|
||||
else
|
||||
ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR);
|
||||
EVP_KDF_CTX_free(kctx);
|
||||
diff --git a/test/recipes/30-test_evp_data/evpkdf_tls12_prf.txt b/test/recipes/30-test_evp_data/evpkdf_tls12_prf.txt
|
||||
index 44040ff66b..deb6bf3fcb 100644
|
||||
--- a/test/recipes/30-test_evp_data/evpkdf_tls12_prf.txt
|
||||
+++ b/test/recipes/30-test_evp_data/evpkdf_tls12_prf.txt
|
||||
@@ -22,6 +22,16 @@ Ctrl.client_random = hexseed:36c129d01a3200894b9179faac589d9835d58775f9b5ea3587c
|
||||
Ctrl.server_random = hexseed:f6c9575ed7ddd73e1f7d16eca115415812a43c2b747daaaae043abfb50053fce
|
||||
Output = 202c88c00f84a17a20027079604787461176455539e705be730890602c289a5001e34eeb3a043e5d52a65e66125188bf
|
||||
|
||||
+Availablein = fips
|
||||
+KDF = TLS1-PRF
|
||||
+Ctrl.digest = digest:SHA256
|
||||
+Ctrl.Secret = hexsecret:f8938ecc9edebc5030c0c6a441e213cd24e6f770a50dda07876f8d55da062bcadb386b411fd4fe4313a604fce6c17fbc
|
||||
+Ctrl.label = seed:master secret
|
||||
+Ctrl.client_random = hexseed:36c129d01a3200894b9179faac589d9835d58775f9b5ea3587cb8fd0364cae8c
|
||||
+Ctrl.server_random = hexseed:f6c9575ed7ddd73e1f7d16eca115415812a43c2b747daaaae043abfb50053fce
|
||||
+Output = 202c88c00f84a17a20027079604787461176455539e705be730890602c289a5001e34eeb3a043e5d52a65e66125188bf
|
||||
+Result = KDF_DERIVE_ERROR
|
||||
+
|
||||
FIPSversion = <=3.1.0
|
||||
KDF = TLS1-PRF
|
||||
Ctrl.digest = digest:SHA256
|
||||
diff --git a/test/sslapitest.c b/test/sslapitest.c
|
||||
index 169e3c7466..e67b5bb44c 100644
|
||||
--- a/test/sslapitest.c
|
||||
+++ b/test/sslapitest.c
|
||||
@@ -574,7 +574,7 @@ static int test_client_cert_verify_cb(void)
|
||||
STACK_OF(X509) *server_chain;
|
||||
SSL_CTX *cctx = NULL, *sctx = NULL;
|
||||
SSL *clientssl = NULL, *serverssl = NULL;
|
||||
- int testresult = 0;
|
||||
+ int testresult = 0, status;
|
||||
|
||||
if (!TEST_true(create_ssl_ctx_pair(libctx, TLS_server_method(),
|
||||
TLS_client_method(), TLS1_VERSION, 0,
|
||||
--
|
||||
2.41.0
|
||||
|
628
ec_curve.c
628
ec_curve.c
|
@ -1,628 +0,0 @@
|
|||
/*
|
||||
* Copyright 2002-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
|
||||
*
|
||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
/*
|
||||
* ECDSA low level APIs are deprecated for public use, but still ok for
|
||||
* internal use.
|
||||
*/
|
||||
#include "internal/deprecated.h"
|
||||
|
||||
#include <string.h>
|
||||
#include "ec_local.h"
|
||||
#include <openssl/err.h>
|
||||
#include <openssl/obj_mac.h>
|
||||
#include <openssl/objects.h>
|
||||
#include <openssl/opensslconf.h>
|
||||
#include "internal/nelem.h"
|
||||
|
||||
typedef struct {
|
||||
int field_type, /* either NID_X9_62_prime_field or
|
||||
* NID_X9_62_characteristic_two_field */
|
||||
seed_len, param_len;
|
||||
unsigned int cofactor; /* promoted to BN_ULONG */
|
||||
} EC_CURVE_DATA;
|
||||
|
||||
/* the nist prime curves */
|
||||
static const struct {
|
||||
EC_CURVE_DATA h;
|
||||
unsigned char data[20 + 28 * 6];
|
||||
} _EC_NIST_PRIME_224 = {
|
||||
{
|
||||
NID_X9_62_prime_field, 20, 28, 1
|
||||
},
|
||||
{
|
||||
/* seed */
|
||||
0xBD, 0x71, 0x34, 0x47, 0x99, 0xD5, 0xC7, 0xFC, 0xDC, 0x45, 0xB5, 0x9F,
|
||||
0xA3, 0xB9, 0xAB, 0x8F, 0x6A, 0x94, 0x8B, 0xC5,
|
||||
/* p */
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
||||
0x00, 0x00, 0x00, 0x01,
|
||||
/* a */
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFE,
|
||||
/* b */
|
||||
0xB4, 0x05, 0x0A, 0x85, 0x0C, 0x04, 0xB3, 0xAB, 0xF5, 0x41, 0x32, 0x56,
|
||||
0x50, 0x44, 0xB0, 0xB7, 0xD7, 0xBF, 0xD8, 0xBA, 0x27, 0x0B, 0x39, 0x43,
|
||||
0x23, 0x55, 0xFF, 0xB4,
|
||||
/* x */
|
||||
0xB7, 0x0E, 0x0C, 0xBD, 0x6B, 0xB4, 0xBF, 0x7F, 0x32, 0x13, 0x90, 0xB9,
|
||||
0x4A, 0x03, 0xC1, 0xD3, 0x56, 0xC2, 0x11, 0x22, 0x34, 0x32, 0x80, 0xD6,
|
||||
0x11, 0x5C, 0x1D, 0x21,
|
||||
/* y */
|
||||
0xbd, 0x37, 0x63, 0x88, 0xb5, 0xf7, 0x23, 0xfb, 0x4c, 0x22, 0xdf, 0xe6,
|
||||
0xcd, 0x43, 0x75, 0xa0, 0x5a, 0x07, 0x47, 0x64, 0x44, 0xd5, 0x81, 0x99,
|
||||
0x85, 0x00, 0x7e, 0x34,
|
||||
/* order */
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0x16, 0xA2, 0xE0, 0xB8, 0xF0, 0x3E, 0x13, 0xDD, 0x29, 0x45,
|
||||
0x5C, 0x5C, 0x2A, 0x3D
|
||||
}
|
||||
};
|
||||
|
||||
static const struct {
|
||||
EC_CURVE_DATA h;
|
||||
unsigned char data[20 + 48 * 6];
|
||||
} _EC_NIST_PRIME_384 = {
|
||||
{
|
||||
NID_X9_62_prime_field, 20, 48, 1
|
||||
},
|
||||
{
|
||||
/* seed */
|
||||
0xA3, 0x35, 0x92, 0x6A, 0xA3, 0x19, 0xA2, 0x7A, 0x1D, 0x00, 0x89, 0x6A,
|
||||
0x67, 0x73, 0xA4, 0x82, 0x7A, 0xCD, 0xAC, 0x73,
|
||||
/* p */
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
/* a */
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFC,
|
||||
/* b */
|
||||
0xB3, 0x31, 0x2F, 0xA7, 0xE2, 0x3E, 0xE7, 0xE4, 0x98, 0x8E, 0x05, 0x6B,
|
||||
0xE3, 0xF8, 0x2D, 0x19, 0x18, 0x1D, 0x9C, 0x6E, 0xFE, 0x81, 0x41, 0x12,
|
||||
0x03, 0x14, 0x08, 0x8F, 0x50, 0x13, 0x87, 0x5A, 0xC6, 0x56, 0x39, 0x8D,
|
||||
0x8A, 0x2E, 0xD1, 0x9D, 0x2A, 0x85, 0xC8, 0xED, 0xD3, 0xEC, 0x2A, 0xEF,
|
||||
/* x */
|
||||
0xAA, 0x87, 0xCA, 0x22, 0xBE, 0x8B, 0x05, 0x37, 0x8E, 0xB1, 0xC7, 0x1E,
|
||||
0xF3, 0x20, 0xAD, 0x74, 0x6E, 0x1D, 0x3B, 0x62, 0x8B, 0xA7, 0x9B, 0x98,
|
||||
0x59, 0xF7, 0x41, 0xE0, 0x82, 0x54, 0x2A, 0x38, 0x55, 0x02, 0xF2, 0x5D,
|
||||
0xBF, 0x55, 0x29, 0x6C, 0x3A, 0x54, 0x5E, 0x38, 0x72, 0x76, 0x0A, 0xB7,
|
||||
/* y */
|
||||
0x36, 0x17, 0xde, 0x4a, 0x96, 0x26, 0x2c, 0x6f, 0x5d, 0x9e, 0x98, 0xbf,
|
||||
0x92, 0x92, 0xdc, 0x29, 0xf8, 0xf4, 0x1d, 0xbd, 0x28, 0x9a, 0x14, 0x7c,
|
||||
0xe9, 0xda, 0x31, 0x13, 0xb5, 0xf0, 0xb8, 0xc0, 0x0a, 0x60, 0xb1, 0xce,
|
||||
0x1d, 0x7e, 0x81, 0x9d, 0x7a, 0x43, 0x1d, 0x7c, 0x90, 0xea, 0x0e, 0x5f,
|
||||
/* order */
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xC7, 0x63, 0x4D, 0x81, 0xF4, 0x37, 0x2D, 0xDF, 0x58, 0x1A, 0x0D, 0xB2,
|
||||
0x48, 0xB0, 0xA7, 0x7A, 0xEC, 0xEC, 0x19, 0x6A, 0xCC, 0xC5, 0x29, 0x73
|
||||
}
|
||||
};
|
||||
|
||||
static const struct {
|
||||
EC_CURVE_DATA h;
|
||||
unsigned char data[20 + 66 * 6];
|
||||
} _EC_NIST_PRIME_521 = {
|
||||
{
|
||||
NID_X9_62_prime_field, 20, 66, 1
|
||||
},
|
||||
{
|
||||
/* seed */
|
||||
0xD0, 0x9E, 0x88, 0x00, 0x29, 0x1C, 0xB8, 0x53, 0x96, 0xCC, 0x67, 0x17,
|
||||
0x39, 0x32, 0x84, 0xAA, 0xA0, 0xDA, 0x64, 0xBA,
|
||||
/* p */
|
||||
0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
/* a */
|
||||
0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC,
|
||||
/* b */
|
||||
0x00, 0x51, 0x95, 0x3E, 0xB9, 0x61, 0x8E, 0x1C, 0x9A, 0x1F, 0x92, 0x9A,
|
||||
0x21, 0xA0, 0xB6, 0x85, 0x40, 0xEE, 0xA2, 0xDA, 0x72, 0x5B, 0x99, 0xB3,
|
||||
0x15, 0xF3, 0xB8, 0xB4, 0x89, 0x91, 0x8E, 0xF1, 0x09, 0xE1, 0x56, 0x19,
|
||||
0x39, 0x51, 0xEC, 0x7E, 0x93, 0x7B, 0x16, 0x52, 0xC0, 0xBD, 0x3B, 0xB1,
|
||||
0xBF, 0x07, 0x35, 0x73, 0xDF, 0x88, 0x3D, 0x2C, 0x34, 0xF1, 0xEF, 0x45,
|
||||
0x1F, 0xD4, 0x6B, 0x50, 0x3F, 0x00,
|
||||
/* x */
|
||||
0x00, 0xC6, 0x85, 0x8E, 0x06, 0xB7, 0x04, 0x04, 0xE9, 0xCD, 0x9E, 0x3E,
|
||||
0xCB, 0x66, 0x23, 0x95, 0xB4, 0x42, 0x9C, 0x64, 0x81, 0x39, 0x05, 0x3F,
|
||||
0xB5, 0x21, 0xF8, 0x28, 0xAF, 0x60, 0x6B, 0x4D, 0x3D, 0xBA, 0xA1, 0x4B,
|
||||
0x5E, 0x77, 0xEF, 0xE7, 0x59, 0x28, 0xFE, 0x1D, 0xC1, 0x27, 0xA2, 0xFF,
|
||||
0xA8, 0xDE, 0x33, 0x48, 0xB3, 0xC1, 0x85, 0x6A, 0x42, 0x9B, 0xF9, 0x7E,
|
||||
0x7E, 0x31, 0xC2, 0xE5, 0xBD, 0x66,
|
||||
/* y */
|
||||
0x01, 0x18, 0x39, 0x29, 0x6a, 0x78, 0x9a, 0x3b, 0xc0, 0x04, 0x5c, 0x8a,
|
||||
0x5f, 0xb4, 0x2c, 0x7d, 0x1b, 0xd9, 0x98, 0xf5, 0x44, 0x49, 0x57, 0x9b,
|
||||
0x44, 0x68, 0x17, 0xaf, 0xbd, 0x17, 0x27, 0x3e, 0x66, 0x2c, 0x97, 0xee,
|
||||
0x72, 0x99, 0x5e, 0xf4, 0x26, 0x40, 0xc5, 0x50, 0xb9, 0x01, 0x3f, 0xad,
|
||||
0x07, 0x61, 0x35, 0x3c, 0x70, 0x86, 0xa2, 0x72, 0xc2, 0x40, 0x88, 0xbe,
|
||||
0x94, 0x76, 0x9f, 0xd1, 0x66, 0x50,
|
||||
/* order */
|
||||
0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFA, 0x51, 0x86,
|
||||
0x87, 0x83, 0xBF, 0x2F, 0x96, 0x6B, 0x7F, 0xCC, 0x01, 0x48, 0xF7, 0x09,
|
||||
0xA5, 0xD0, 0x3B, 0xB5, 0xC9, 0xB8, 0x89, 0x9C, 0x47, 0xAE, 0xBB, 0x6F,
|
||||
0xB7, 0x1E, 0x91, 0x38, 0x64, 0x09
|
||||
}
|
||||
};
|
||||
|
||||
static const struct {
|
||||
EC_CURVE_DATA h;
|
||||
unsigned char data[20 + 32 * 6];
|
||||
} _EC_X9_62_PRIME_256V1 = {
|
||||
{
|
||||
NID_X9_62_prime_field, 20, 32, 1
|
||||
},
|
||||
{
|
||||
/* seed */
|
||||
0xC4, 0x9D, 0x36, 0x08, 0x86, 0xE7, 0x04, 0x93, 0x6A, 0x66, 0x78, 0xE1,
|
||||
0x13, 0x9D, 0x26, 0xB7, 0x81, 0x9F, 0x7E, 0x90,
|
||||
/* p */
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00,
|
||||
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
/* a */
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00,
|
||||
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC,
|
||||
/* b */
|
||||
0x5A, 0xC6, 0x35, 0xD8, 0xAA, 0x3A, 0x93, 0xE7, 0xB3, 0xEB, 0xBD, 0x55,
|
||||
0x76, 0x98, 0x86, 0xBC, 0x65, 0x1D, 0x06, 0xB0, 0xCC, 0x53, 0xB0, 0xF6,
|
||||
0x3B, 0xCE, 0x3C, 0x3E, 0x27, 0xD2, 0x60, 0x4B,
|
||||
/* x */
|
||||
0x6B, 0x17, 0xD1, 0xF2, 0xE1, 0x2C, 0x42, 0x47, 0xF8, 0xBC, 0xE6, 0xE5,
|
||||
0x63, 0xA4, 0x40, 0xF2, 0x77, 0x03, 0x7D, 0x81, 0x2D, 0xEB, 0x33, 0xA0,
|
||||
0xF4, 0xA1, 0x39, 0x45, 0xD8, 0x98, 0xC2, 0x96,
|
||||
/* y */
|
||||
0x4f, 0xe3, 0x42, 0xe2, 0xfe, 0x1a, 0x7f, 0x9b, 0x8e, 0xe7, 0xeb, 0x4a,
|
||||
0x7c, 0x0f, 0x9e, 0x16, 0x2b, 0xce, 0x33, 0x57, 0x6b, 0x31, 0x5e, 0xce,
|
||||
0xcb, 0xb6, 0x40, 0x68, 0x37, 0xbf, 0x51, 0xf5,
|
||||
/* order */
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84,
|
||||
0xF3, 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51
|
||||
}
|
||||
};
|
||||
|
||||
static const struct {
|
||||
EC_CURVE_DATA h;
|
||||
unsigned char data[0 + 32 * 6];
|
||||
} _EC_SECG_PRIME_256K1 = {
|
||||
{
|
||||
NID_X9_62_prime_field, 0, 32, 1
|
||||
},
|
||||
{
|
||||
/* no seed */
|
||||
/* p */
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFC, 0x2F,
|
||||
/* a */
|
||||
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
||||
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
||||
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
||||
/* b */
|
||||
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
||||
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
||||
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x07,
|
||||
/* x */
|
||||
0x79, 0xBE, 0x66, 0x7E, 0xF9, 0xDC, 0xBB, 0xAC, 0x55, 0xA0, 0x62, 0x95,
|
||||
0xCE, 0x87, 0x0B, 0x07, 0x02, 0x9B, 0xFC, 0xDB, 0x2D, 0xCE, 0x28, 0xD9,
|
||||
0x59, 0xF2, 0x81, 0x5B, 0x16, 0xF8, 0x17, 0x98,
|
||||
/* y */
|
||||
0x48, 0x3a, 0xda, 0x77, 0x26, 0xa3, 0xc4, 0x65, 0x5d, 0xa4, 0xfb, 0xfc,
|
||||
0x0e, 0x11, 0x08, 0xa8, 0xfd, 0x17, 0xb4, 0x48, 0xa6, 0x85, 0x54, 0x19,
|
||||
0x9c, 0x47, 0xd0, 0x8f, 0xfb, 0x10, 0xd4, 0xb8,
|
||||
/* order */
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFE, 0xBA, 0xAE, 0xDC, 0xE6, 0xAF, 0x48, 0xA0, 0x3B,
|
||||
0xBF, 0xD2, 0x5E, 0x8C, 0xD0, 0x36, 0x41, 0x41
|
||||
}
|
||||
};
|
||||
|
||||
typedef struct _ec_list_element_st {
|
||||
int nid;
|
||||
const EC_CURVE_DATA *data;
|
||||
const EC_METHOD *(*meth) (void);
|
||||
const char *comment;
|
||||
} ec_list_element;
|
||||
|
||||
#ifdef FIPS_MODULE
|
||||
static const ec_list_element curve_list[] = {
|
||||
/* prime field curves */
|
||||
/* secg curves */
|
||||
{NID_secp224r1, &_EC_NIST_PRIME_224.h,
|
||||
# if !defined(OPENSSL_NO_EC_NISTP_64_GCC_128)
|
||||
EC_GFp_nistp224_method,
|
||||
# else
|
||||
0,
|
||||
# endif
|
||||
"NIST/SECG curve over a 224 bit prime field"},
|
||||
/* SECG secp256r1 is the same as X9.62 prime256v1 and hence omitted */
|
||||
{NID_secp384r1, &_EC_NIST_PRIME_384.h,
|
||||
# if defined(S390X_EC_ASM)
|
||||
EC_GFp_s390x_nistp384_method,
|
||||
# else
|
||||
0,
|
||||
# endif
|
||||
"NIST/SECG curve over a 384 bit prime field"},
|
||||
|
||||
{NID_secp521r1, &_EC_NIST_PRIME_521.h,
|
||||
# if defined(S390X_EC_ASM)
|
||||
EC_GFp_s390x_nistp521_method,
|
||||
# elif !defined(OPENSSL_NO_EC_NISTP_64_GCC_128)
|
||||
EC_GFp_nistp521_method,
|
||||
# else
|
||||
0,
|
||||
# endif
|
||||
"NIST/SECG curve over a 521 bit prime field"},
|
||||
|
||||
/* X9.62 curves */
|
||||
{NID_X9_62_prime256v1, &_EC_X9_62_PRIME_256V1.h,
|
||||
# if defined(ECP_NISTZ256_ASM)
|
||||
EC_GFp_nistz256_method,
|
||||
# elif defined(S390X_EC_ASM)
|
||||
EC_GFp_s390x_nistp256_method,
|
||||
# elif !defined(OPENSSL_NO_EC_NISTP_64_GCC_128)
|
||||
EC_GFp_nistp256_method,
|
||||
# else
|
||||
0,
|
||||
# endif
|
||||
"X9.62/SECG curve over a 256 bit prime field"},
|
||||
};
|
||||
|
||||
#else
|
||||
|
||||
static const ec_list_element curve_list[] = {
|
||||
/* prime field curves */
|
||||
/* secg curves */
|
||||
# ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
|
||||
{NID_secp224r1, &_EC_NIST_PRIME_224.h, EC_GFp_nistp224_method,
|
||||
"NIST/SECG curve over a 224 bit prime field"},
|
||||
# else
|
||||
{NID_secp224r1, &_EC_NIST_PRIME_224.h, 0,
|
||||
"NIST/SECG curve over a 224 bit prime field"},
|
||||
# endif
|
||||
{NID_secp256k1, &_EC_SECG_PRIME_256K1.h, 0,
|
||||
"SECG curve over a 256 bit prime field"},
|
||||
/* SECG secp256r1 is the same as X9.62 prime256v1 and hence omitted */
|
||||
{NID_secp384r1, &_EC_NIST_PRIME_384.h,
|
||||
# if defined(S390X_EC_ASM)
|
||||
EC_GFp_s390x_nistp384_method,
|
||||
# else
|
||||
0,
|
||||
# endif
|
||||
"NIST/SECG curve over a 384 bit prime field"},
|
||||
{NID_secp521r1, &_EC_NIST_PRIME_521.h,
|
||||
# if defined(S390X_EC_ASM)
|
||||
EC_GFp_s390x_nistp521_method,
|
||||
# elif !defined(OPENSSL_NO_EC_NISTP_64_GCC_128)
|
||||
EC_GFp_nistp521_method,
|
||||
# else
|
||||
0,
|
||||
# endif
|
||||
"NIST/SECG curve over a 521 bit prime field"},
|
||||
/* X9.62 curves */
|
||||
{NID_X9_62_prime256v1, &_EC_X9_62_PRIME_256V1.h,
|
||||
# if defined(ECP_NISTZ256_ASM)
|
||||
EC_GFp_nistz256_method,
|
||||
# elif defined(S390X_EC_ASM)
|
||||
EC_GFp_s390x_nistp256_method,
|
||||
# elif !defined(OPENSSL_NO_EC_NISTP_64_GCC_128)
|
||||
EC_GFp_nistp256_method,
|
||||
# else
|
||||
0,
|
||||
# endif
|
||||
"X9.62/SECG curve over a 256 bit prime field"},
|
||||
};
|
||||
#endif /* FIPS_MODULE */
|
||||
|
||||
#define curve_list_length OSSL_NELEM(curve_list)
|
||||
|
||||
static const ec_list_element *ec_curve_nid2curve(int nid)
|
||||
{
|
||||
size_t i;
|
||||
|
||||
if (nid <= 0)
|
||||
return NULL;
|
||||
|
||||
for (i = 0; i < curve_list_length; i++) {
|
||||
if (curve_list[i].nid == nid)
|
||||
return &curve_list[i];
|
||||
}
|
||||
return NULL;
|
||||
}
|
||||
|
||||
static EC_GROUP *ec_group_new_from_data(OSSL_LIB_CTX *libctx,
|
||||
const char *propq,
|
||||
const ec_list_element curve)
|
||||
{
|
||||
EC_GROUP *group = NULL;
|
||||
EC_POINT *P = NULL;
|
||||
BN_CTX *ctx = NULL;
|
||||
BIGNUM *p = NULL, *a = NULL, *b = NULL, *x = NULL, *y = NULL, *order =
|
||||
NULL;
|
||||
int ok = 0;
|
||||
int seed_len, param_len;
|
||||
const EC_METHOD *meth;
|
||||
const EC_CURVE_DATA *data;
|
||||
const unsigned char *params;
|
||||
|
||||
/* If no curve data curve method must handle everything */
|
||||
if (curve.data == NULL)
|
||||
return ossl_ec_group_new_ex(libctx, propq,
|
||||
curve.meth != NULL ? curve.meth() : NULL);
|
||||
|
||||
if ((ctx = BN_CTX_new_ex(libctx)) == NULL) {
|
||||
ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE);
|
||||
goto err;
|
||||
}
|
||||
|
||||
data = curve.data;
|
||||
seed_len = data->seed_len;
|
||||
param_len = data->param_len;
|
||||
params = (const unsigned char *)(data + 1); /* skip header */
|
||||
params += seed_len; /* skip seed */
|
||||
|
||||
if ((p = BN_bin2bn(params + 0 * param_len, param_len, NULL)) == NULL
|
||||
|| (a = BN_bin2bn(params + 1 * param_len, param_len, NULL)) == NULL
|
||||
|| (b = BN_bin2bn(params + 2 * param_len, param_len, NULL)) == NULL) {
|
||||
ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB);
|
||||
goto err;
|
||||
}
|
||||
|
||||
if (curve.meth != 0) {
|
||||
meth = curve.meth();
|
||||
if (((group = ossl_ec_group_new_ex(libctx, propq, meth)) == NULL) ||
|
||||
(!(group->meth->group_set_curve(group, p, a, b, ctx)))) {
|
||||
ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB);
|
||||
goto err;
|
||||
}
|
||||
} else if (data->field_type == NID_X9_62_prime_field) {
|
||||
if ((group = EC_GROUP_new_curve_GFp(p, a, b, ctx)) == NULL) {
|
||||
ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB);
|
||||
goto err;
|
||||
}
|
||||
}
|
||||
#ifndef OPENSSL_NO_EC2M
|
||||
else { /* field_type ==
|
||||
* NID_X9_62_characteristic_two_field */
|
||||
|
||||
if ((group = EC_GROUP_new_curve_GF2m(p, a, b, ctx)) == NULL) {
|
||||
ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB);
|
||||
goto err;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
EC_GROUP_set_curve_name(group, curve.nid);
|
||||
|
||||
if ((P = EC_POINT_new(group)) == NULL) {
|
||||
ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB);
|
||||
goto err;
|
||||
}
|
||||
|
||||
if ((x = BN_bin2bn(params + 3 * param_len, param_len, NULL)) == NULL
|
||||
|| (y = BN_bin2bn(params + 4 * param_len, param_len, NULL)) == NULL) {
|
||||
ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB);
|
||||
goto err;
|
||||
}
|
||||
if (!EC_POINT_set_affine_coordinates(group, P, x, y, ctx)) {
|
||||
ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB);
|
||||
goto err;
|
||||
}
|
||||
if ((order = BN_bin2bn(params + 5 * param_len, param_len, NULL)) == NULL
|
||||
|| !BN_set_word(x, (BN_ULONG)data->cofactor)) {
|
||||
ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB);
|
||||
goto err;
|
||||
}
|
||||
if (!EC_GROUP_set_generator(group, P, order, x)) {
|
||||
ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB);
|
||||
goto err;
|
||||
}
|
||||
if (seed_len) {
|
||||
if (!EC_GROUP_set_seed(group, params - seed_len, seed_len)) {
|
||||
ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB);
|
||||
goto err;
|
||||
}
|
||||
}
|
||||
ok = 1;
|
||||
err:
|
||||
if (!ok) {
|
||||
EC_GROUP_free(group);
|
||||
group = NULL;
|
||||
}
|
||||
EC_POINT_free(P);
|
||||
BN_CTX_free(ctx);
|
||||
BN_free(p);
|
||||
BN_free(a);
|
||||
BN_free(b);
|
||||
BN_free(order);
|
||||
BN_free(x);
|
||||
BN_free(y);
|
||||
return group;
|
||||
}
|
||||
|
||||
EC_GROUP *EC_GROUP_new_by_curve_name_ex(OSSL_LIB_CTX *libctx, const char *propq,
|
||||
int nid)
|
||||
{
|
||||
EC_GROUP *ret = NULL;
|
||||
const ec_list_element *curve;
|
||||
|
||||
if ((curve = ec_curve_nid2curve(nid)) == NULL
|
||||
|| (ret = ec_group_new_from_data(libctx, propq, *curve)) == NULL) {
|
||||
#ifndef FIPS_MODULE
|
||||
ERR_raise_data(ERR_LIB_EC, EC_R_UNKNOWN_GROUP,
|
||||
"name=%s", OBJ_nid2sn(nid));
|
||||
#else
|
||||
ERR_raise(ERR_LIB_EC, EC_R_UNKNOWN_GROUP);
|
||||
#endif
|
||||
return NULL;
|
||||
}
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
#ifndef FIPS_MODULE
|
||||
EC_GROUP *EC_GROUP_new_by_curve_name(int nid)
|
||||
{
|
||||
return EC_GROUP_new_by_curve_name_ex(NULL, NULL, nid);
|
||||
}
|
||||
#endif
|
||||
|
||||
size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems)
|
||||
{
|
||||
size_t i, min;
|
||||
|
||||
if (r == NULL || nitems == 0)
|
||||
return curve_list_length;
|
||||
|
||||
min = nitems < curve_list_length ? nitems : curve_list_length;
|
||||
|
||||
for (i = 0; i < min; i++) {
|
||||
r[i].nid = curve_list[i].nid;
|
||||
r[i].comment = curve_list[i].comment;
|
||||
}
|
||||
|
||||
return curve_list_length;
|
||||
}
|
||||
|
||||
const char *EC_curve_nid2nist(int nid)
|
||||
{
|
||||
return ossl_ec_curve_nid2nist_int(nid);
|
||||
}
|
||||
|
||||
int EC_curve_nist2nid(const char *name)
|
||||
{
|
||||
return ossl_ec_curve_nist2nid_int(name);
|
||||
}
|
||||
|
||||
#define NUM_BN_FIELDS 6
|
||||
/*
|
||||
* Validates EC domain parameter data for known named curves.
|
||||
* This can be used when a curve is loaded explicitly (without a curve
|
||||
* name) or to validate that domain parameters have not been modified.
|
||||
*
|
||||
* Returns: The nid associated with the found named curve, or NID_undef
|
||||
* if not found. If there was an error it returns -1.
|
||||
*/
|
||||
int ossl_ec_curve_nid_from_params(const EC_GROUP *group, BN_CTX *ctx)
|
||||
{
|
||||
int ret = -1, nid, len, field_type, param_len;
|
||||
size_t i, seed_len;
|
||||
const unsigned char *seed, *params_seed, *params;
|
||||
unsigned char *param_bytes = NULL;
|
||||
const EC_CURVE_DATA *data;
|
||||
const EC_POINT *generator = NULL;
|
||||
const BIGNUM *cofactor = NULL;
|
||||
/* An array of BIGNUMs for (p, a, b, x, y, order) */
|
||||
BIGNUM *bn[NUM_BN_FIELDS] = {NULL, NULL, NULL, NULL, NULL, NULL};
|
||||
|
||||
/* Use the optional named curve nid as a search field */
|
||||
nid = EC_GROUP_get_curve_name(group);
|
||||
field_type = EC_GROUP_get_field_type(group);
|
||||
seed_len = EC_GROUP_get_seed_len(group);
|
||||
seed = EC_GROUP_get0_seed(group);
|
||||
cofactor = EC_GROUP_get0_cofactor(group);
|
||||
|
||||
BN_CTX_start(ctx);
|
||||
|
||||
/*
|
||||
* The built-in curves contains data fields (p, a, b, x, y, order) that are
|
||||
* all zero-padded to be the same size. The size of the padding is
|
||||
* determined by either the number of bytes in the field modulus (p) or the
|
||||
* EC group order, whichever is larger.
|
||||
*/
|
||||
param_len = BN_num_bytes(group->order);
|
||||
len = BN_num_bytes(group->field);
|
||||
if (len > param_len)
|
||||
param_len = len;
|
||||
|
||||
/* Allocate space to store the padded data for (p, a, b, x, y, order) */
|
||||
param_bytes = OPENSSL_malloc(param_len * NUM_BN_FIELDS);
|
||||
if (param_bytes == NULL)
|
||||
goto end;
|
||||
|
||||
/* Create the bignums */
|
||||
for (i = 0; i < NUM_BN_FIELDS; ++i) {
|
||||
if ((bn[i] = BN_CTX_get(ctx)) == NULL)
|
||||
goto end;
|
||||
}
|
||||
/*
|
||||
* Fill in the bn array with the same values as the internal curves
|
||||
* i.e. the values are p, a, b, x, y, order.
|
||||
*/
|
||||
/* Get p, a & b */
|
||||
if (!(EC_GROUP_get_curve(group, bn[0], bn[1], bn[2], ctx)
|
||||
&& ((generator = EC_GROUP_get0_generator(group)) != NULL)
|
||||
/* Get x & y */
|
||||
&& EC_POINT_get_affine_coordinates(group, generator, bn[3], bn[4], ctx)
|
||||
/* Get order */
|
||||
&& EC_GROUP_get_order(group, bn[5], ctx)))
|
||||
goto end;
|
||||
|
||||
/*
|
||||
* Convert the bignum array to bytes that are joined together to form
|
||||
* a single buffer that contains data for all fields.
|
||||
* (p, a, b, x, y, order) are all zero padded to be the same size.
|
||||
*/
|
||||
for (i = 0; i < NUM_BN_FIELDS; ++i) {
|
||||
if (BN_bn2binpad(bn[i], ¶m_bytes[i*param_len], param_len) <= 0)
|
||||
goto end;
|
||||
}
|
||||
|
||||
for (i = 0; i < curve_list_length; i++) {
|
||||
const ec_list_element curve = curve_list[i];
|
||||
|
||||
data = curve.data;
|
||||
/* Get the raw order byte data */
|
||||
params_seed = (const unsigned char *)(data + 1); /* skip header */
|
||||
params = params_seed + data->seed_len;
|
||||
|
||||
/* Look for unique fields in the fixed curve data */
|
||||
if (data->field_type == field_type
|
||||
&& param_len == data->param_len
|
||||
&& (nid <= 0 || nid == curve.nid)
|
||||
/* check the optional cofactor (ignore if its zero) */
|
||||
&& (BN_is_zero(cofactor)
|
||||
|| BN_is_word(cofactor, (const BN_ULONG)curve.data->cofactor))
|
||||
/* Check the optional seed (ignore if its not set) */
|
||||
&& (data->seed_len == 0 || seed_len == 0
|
||||
|| ((size_t)data->seed_len == seed_len
|
||||
&& memcmp(params_seed, seed, seed_len) == 0))
|
||||
/* Check that the groups params match the built-in curve params */
|
||||
&& memcmp(param_bytes, params, param_len * NUM_BN_FIELDS)
|
||||
== 0) {
|
||||
ret = curve.nid;
|
||||
goto end;
|
||||
}
|
||||
}
|
||||
/* Gets here if the group was not found */
|
||||
ret = NID_undef;
|
||||
end:
|
||||
OPENSSL_free(param_bytes);
|
||||
BN_CTX_end(ctx);
|
||||
return ret;
|
||||
}
|
|
@ -1,40 +0,0 @@
|
|||
#!/bin/sh
|
||||
|
||||
# Quit out if anything fails.
|
||||
set -e
|
||||
|
||||
# Clean out patent-or-otherwise-encumbered code.
|
||||
# MDC-2: 4,908,861 13/03/2007 - expired, we do not remove it but do not enable it anyway
|
||||
# IDEA: 5,214,703 07/01/2012 - expired, we do not remove it anymore
|
||||
# RC5: 5,724,428 01/11/2015 - expired, we do not remove it anymore
|
||||
# EC: ????????? ??/??/2020
|
||||
# SRP: ????????? ??/??/2017 - expired, we do not remove it anymore
|
||||
|
||||
# Remove assembler portions of IDEA, MDC2, and RC5.
|
||||
# (find crypto/rc5/asm -type f | xargs -r rm -fv)
|
||||
|
||||
for c in `find crypto/bn -name "*gf2m.c"`; do
|
||||
echo Destroying $c
|
||||
> $c
|
||||
done
|
||||
|
||||
for c in `find crypto/ec -name "ec2*.c" -o -name "ec_curve.c"`; do
|
||||
echo Destroying $c
|
||||
> $c
|
||||
done
|
||||
|
||||
for c in `find test -name "ectest.c"`; do
|
||||
echo Destroying $c
|
||||
> $c
|
||||
done
|
||||
|
||||
for h in `find crypto ssl apps test -name "*.h"` ; do
|
||||
echo Removing EC2M references from $h
|
||||
cat $h | \
|
||||
awk 'BEGIN {ech=1;} \
|
||||
/^#[ \t]*ifndef.*NO_EC2M/ {ech--; next;} \
|
||||
/^#[ \t]*if/ {if(ech < 1) ech--;} \
|
||||
{if(ech>0) {;print $0};} \
|
||||
/^#[ \t]*endif/ {if(ech < 1) ech++;}' > $h.hobbled && \
|
||||
mv $h.hobbled $h
|
||||
done
|
368
openssl.spec
368
openssl.spec
|
@ -28,14 +28,10 @@ print(string.sub(hash, 0, 16))
|
|||
|
||||
Summary: Utilities from the general purpose cryptography library with TLS implementation
|
||||
Name: openssl
|
||||
Version: 3.0.5
|
||||
Release: 3.0.riscv64%{?dist}
|
||||
Version: 3.1.4
|
||||
Release: 1.0.riscv64%{?dist}
|
||||
Epoch: 1
|
||||
# We have to remove certain patented algorithms from the openssl source
|
||||
# tarball with the hobble-openssl script which is included below.
|
||||
# The original openssl upstream tarball cannot be shipped in the .src.rpm.
|
||||
Source: openssl-%{version}-hobbled.tar.xz
|
||||
Source1: hobble-openssl
|
||||
Source: openssl-%{version}.tar.gz
|
||||
Source2: Makefile.certificate
|
||||
Source3: genpatches
|
||||
Source4: openssl.rpmlintrc
|
||||
|
@ -43,142 +39,116 @@ Source6: make-dummy-cert
|
|||
Source7: renew-dummy-cert
|
||||
Source9: configuration-switch.h
|
||||
Source10: configuration-prefix.h
|
||||
Source12: ec_curve.c
|
||||
Source13: ectest.c
|
||||
Source14: 0025-for-tests.patch
|
||||
# # Patches exported from source git
|
||||
# # Aarch64 and ppc64le use lib64
|
||||
Patch1: 0001-Aarch64-and-ppc64le-use-lib64.patch
|
||||
# # Use more general default values in openssl.cnf
|
||||
Patch2: 0002-Use-more-general-default-values-in-openssl.cnf.patch
|
||||
# # Do not install html docs
|
||||
Patch3: 0003-Do-not-install-html-docs.patch
|
||||
# # Override default paths for the CA directory tree
|
||||
Patch4: 0004-Override-default-paths-for-the-CA-directory-tree.patch
|
||||
# # apps/ca: fix md option help text
|
||||
Patch5: 0005-apps-ca-fix-md-option-help-text.patch
|
||||
# # Disable signature verification with totally unsafe hash algorithms
|
||||
Patch6: 0006-Disable-signature-verification-with-totally-unsafe-h.patch
|
||||
# # Add support for PROFILE=SYSTEM system default cipherlist
|
||||
Patch7: 0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch
|
||||
# # Add FIPS_mode() compatibility macro
|
||||
Patch8: 0008-Add-FIPS_mode-compatibility-macro.patch
|
||||
# # Add check to see if fips flag is enabled in kernel
|
||||
Patch9: 0009-Add-Kernel-FIPS-mode-flag-support.patch
|
||||
# # Instead of replacing ectest.c and ec_curve.c, add the changes as a patch so
|
||||
# # that new modifications made to these files by upstream are not lost.
|
||||
Patch10: 0010-Add-changes-to-ectest-and-eccurve.patch
|
||||
# # remove unsupported EC curves
|
||||
Patch11: 0011-Remove-EC-curves.patch
|
||||
# # Disable explicit EC curves
|
||||
# # https://bugzilla.redhat.com/show_bug.cgi?id=2066412
|
||||
Patch12: 0012-Disable-explicit-ec.patch
|
||||
# # Skipped tests from former 0011-Remove-EC-curves.patch
|
||||
Patch13: 0013-skipped-tests-EC-curves.patch
|
||||
# # Instructions to load legacy provider in openssl.cnf
|
||||
Patch24: 0024-load-legacy-prov.patch
|
||||
# # We load FIPS provider and set FIPS properties implicitly
|
||||
Patch32: 0032-Force-fips.patch
|
||||
# # Embed HMAC into the fips.so
|
||||
Patch33: 0033-FIPS-embed-hmac.patch
|
||||
# # Comment out fipsinstall command-line utility
|
||||
Patch34: 0034.fipsinstall_disable.patch
|
||||
# # Skip unavailable algorithms running `openssl speed`
|
||||
Patch35: 0035-speed-skip-unavailable-dgst.patch
|
||||
# # Extra public/private key checks required by FIPS-140-3
|
||||
Patch44: 0044-FIPS-140-3-keychecks.patch
|
||||
# # Minimize fips services
|
||||
Patch45: 0045-FIPS-services-minimize.patch
|
||||
# # Execute KATS before HMAC verification
|
||||
Patch47: 0047-FIPS-early-KATS.patch
|
||||
# # Selectively disallow SHA1 signatures rhbz#2070977
|
||||
Patch49: 0049-Allow-disabling-of-SHA1-signatures.patch
|
||||
# # Support SHA1 in TLS in LEGACY crypto-policy (which is SECLEVEL=1)
|
||||
Patch52: 0052-Allow-SHA1-in-seclevel-1-if-rh-allow-sha1-signatures.patch
|
||||
# # https://github.com/openssl/openssl/pull/18103
|
||||
# # The patch is incorporated in 3.0.3 but we provide this function since 3.0.1
|
||||
# # so the patch should persist
|
||||
Patch56: 0056-strcasecmp.patch
|
||||
# # https://bugzilla.redhat.com/show_bug.cgi?id=2053289
|
||||
Patch58: 0058-FIPS-limit-rsa-encrypt.patch
|
||||
# # https://bugzilla.redhat.com/show_bug.cgi?id=2087147
|
||||
Patch61: 0061-Deny-SHA-1-signature-verification-in-FIPS-provider.patch
|
||||
# 0062-fips-Expose-a-FIPS-indicator.patch
|
||||
Patch62: 0062-fips-Expose-a-FIPS-indicator.patch
|
||||
# # https://bugzilla.redhat.com/show_bug.cgi?id=2102535
|
||||
Patch73: 0073-FIPS-Use-OAEP-in-KATs-support-fixed-OAEP-seed.patch
|
||||
# [PATCH 29/46]
|
||||
# 0074-FIPS-Use-digest_sign-digest_verify-in-self-test.patch
|
||||
Patch74: 0074-FIPS-Use-digest_sign-digest_verify-in-self-test.patch
|
||||
# # https://bugzilla.redhat.com/show_bug.cgi?id=2102535
|
||||
Patch75: 0075-FIPS-Use-FFDHE2048-in-self-test.patch
|
||||
# # Downstream only. Reseed DRBG using getrandom(GRND_RANDOM)
|
||||
# # https://bugzilla.redhat.com/show_bug.cgi?id=2102541
|
||||
Patch76: 0076-FIPS-140-3-DRBG.patch
|
||||
# # https://bugzilla.redhat.com/show_bug.cgi?id=2102542
|
||||
Patch77: 0077-FIPS-140-3-zeroization.patch
|
||||
# # https://bugzilla.redhat.com/show_bug.cgi?id=2114772
|
||||
Patch78: 0078-Add-FIPS-indicator-parameter-to-HKDF.patch
|
||||
# # https://github.com/openssl/openssl/pull/13817
|
||||
Patch79: 0079-RSA-PKCS15-implicit-rejection.patch
|
||||
# # We believe that some changes present in CentOS are not necessary
|
||||
# # because ustream has a check for FIPS version
|
||||
Patch80: 0080-rand-Forbid-truncated-hashes-SHA-3-in-FIPS-prov.patch
|
||||
# [PATCH 36/46]
|
||||
# 0081-signature-Remove-X9.31-padding-from-FIPS-prov.patch
|
||||
Patch81: 0081-signature-Remove-X9.31-padding-from-FIPS-prov.patch
|
||||
# [PATCH 37/46]
|
||||
# 0083-hmac-Add-explicit-FIPS-indicator-for-key-length.patch
|
||||
Patch83: 0083-hmac-Add-explicit-FIPS-indicator-for-key-length.patch
|
||||
# [PATCH 38/46]
|
||||
# 0084-pbkdf2-Set-minimum-password-length-of-8-bytes.patch
|
||||
Patch84: 0084-pbkdf2-Set-minimum-password-length-of-8-bytes.patch
|
||||
# 0085-FIPS-RSA-disable-shake.patch
|
||||
Patch85: 0085-FIPS-RSA-disable-shake.patch
|
||||
# 0088-signature-Add-indicator-for-PSS-salt-length.patch
|
||||
Patch88: 0088-signature-Add-indicator-for-PSS-salt-length.patch
|
||||
# 0091-FIPS-RSA-encapsulate.patch
|
||||
Patch91: 0091-FIPS-RSA-encapsulate.patch
|
||||
# [PATCH 42/46]
|
||||
# 0093-DH-Disable-FIPS-186-4-type-parameters-in-FIPS-mode.patch
|
||||
Patch93: 0093-DH-Disable-FIPS-186-4-type-parameters-in-FIPS-mode.patch
|
||||
# [PATCH 43/46]
|
||||
# 0110-GCM-Implement-explicit-FIPS-indicator-for-IV-gen.patch
|
||||
Patch110: 0110-GCM-Implement-explicit-FIPS-indicator-for-IV-gen.patch
|
||||
# [PATCH 44/46]
|
||||
# 0112-pbdkf2-Set-indicator-if-pkcs5-param-disabled-checks.patch
|
||||
Patch112: 0112-pbdkf2-Set-indicator-if-pkcs5-param-disabled-checks.patch
|
||||
# 0113-asymciphers-kem-Add-explicit-FIPS-indicator.patch
|
||||
Patch113: 0113-asymciphers-kem-Add-explicit-FIPS-indicator.patch
|
||||
# # We believe that some changes present in CentOS are not necessary
|
||||
# # because ustream has a check for FIPS version
|
||||
Patch114: 0114-FIPS-enforce-EMS-support.patch
|
||||
|
||||
# Patches exported from source git
|
||||
# Aarch64 and ppc64le use lib64
|
||||
Patch1: 0001-Aarch64-and-ppc64le-use-lib64.patch
|
||||
# Use more general default values in openssl.cnf
|
||||
Patch2: 0002-Use-more-general-default-values-in-openssl.cnf.patch
|
||||
# Do not install html docs
|
||||
Patch3: 0003-Do-not-install-html-docs.patch
|
||||
# Override default paths for the CA directory tree
|
||||
Patch4: 0004-Override-default-paths-for-the-CA-directory-tree.patch
|
||||
# apps/ca: fix md option help text
|
||||
Patch5: 0005-apps-ca-fix-md-option-help-text.patch
|
||||
# Disable signature verification with totally unsafe hash algorithms
|
||||
Patch6: 0006-Disable-signature-verification-with-totally-unsafe-h.patch
|
||||
# Add support for PROFILE=SYSTEM system default cipherlist
|
||||
Patch7: 0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch
|
||||
# Add FIPS_mode() compatibility macro
|
||||
Patch8: 0008-Add-FIPS_mode-compatibility-macro.patch
|
||||
# Add check to see if fips flag is enabled in kernel
|
||||
Patch9: 0009-Add-Kernel-FIPS-mode-flag-support.patch
|
||||
# remove unsupported EC curves
|
||||
Patch11: 0011-Remove-EC-curves.patch
|
||||
# Disable explicit EC curves
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=2066412
|
||||
Patch12: 0012-Disable-explicit-ec.patch
|
||||
# https://github.com/openssl/openssl/pull/17981
|
||||
# Patch13: 0013-FIPS-provider-explicit-ec.patch
|
||||
# https://github.com/openssl/openssl/pull/17998
|
||||
# Patch14: 0014-FIPS-disable-explicit-ec.patch
|
||||
# https://github.com/openssl/openssl/pull/18609
|
||||
# Patch15: 0015-FIPS-decoded-from-explicit.patch
|
||||
# Instructions to load legacy provider in openssl.cnf
|
||||
Patch24: 0024-load-legacy-prov.patch
|
||||
# Tmp: test name change
|
||||
Patch31: 0031-tmp-Fix-test-names.patch
|
||||
# We load FIPS provider and set FIPS properties implicitly
|
||||
Patch32: 0032-Force-fips.patch
|
||||
# Embed HMAC into the fips.so
|
||||
Patch33: 0033-FIPS-embed-hmac.patch
|
||||
# Comment out fipsinstall command-line utility
|
||||
Patch34: 0034.fipsinstall_disable.patch
|
||||
# Skip unavailable algorithms running `openssl speed`
|
||||
Patch35: 0035-speed-skip-unavailable-dgst.patch
|
||||
# Extra public/private key checks required by FIPS-140-3
|
||||
Patch44: 0044-FIPS-140-3-keychecks.patch
|
||||
# Minimize fips services
|
||||
Patch45: 0045-FIPS-services-minimize.patch
|
||||
# Backport of s390x hardening, https://github.com/openssl/openssl/pull/17486
|
||||
# Patch46: 0046-FIPS-s390x-hardening.patch
|
||||
# Execute KATS before HMAC verification
|
||||
Patch47: 0047-FIPS-early-KATS.patch
|
||||
# Backport of correctly handle 2^14 byte long records #17538
|
||||
# Patch48: 0048-correctly-handle-records.patch
|
||||
%if 0%{?rhel}
|
||||
# Selectively disallow SHA1 signatures
|
||||
Patch49: 0049-Selectively-disallow-SHA1-signatures.patch
|
||||
%else
|
||||
# Selectively disallow SHA1 signatures rhbz#2070977
|
||||
Patch49: 0049-Allow-disabling-of-SHA1-signatures.patch
|
||||
%endif
|
||||
# Backport of patch for RHEL for Edge rhbz #2027261
|
||||
Patch51: 0051-Support-different-R_BITS-lengths-for-KBKDF.patch
|
||||
%if 0%{?rhel}
|
||||
# Allow SHA1 in seclevel 2 if rh-allow-sha1-signatures = yes
|
||||
Patch52: 0052-Allow-SHA1-in-seclevel-2-if-rh-allow-sha1-signatures.patch
|
||||
%else
|
||||
# Support SHA1 in TLS in LEGACY crypto-policy (which is SECLEVEL=1)
|
||||
Patch52: 0052-Allow-SHA1-in-seclevel-1-if-rh-allow-sha1-signatures.patch
|
||||
%endif
|
||||
%if 0%{?rhel}
|
||||
# no USDT probe instrumentation required
|
||||
%else
|
||||
# Instrument with USDT probes related to SHA-1 deprecation
|
||||
Patch53: 0053-Add-SHA1-probes.patch
|
||||
%endif
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=2004915, backport of 2c0f7d46b8449423446cfe1e52fc1e1ecd506b62
|
||||
# Patch54: 0054-Replace-size-check-with-more-meaningful-pubkey-check.patch
|
||||
# https://github.com/openssl/openssl/pull/17324
|
||||
# Patch55: 0055-nonlegacy-fetch-null-deref.patch
|
||||
# https://github.com/openssl/openssl/pull/18103
|
||||
# The patch is incorporated in 3.0.3 but we provide this function since 3.0.1
|
||||
# so the patch should persist
|
||||
Patch56: 0056-strcasecmp.patch
|
||||
# https://github.com/openssl/openssl/pull/18175
|
||||
# Patch57: 0057-strcasecmp-fix.patch
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=2053289
|
||||
Patch58: 0058-FIPS-limit-rsa-encrypt.patch
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=2069235
|
||||
Patch60: 0060-FIPS-KAT-signature-tests.patch
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=2087147
|
||||
Patch61: 0061-Deny-SHA-1-signature-verification-in-FIPS-provider.patch
|
||||
Patch62: 0062-fips-Expose-a-FIPS-indicator.patch
|
||||
# https://github.com/openssl/openssl/pull/18141
|
||||
# Patch63: 0063-CVE-2022-1473.patch
|
||||
# upstream commits 55c80c222293a972587004c185dc5653ae207a0e 2eda98790c5c2741d76d23cc1e74b0dc4f4b391a
|
||||
# Patch64: 0064-CVE-2022-1343.diff
|
||||
# upstream commit 1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2
|
||||
# Patch65: 0065-CVE-2022-1292.patch
|
||||
# https://github.com/openssl/openssl/pull/18444
|
||||
# https://github.com/openssl/openssl/pull/18467
|
||||
# Patch66: 0066-replace-expired-certs.patch
|
||||
# https://github.com/openssl/openssl/pull/18512
|
||||
# Patch67: 0067-fix-ppc64-montgomery.patch
|
||||
#https://github.com/openssl/openssl/commit/2c9c35870601b4a44d86ddbf512b38df38285cfa
|
||||
#https://github.com/openssl/openssl/commit/8a3579a7b7067a983e69a4eda839ac408c120739
|
||||
# Patch68: 0068-CVE-2022-2068.patch
|
||||
# https://github.com/openssl/openssl/commit/a98f339ddd7e8f487d6e0088d4a9a42324885a93
|
||||
# https://github.com/openssl/openssl/commit/52d50d52c2f1f4b70d37696bfa74fe5e581e7ba8
|
||||
# Patch69: 0069-CVE-2022-2097.patch
|
||||
# https://github.com/openssl/openssl/commit/edceec7fe0c9a5534ae155c8398c63dd7dd95483
|
||||
# Patch70: 0070-EVP_PKEY_Q_keygen-Call-OPENSSL_init_crypto-to-init-s.patch
|
||||
# https://github.com/openssl/openssl/commit/44a563dde1584cd9284e80b6e45ee5019be8d36c
|
||||
# https://github.com/openssl/openssl/commit/345c99b6654b8313c792d54f829943068911ddbd
|
||||
Patch71: 0071-AES-GCM-performance-optimization.patch
|
||||
# https://github.com/openssl/openssl/commit/f596bbe4da779b56eea34d96168b557d78e1149
|
||||
# https://github.com/openssl/openssl/commit/7e1f3ffcc5bc15fb9a12b9e3bb202f544c6ed5aa
|
||||
# hunks in crypto/ppccap.c from https://github.com/openssl/openssl/commit/f5485b97b6c9977c0d39c7669b9f97a879312447
|
||||
Patch72: 0072-ChaCha20-performance-optimizations-for-ppc64le.patch
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=2102535
|
||||
Patch73: 0073-FIPS-Use-OAEP-in-KATs-support-fixed-OAEP-seed.patch
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=2102535
|
||||
Patch74: 0074-FIPS-Use-digest_sign-digest_verify-in-self-test.patch
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=2102535
|
||||
Patch75: 0075-FIPS-Use-FFDHE2048-in-self-test.patch
|
||||
# Downstream only. Reseed DRBG using getrandom(GRND_RANDOM)
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=2102541
|
||||
Patch76: 0076-FIPS-140-3-DRBG.patch
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=2102542
|
||||
Patch77: 0077-FIPS-140-3-zeroization.patch
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=2114772
|
||||
Patch78: 0078-Add-FIPS-indicator-parameter-to-HKDF.patch
|
||||
|
||||
License: ASL 2.0
|
||||
License: Apache-2.0
|
||||
URL: http://www.openssl.org/
|
||||
BuildRequires: gcc g++
|
||||
BuildRequires: coreutils, perl-interpreter, sed, zlib-devel, /usr/bin/cmp
|
||||
|
@ -235,13 +205,6 @@ from other formats to the formats used by the OpenSSL toolkit.
|
|||
%prep
|
||||
%autosetup -S git -n %{name}-%{version}
|
||||
|
||||
# The hobble_openssl is called here redundantly, just to be sure.
|
||||
# The tarball has already the sources removed.
|
||||
%{SOURCE1} > /dev/null
|
||||
|
||||
cp %{SOURCE12} crypto/ec/
|
||||
cp %{SOURCE13} test/
|
||||
|
||||
%build
|
||||
# Figure out which flags we want to use.
|
||||
# default
|
||||
|
@ -299,7 +262,7 @@ sslarch="linux64-mips64 -mips64r2"
|
|||
sslflags=enable-ec_nistp_64_gcc_128
|
||||
%endif
|
||||
%ifarch riscv64
|
||||
sslarch=linux-generic64
|
||||
sslarch=linux64-riscv64
|
||||
%endif
|
||||
ktlsopt=enable-ktls
|
||||
%ifarch armv7hl
|
||||
|
@ -321,14 +284,15 @@ export HASHBANGPERL=/usr/bin/perl
|
|||
# RPM_OPT_FLAGS, so we can skip specifiying them here.
|
||||
./Configure \
|
||||
--prefix=%{_prefix} --openssldir=%{_sysconfdir}/pki/tls ${sslflags} \
|
||||
%ifarch riscv64
|
||||
%ifarch riscv64
|
||||
--libdir=%{_lib} \
|
||||
%endif
|
||||
%endif
|
||||
--system-ciphers-file=%{_sysconfdir}/crypto-policies/back-ends/openssl.config \
|
||||
zlib enable-camellia enable-seed enable-rfc3779 enable-sctp \
|
||||
enable-cms enable-md2 enable-rc5 ${ktlsopt} enable-fips\
|
||||
no-mdc2 no-ec2m no-sm2 no-sm4 enable-buildtest-c++\
|
||||
shared ${sslarch} $RPM_OPT_FLAGS '-DDEVRANDOM="\"/dev/urandom\"" -DREDHAT_FIPS_VERSION="\"%{fips}\""'
|
||||
shared ${sslarch} $RPM_OPT_FLAGS '-DDEVRANDOM="\"/dev/urandom\"" -DREDHAT_FIPS_VERSION="\"%{fips}\""'\
|
||||
-Wl,--allow-multiple-definition
|
||||
|
||||
# Do not run this in a production package the FIPS symbols must be patched-in
|
||||
#util/mkdef.pl crypto update
|
||||
|
@ -364,7 +328,7 @@ export OPENSSL_ENABLE_SHA1_SIGNATURES
|
|||
OPENSSL_SYSTEM_CIPHERS_OVERRIDE=xyz_nonexistent_file
|
||||
export OPENSSL_SYSTEM_CIPHERS_OVERRIDE
|
||||
#embed HMAC into fips provider for test run
|
||||
LD_LIBRARY_PATH=. apps/openssl dgst -binary -sha256 -mac HMAC -macopt hexkey:f4556650ac31d35461610bac4ed81b1a181b2d8a43ea2854cbae22ca74560813 < providers/fips.so > providers/fips.so.hmac
|
||||
OPENSSL_CONF=/dev/null LD_LIBRARY_PATH=. apps/openssl dgst -binary -sha256 -mac HMAC -macopt hexkey:f4556650ac31d35461610bac4ed81b1a181b2d8a43ea2854cbae22ca74560813 < providers/fips.so > providers/fips.so.hmac
|
||||
objcopy --update-section .rodata1=providers/fips.so.hmac providers/fips.so providers/fips.so.mac
|
||||
mv providers/fips.so.mac providers/fips.so
|
||||
#run tests itself
|
||||
|
@ -377,7 +341,7 @@ make test HARNESS_JOBS=8
|
|||
%{?__debug_package:%{__debug_install_post}} \
|
||||
%{__arch_install_post} \
|
||||
%{__os_install_post} \
|
||||
LD_LIBRARY_PATH=. apps/openssl dgst -binary -sha256 -mac HMAC -macopt hexkey:f4556650ac31d35461610bac4ed81b1a181b2d8a43ea2854cbae22ca74560813 < $RPM_BUILD_ROOT%{_libdir}/ossl-modules/fips.so > $RPM_BUILD_ROOT%{_libdir}/ossl-modules/fips.so.hmac \
|
||||
OPENSSL_CONF=/dev/null LD_LIBRARY_PATH=. apps/openssl dgst -binary -sha256 -mac HMAC -macopt hexkey:f4556650ac31d35461610bac4ed81b1a181b2d8a43ea2854cbae22ca74560813 < $RPM_BUILD_ROOT%{_libdir}/ossl-modules/fips.so > $RPM_BUILD_ROOT%{_libdir}/ossl-modules/fips.so.hmac \
|
||||
objcopy --update-section .rodata1=$RPM_BUILD_ROOT%{_libdir}/ossl-modules/fips.so.hmac $RPM_BUILD_ROOT%{_libdir}/ossl-modules/fips.so $RPM_BUILD_ROOT%{_libdir}/ossl-modules/fips.so.mac \
|
||||
mv $RPM_BUILD_ROOT%{_libdir}/ossl-modules/fips.so.mac $RPM_BUILD_ROOT%{_libdir}/ossl-modules/fips.so \
|
||||
rm $RPM_BUILD_ROOT%{_libdir}/ossl-modules/fips.so.hmac \
|
||||
|
@ -517,13 +481,103 @@ install -m644 %{SOURCE9} \
|
|||
%ldconfig_scriptlets libs
|
||||
|
||||
%changelog
|
||||
* Fri Sep 09 2022 David Abdurachmanov <davidlt@rivosinc.com> - 1:3.0.5-3.0.riscv64
|
||||
- Add --libdir=%{_lib} for riscv64 (uses linux-generic64)
|
||||
* Wed Dec 20 2023 David Abdurachmanov <davidlt@rivosinc.com> - 1:3.1.4-1.0.riscv64
|
||||
- Set --libdir for riscv64
|
||||
- Switch riscv64 to linux64-riscv64
|
||||
|
||||
* Thu Oct 26 2023 Sahana Prasad <sahana@redhat.com> - 1:3.1.4-1
|
||||
- Rebase to upstream version 3.1.4
|
||||
|
||||
* Thu Oct 19 2023 Sahana Prasad <sahana@redhat.com> - 1:3.1.3-1
|
||||
- Rebase to upstream version 3.1.3
|
||||
|
||||
* Thu Aug 31 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.1.1-4
|
||||
- Drop duplicated patch and do some contamination
|
||||
|
||||
* Tue Aug 22 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.1.1-3
|
||||
- Integrate FIPS patches from CentOS
|
||||
|
||||
* Fri Aug 04 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.1.1-2
|
||||
- migrated to SPDX license
|
||||
|
||||
* Thu Jul 27 2023 Sahana Prasad <sahana@redhat.com> - 1:3.1.1-1
|
||||
- Rebase to upstream version 3.1.1
|
||||
Resolves: CVE-2023-0464
|
||||
Resolves: CVE-2023-0465
|
||||
Resolves: CVE-2023-0466
|
||||
Resolves: CVE-2023-1255
|
||||
Resolves: CVE-2023-2650
|
||||
|
||||
* Thu Jul 27 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.8-4
|
||||
- Forbid custom EC more completely
|
||||
Resolves: rhbz#2223953
|
||||
|
||||
* Thu Jul 20 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1:3.0.8-3
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
|
||||
|
||||
* Tue Mar 21 2023 Sahana Prasad <sahana@redhat.com> - 1:3.0.8-2
|
||||
- Upload new upstream sources without manually hobbling them.
|
||||
- Remove the hobbling script as it is redundant. It is now allowed to ship
|
||||
the sources of patented EC curves, however it is still made unavailable to use
|
||||
by compiling with the 'no-ec2m' Configure option. The additional forbidden
|
||||
curves such as P-160, P-192, wap-tls curves are manually removed by updating
|
||||
0011-Remove-EC-curves.patch.
|
||||
- Enable Brainpool curves.
|
||||
- Apply the changes to ec_curve.c and ectest.c as a new patch
|
||||
0010-Add-changes-to-ectest-and-eccurve.patch instead of replacing them.
|
||||
- Modify 0011-Remove-EC-curves.patch to allow Brainpool curves.
|
||||
- Modify 0011-Remove-EC-curves.patch to allow code under macro OPENSSL_NO_EC2M.
|
||||
Resolves: rhbz#2130618, rhbz#2141672
|
||||
|
||||
* Thu Feb 09 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.8-1
|
||||
- Rebase to upstream version 3.0.8
|
||||
Resolves: CVE-2022-4203
|
||||
Resolves: CVE-2022-4304
|
||||
Resolves: CVE-2022-4450
|
||||
Resolves: CVE-2023-0215
|
||||
Resolves: CVE-2023-0216
|
||||
Resolves: CVE-2023-0217
|
||||
Resolves: CVE-2023-0286
|
||||
Resolves: CVE-2023-0401
|
||||
|
||||
* Thu Jan 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1:3.0.7-4
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
|
||||
|
||||
* Thu Jan 05 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.7-3
|
||||
- Backport implicit rejection for RSA PKCS#1 v1.5 encryption
|
||||
Resolves: rhbz#2153470
|
||||
|
||||
* Thu Jan 05 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.7-2
|
||||
- Refactor embedded mac verification in FIPS module
|
||||
Resolves: rhbz#2156045
|
||||
|
||||
* Fri Dec 23 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.7-1
|
||||
- Rebase to upstream version 3.0.7
|
||||
- C99 compatibility in downstream-only 0032-Force-fips.patch
|
||||
Resolves: rhbz#2152504
|
||||
- Adjusting include for the FIPS_mode macro
|
||||
Resolves: rhbz#2083876
|
||||
|
||||
* Wed Nov 16 2022 Simo sorce <simo@redhat.com> - 1:3.0.5-7
|
||||
- Backport patches to fix external providers compatibility issues
|
||||
|
||||
* Tue Nov 01 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.5-6
|
||||
- CVE-2022-3602: X.509 Email Address Buffer Overflow
|
||||
- CVE-2022-3786: X.509 Email Address Buffer Overflow
|
||||
Resolves: CVE-2022-3602
|
||||
Resolves: CVE-2022-3786
|
||||
|
||||
* Mon Sep 12 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.5-5
|
||||
- Update patches to make ELN build happy
|
||||
Resolves: rhbz#2123755
|
||||
|
||||
* Fri Sep 09 2022 Clemens Lang <cllang@redhat.com> - 1:3.0.5-4
|
||||
- Fix AES-GCM on Power 8 CPUs
|
||||
Resolves: rhbz#2124845
|
||||
|
||||
* Thu Sep 01 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.5-3
|
||||
- Sync patches with RHEL
|
||||
Related: rhbz#2123755
|
||||
|
||||
* Fri Jul 22 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1:3.0.5-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
|
||||
|
||||
|
|
|
@ -0,0 +1,10 @@
|
|||
summary: Upstreamed interop-2way tests
|
||||
contact: Stanislav Zidek <szidek@redhat.com>
|
||||
discover:
|
||||
# upstreamed tests (public)
|
||||
- name: interop-gnutls-2way
|
||||
how: fmf
|
||||
url: https://gitlab.com/redhat-crypto/tests/interop.git
|
||||
filter: 'tag: interop-openssl & tag: interop-gnutls & tag: interop-2way'
|
||||
execute:
|
||||
how: tmt
|
|
@ -0,0 +1,10 @@
|
|||
summary: Upstreamed interop-2way tests
|
||||
contact: Stanislav Zidek <szidek@redhat.com>
|
||||
discover:
|
||||
# upstreamed tests (public)
|
||||
- name: interop-nss-2way
|
||||
how: fmf
|
||||
url: https://gitlab.com/redhat-crypto/tests/interop.git
|
||||
filter: 'tag: interop-openssl & tag: interop-nss & tag: interop-2way'
|
||||
execute:
|
||||
how: tmt
|
|
@ -0,0 +1,10 @@
|
|||
summary: Upstreamed interop-2way tests
|
||||
contact: Stanislav Zidek <szidek@redhat.com>
|
||||
discover:
|
||||
# upstreamed tests (public)
|
||||
- name: interop-nss-reneg
|
||||
how: fmf
|
||||
url: https://gitlab.com/redhat-crypto/tests/interop.git
|
||||
filter: 'tag: interop-openssl & tag: interop-nss & tag: interop-reneg'
|
||||
execute:
|
||||
how: tmt
|
|
@ -0,0 +1,11 @@
|
|||
summary: Python self-test.
|
||||
contact: python maintainers <python-maint@redhat.com>
|
||||
discover:
|
||||
- name: python-selftest
|
||||
how: fmf
|
||||
url: https://src.fedoraproject.org/tests/python.git
|
||||
filter: 'test: ./parallel.sh'
|
||||
environment:
|
||||
X: "test_ssl test_asyncio test_hashlib test_ftplib test_httplib test_imaplib test_logging test_nntplib test_poplib test_urllib2_localnet test_urllib test_xmlrpc"
|
||||
execute:
|
||||
how: tmt
|
|
@ -0,0 +1,10 @@
|
|||
summary: Upstreamed interop tests - short tests which do not need to run in parallel
|
||||
contact: Stanislav Zidek <szidek@redhat.com>
|
||||
discover:
|
||||
# upstreamed tests (public)
|
||||
- name: interop-other+basic
|
||||
how: fmf
|
||||
url: https://gitlab.com/redhat-crypto/tests/interop.git
|
||||
filter: 'tag: interop-openssl & tag: -interop-slow'
|
||||
execute:
|
||||
how: tmt
|
2
sources
2
sources
|
@ -1 +1 @@
|
|||
SHA512 (openssl-3.0.5-hobbled.tar.xz) = 2f5531d46a905af8d36bf81c18fa34ccc86f5bd66e6e4227bb17e2f926ef14f78057ab60cd9d55bb9d1bad3d5b56a71170e4a86708fd8352324db2e0747142cf
|
||||
SHA512 (openssl-3.1.4.tar.gz) = 4cd204b934cf3250dad985438d7ffd98e17f5d79086b379a0022d92c66e340b0b3a0357aaf606004d7f50cfc4c8964ac34c45d7cb0735cfa68f4fec65bd9d18f
|
||||
|
|
|
@ -1,18 +0,0 @@
|
|||
---
|
||||
- hosts: localhost
|
||||
roles:
|
||||
- role: standard-test-basic
|
||||
tags:
|
||||
- classic
|
||||
repositories:
|
||||
- repo: "https://src.fedoraproject.org/tests/python.git"
|
||||
dest: "python"
|
||||
tests:
|
||||
- python_selftest:
|
||||
dir: python/selftest
|
||||
run: X="test_ssl test_asyncio test_hashlib test_ftplib test_httplib test_imaplib test_logging test_nntplib test_poplib test_urllib2_localnet test_urllib test_xmlrpc" ./parallel.sh
|
||||
required_packages:
|
||||
- gcc # for extension building in venv and selftest
|
||||
- python3-tkinter # for selftest
|
||||
- python3-test # for selftest
|
||||
- python3-rpm-macros # for dynamic python version
|
Loading…
Reference in New Issue