From 8d5b538747717f36b6244bcdad38e41271fc7010 Mon Sep 17 00:00:00 2001 From: Jun Aruga Date: Thu, 9 Nov 2023 12:12:24 +0100 Subject: [PATCH] ssl: use ffdhe2048 from RFC 7919 as the default DH group parameter When the dependant openssl-libs was upgraded from 1:3.1.1-4.fc40 to 1:3.1.4-1.fc40, Fedora rawhide started to fail on Koschei. This commit fixes the following failures in OpenSSL FIPS. ``` + make -C redhat-linux-build runruby 'TESTRUN_SCRIPT= -I/builddir/build/BUILD/ruby-3.2.2/tool/lib --enable-gems /builddir/build/SOURCES/test_openssl_fips.rb /builddir/build/BUILD/ruby-3.2.2 --verbose' ... 1) Failure: OpenSSL::TestFIPS#test_fips_mode_get_with_fips_mode_set [/builddir/build/BUILD/ruby-3.2.2/test/openssl/test_fips.rb:38]: assert_separately failed with error message pid 93968 exit 1 | /builddir/build/BUILD/ruby-3.2.2/redhat-linux-build/.ext/common/openssl/pkey.rb:132:in `initialize': could not parse pkey (OpenSSL::PKey::DHError) | >-from /builddir/build/BUILD/ruby-3.2.2/redhat-linux-build/.ext/common/openssl/pkey.rb:132:in `new' | >-from /builddir/build/BUILD/ruby-3.2.2/redhat-linux-build/.ext/common/openssl/pkey.rb:132:in `new' | >-from /builddir/build/BUILD/ruby-3.2.2/redhat-linux-build/.ext/common/openssl/ssl.rb:37:in `' | >-from /builddir/build/BUILD/ruby-3.2.2/redhat-linux-build/.ext/common/openssl/ssl.rb:23:in `' | >-from /builddir/build/BUILD/ruby-3.2.2/redhat-linux-build/.ext/common/openssl/ssl.rb:22:in `' | >-from /builddir/build/BUILD/ruby-3.2.2/redhat-linux-build/.ext/common/openssl/ssl.rb:21:in `' | >-from /builddir/build/BUILD/ruby-3.2.2/redhat-linux-build/.ext/common/openssl.rb:21:in `require_relative' | >-from /builddir/build/BUILD/ruby-3.2.2/redhat-linux-build/.ext/common/openssl.rb:21:in `' | >-from -:in `require' 2) Failure: OpenSSL::TestFIPS#test_fips_mode_get_is_true_on_fips_mode_enabled [/builddir/build/BUILD/ruby-3.2.2/test/openssl/test_fips.rb:12]: assert_separately failed with error message pid 93969 exit 1 | /builddir/build/BUILD/ruby-3.2.2/redhat-linux-build/.ext/common/openssl/pkey.rb:132:in `initialize': could not parse pkey (OpenSSL::PKey::DHError) | >-from /builddir/build/BUILD/ruby-3.2.2/redhat-linux-build/.ext/common/openssl/pkey.rb:132:in `new' | >-from /builddir/build/BUILD/ruby-3.2.2/redhat-linux-build/.ext/common/openssl/pkey.rb:132:in `new' | >-from /builddir/build/BUILD/ruby-3.2.2/redhat-linux-build/.ext/common/openssl/ssl.rb:37:in `' | >-from /builddir/build/BUILD/ruby-3.2.2/redhat-linux-build/.ext/common/openssl/ssl.rb:23:in `' | >-from /builddir/build/BUILD/ruby-3.2.2/redhat-linux-build/.ext/common/openssl/ssl.rb:22:in `' | >-from /builddir/build/BUILD/ruby-3.2.2/redhat-linux-build/.ext/common/openssl/ssl.rb:21:in `' | >-from /builddir/build/BUILD/ruby-3.2.2/redhat-linux-build/.ext/common/openssl.rb:21:in `require_relative' | >-from /builddir/build/BUILD/ruby-3.2.2/redhat-linux-build/.ext/common/openssl.rb:21:in `' | >-from -:in `require' Finished tests in 0.166449s, 72.0941 tests/s, 342.4468 assertions/s. 12 tests, 57 assertions, 2 failures, 0 errors, 1 skips ``` The commit was ported from CentOS Stream rpms/ruby stream-ruby-3.1-rhel-9.4.0 branch: . --- ...2.0-fips-fix-pkey-dh-require-openssl.patch | 73 +++++++++++++++++++ ruby.spec | 8 ++ 2 files changed, 81 insertions(+) create mode 100644 ruby-3.3.0-openssl-3.2.0-fips-fix-pkey-dh-require-openssl.patch diff --git a/ruby-3.3.0-openssl-3.2.0-fips-fix-pkey-dh-require-openssl.patch b/ruby-3.3.0-openssl-3.2.0-fips-fix-pkey-dh-require-openssl.patch new file mode 100644 index 0000000..a0951bd --- /dev/null +++ b/ruby-3.3.0-openssl-3.2.0-fips-fix-pkey-dh-require-openssl.patch @@ -0,0 +1,73 @@ +From b6d7cdc2bad0eadbca73f3486917f0ec7a475814 Mon Sep 17 00:00:00 2001 +From: Kazuki Yamaguchi +Date: Tue, 29 Aug 2023 19:46:02 +0900 +Subject: [PATCH] [ruby/openssl] ssl: use ffdhe2048 from RFC 7919 as the + default DH group parameters + +In TLS 1.2 or before, if DH group parameters for DHE are not supplied +with SSLContext#tmp_dh= or #tmp_dh_callback=, we currently use the +self-generated parameters added in commit https://github.com/ruby/openssl/commit/bb3399a61c03 ("support 2048 +bit length DH-key", 2016-01-15) as the fallback. + +While there is no known weakness in the current parameters, it would be +a good idea to switch to pre-defined, more well audited parameters. + +This also allows the fallback to work in the FIPS mode. + +The PEM encoding was derived with: + + # RFC 7919 Appendix A.1. ffdhe2048 + print OpenSSL::PKey.read(OpenSSL::ASN1::Sequence([OpenSSL::ASN1::Integer((<<-END).split.join.to_i(16)), OpenSSL::ASN1::Integer(2)]).to_der).to_pem + FFFFFFFF FFFFFFFF ADF85458 A2BB4A9A AFDC5620 273D3CF1 + D8B9C583 CE2D3695 A9E13641 146433FB CC939DCE 249B3EF9 + 7D2FE363 630C75D8 F681B202 AEC4617A D3DF1ED5 D5FD6561 + 2433F51F 5F066ED0 85636555 3DED1AF3 B557135E 7F57C935 + 984F0C70 E0E68B77 E2A689DA F3EFE872 1DF158A1 36ADE735 + 30ACCA4F 483A797A BC0AB182 B324FB61 D108A94B B2C8E3FB + B96ADAB7 60D7F468 1D4F42A3 DE394DF4 AE56EDE7 6372BB19 + 0B07A7C8 EE0A6D70 9E02FCE1 CDF7E2EC C03404CD 28342F61 + 9172FE9C E98583FF 8E4F1232 EEF28183 C3FE3B1B 4C6FAD73 + 3BB5FCBC 2EC22005 C58EF183 7D1683B2 C6F34A26 C1B2EFFA + 886B4238 61285C97 FFFFFFFF FFFFFFFF + END + +https://github.com/ruby/openssl/commit/a5527cb4f4 +--- + ext/openssl/lib/openssl/ssl.rb | 18 +++++++++--------- + 1 file changed, 9 insertions(+), 9 deletions(-) + +diff --git a/ext/openssl/lib/openssl/ssl.rb b/ext/openssl/lib/openssl/ssl.rb +index ea8bb2a18e533..94be6ba80b894 100644 +--- a/ext/openssl/lib/openssl/ssl.rb ++++ b/ext/openssl/lib/openssl/ssl.rb +@@ -34,21 +34,21 @@ class SSLContext + } + + if defined?(OpenSSL::PKey::DH) +- DEFAULT_2048 = OpenSSL::PKey::DH.new <<-_end_of_pem_ ++ DH_ffdhe2048 = OpenSSL::PKey::DH.new <<-_end_of_pem_ + -----BEGIN DH PARAMETERS----- +-MIIBCAKCAQEA7E6kBrYiyvmKAMzQ7i8WvwVk9Y/+f8S7sCTN712KkK3cqd1jhJDY +-JbrYeNV3kUIKhPxWHhObHKpD1R84UpL+s2b55+iMd6GmL7OYmNIT/FccKhTcveab +-VBmZT86BZKYyf45hUF9FOuUM9xPzuK3Vd8oJQvfYMCd7LPC0taAEljQLR4Edf8E6 +-YoaOffgTf5qxiwkjnlVZQc3whgnEt9FpVMvQ9eknyeGB5KHfayAc3+hUAvI3/Cr3 +-1bNveX5wInh5GDx1FGhKBZ+s1H+aedudCm7sCgRwv8lKWYGiHzObSma8A86KG+MD +-7Lo5JquQ3DlBodj3IDyPrxIv96lvRPFtAwIBAg== ++MIIBCAKCAQEA//////////+t+FRYortKmq/cViAnPTzx2LnFg84tNpWp4TZBFGQz +++8yTnc4kmz75fS/jY2MMddj2gbICrsRhetPfHtXV/WVhJDP1H18GbtCFY2VVPe0a ++87VXE15/V8k1mE8McODmi3fipona8+/och3xWKE2rec1MKzKT0g6eXq8CrGCsyT7 ++YdEIqUuyyOP7uWrat2DX9GgdT0Kj3jlN9K5W7edjcrsZCwenyO4KbXCeAvzhzffi ++7MA0BM0oNC9hkXL+nOmFg/+OTxIy7vKBg8P+OxtMb61zO7X8vC7CIAXFjvGDfRaD ++ssbzSibBsu/6iGtCOGEoXJf//////////wIBAg== + -----END DH PARAMETERS----- + _end_of_pem_ +- private_constant :DEFAULT_2048 ++ private_constant :DH_ffdhe2048 + + DEFAULT_TMP_DH_CALLBACK = lambda { |ctx, is_export, keylen| # :nodoc: + warn "using default DH parameters." if $VERBOSE +- DEFAULT_2048 ++ DH_ffdhe2048 + } + end + diff --git a/ruby.spec b/ruby.spec index fac61e9..55929d0 100644 --- a/ruby.spec +++ b/ruby.spec @@ -193,6 +193,10 @@ Patch13: ruby-3.3.0-openssl-3.2.0-fips-fix-pkey-read-in-openssl-3.patch # https://github.com/ruby/openssl/pull/615 # https://github.com/ruby/ruby/commit/920bc71284f417f9044b0dc1822b1d29a8fc61e5 Patch14: ruby-3.3.0-openssl-3.2.0-fips-enable-tests.patch +# ssl: use ffdhe2048 from RFC 7919 as the default DH group parameters +# https://github.com/ruby/openssl/pull/674 +# https://github.com/ruby/ruby/commit/b6d7cdc2bad0eadbca73f3486917f0ec7a475814 +Patch15: ruby-3.3.0-openssl-3.2.0-fips-fix-pkey-dh-require-openssl.patch Requires: %{name}-libs%{?_isa} = %{version}-%{release} %{?with_rubypick:Suggests: rubypick} @@ -666,6 +670,7 @@ analysis result in RBS format, a standard type description format for Ruby %patch 12 -p1 %patch 13 -p1 %patch 14 -p1 +%patch 15 -p1 # Provide an example of usage of the tapset: cp -a %{SOURCE3} . @@ -1584,6 +1589,9 @@ make -C %{_vpath_builddir} runruby TESTRUN_SCRIPT=" \ %changelog +* Thu Nov 09 2023 Jun Aruga - 3.2.2-183 +- ssl: use ffdhe2048 from RFC 7919 as the default DH group parameters + * Thu Nov 02 2023 Jarek Prokop - 3.2.2-183 - Fix typo in bundled provide of rubygem-bundler for rubygem-net-http-persistent.