From 21b697b84e62001dede0843fc03f5ddb21b62b7f Mon Sep 17 00:00:00 2001 From: Dmitry Belyavskiy Date: Jun 07 2023 15:53:13 +0000 Subject: [PATCH 1/4] Initial commit. New sources, commented out already present patches, fedpkg prep passes --- diff --git a/.gitignore b/.gitignore index d8bab5a..c518dfe 100644 --- a/.gitignore +++ b/.gitignore @@ -58,3 +58,4 @@ openssl-1.0.0a-usa.tar.bz2 /openssl-3.0.7-hobbled.tar.gz /openssl-3.0.8-hobbled.tar.gz /openssl-3.0.8.tar.gz +/openssl-3.1.1.tar.gz diff --git a/0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch b/0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch index 18ff59c..4c313ff 100644 --- a/0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch +++ b/0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch @@ -272,9 +272,9 @@ index 404a706fab..e81fa9ec3e 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -5282,3 +5282,4 @@ OSSL_DECODER_CTX_set_input_structure ? 3_0_0 EXIST::FUNCTION: - OPENSSL_strcasecmp 5556 3_0_3 EXIST::FUNCTION: - OPENSSL_strncasecmp 5557 3_0_3 EXIST::FUNCTION: - OSSL_CMP_CTX_reset_geninfo_ITAVs 5558 3_0_8 EXIST::FUNCTION:CMP + EVP_CIPHER_CTX_dup 5563 3_1_0 EXIST::FUNCTION: + BN_are_coprime 5564 3_1_0 EXIST::FUNCTION: + OSSL_CMP_MSG_update_recipNonce 5565 3_0_9 EXIST::FUNCTION:CMP +ossl_safe_getenv ? 3_0_0 EXIST::FUNCTION: -- 2.26.2 diff --git a/0009-Add-Kernel-FIPS-mode-flag-support.patch b/0009-Add-Kernel-FIPS-mode-flag-support.patch index 50c3343..3f25180 100644 --- a/0009-Add-Kernel-FIPS-mode-flag-support.patch +++ b/0009-Add-Kernel-FIPS-mode-flag-support.patch @@ -1,9 +1,9 @@ diff -up openssl-3.0.0-alpha13/crypto/context.c.kernel-fips openssl-3.0.0-alpha13/crypto/context.c --- openssl-3.0.0-alpha13/crypto/context.c.kernel-fips 2021-03-16 00:09:55.814826432 +0100 +++ openssl-3.0.0-alpha13/crypto/context.c 2021-03-16 00:15:55.129043811 +0100 -@@ -12,11 +12,46 @@ - #include "crypto/ctype.h" - #include "crypto/rand.h" +@@ -12,6 +12,41 @@ + #include "internal/provider.h" + #include "crypto/context.h" +# include +# include @@ -11,11 +11,6 @@ diff -up openssl-3.0.0-alpha13/crypto/context.c.kernel-fips openssl-3.0.0-alpha1 +# include +# include + - struct ossl_lib_ctx_onfree_list_st { - ossl_lib_ctx_onfree_fn *fn; - struct ossl_lib_ctx_onfree_list_st *next; - }; - +# define FIPS_MODE_SWITCH_FILE "/proc/sys/crypto/fips_enabled" + +static int kernel_fips_flag; @@ -46,16 +41,16 @@ diff -up openssl-3.0.0-alpha13/crypto/context.c.kernel-fips openssl-3.0.0-alpha1 + + struct ossl_lib_ctx_st { - CRYPTO_RWLOCK *lock; - CRYPTO_EX_DATA data; + CRYPTO_RWLOCK *lock, *rand_crngt_lock; + OSSL_EX_DATA_GLOBAL global; @@ -121,6 +170,7 @@ static CRYPTO_THREAD_LOCAL default_conte DEFINE_RUN_ONCE_STATIC(default_context_do_init) { + read_kernel_fips_flag(); - return CRYPTO_THREAD_init_local(&default_context_thread_local, NULL) - && context_init(&default_context_int); - } + if (!CRYPTO_THREAD_init_local(&default_context_thread_local, NULL)) + goto err; + diff -up openssl-3.0.1/include/internal/provider.h.embed-fips openssl-3.0.1/include/internal/provider.h --- openssl-3.0.1/include/internal/provider.h.embed-fips 2022-01-11 13:13:08.323238760 +0100 +++ openssl-3.0.1/include/internal/provider.h 2022-01-11 13:13:43.522558909 +0100 diff --git a/0031-tmp-Fix-test-names.patch b/0031-tmp-Fix-test-names.patch index 42b3c0a..9647978 100644 --- a/0031-tmp-Fix-test-names.patch +++ b/0031-tmp-Fix-test-names.patch @@ -1,15 +1,3 @@ -diff -up openssl-3.0.0/test/recipes/90-test_sslapi.t.beldmit openssl-3.0.0/test/recipes/90-test_sslapi.t ---- openssl-3.0.0/test/recipes/90-test_sslapi.t.beldmit 2021-09-22 11:56:49.452507975 +0200 -+++ openssl-3.0.0/test/recipes/90-test_sslapi.t 2021-09-22 11:57:19.371764742 +0200 -@@ -40,7 +40,7 @@ unless ($no_fips) { - "recipes", - "90-test_sslapi_data", - "dhparams.pem")])), -- "running sslapitest"); -+ "running sslapitest - FIPS"); - } - - unlink $tmpfilename; diff --git a/test/sslapitest.c b/test/sslapitest.c index e95d2657f46c..7af0eab3fce0 100644 --- a/test/sslapitest.c diff --git a/0032-Force-fips.patch b/0032-Force-fips.patch index 514ab67..07a56a8 100644 --- a/0032-Force-fips.patch +++ b/0032-Force-fips.patch @@ -1,9 +1,3 @@ -#Note: provider_conf_activate() is introduced in downstream only. It is a rewrite -#(partial) of the function provider_conf_load() under the 'if (activate) section. -#If there is any change to this section, after deleting it in provider_conf_load() -#ensure that you also add those changes to the provider_conf_activate() function. -#additionally please add this check for cnf explicitly as shown below. -#'ok = cnf ? provider_conf_params(prov, NULL, NULL, value, cnf) : 1;' diff -up openssl-3.0.1/crypto/provider_conf.c.fipsact openssl-3.0.1/crypto/provider_conf.c --- openssl-3.0.1/crypto/provider_conf.c.fipsact 2022-05-12 12:44:31.199034948 +0200 +++ openssl-3.0.1/crypto/provider_conf.c 2022-05-12 12:49:17.468318373 +0200 @@ -15,142 +9,15 @@ diff -up openssl-3.0.1/crypto/provider_conf.c.fipsact openssl-3.0.1/crypto/provi #include #include #include -@@ -136,58 +136,18 @@ static int prov_already_activated(const - return 0; - } - --static int provider_conf_load(OSSL_LIB_CTX *libctx, const char *name, -- const char *value, const CONF *cnf) -+static int provider_conf_activate(OSSL_LIB_CTX *libctx,const char *name, -+ const char *value, const char *path, -+ int soft, const CONF *cnf) - { -- int i; -- STACK_OF(CONF_VALUE) *ecmds; -- int soft = 0; -- OSSL_PROVIDER *prov = NULL, *actual = NULL; -- const char *path = NULL; -- long activate = 0; - int ok = 0; -- -- name = skip_dot(name); -- OSSL_TRACE1(CONF, "Configuring provider %s\n", name); -- /* Value is a section containing PROVIDER commands */ -- ecmds = NCONF_get_section(cnf, value); -- -- if (!ecmds) { -- ERR_raise_data(ERR_LIB_CRYPTO, CRYPTO_R_PROVIDER_SECTION_ERROR, -- "section=%s not found", value); -- return 0; -- } -- -- /* Find the needed data first */ -- for (i = 0; i < sk_CONF_VALUE_num(ecmds); i++) { -- CONF_VALUE *ecmd = sk_CONF_VALUE_value(ecmds, i); -- const char *confname = skip_dot(ecmd->name); -- const char *confvalue = ecmd->value; -- -- OSSL_TRACE2(CONF, "Provider command: %s = %s\n", -- confname, confvalue); -- -- /* First handle some special pseudo confs */ -- -- /* Override provider name to use */ -- if (strcmp(confname, "identity") == 0) -- name = confvalue; -- else if (strcmp(confname, "soft_load") == 0) -- soft = 1; -- /* Load a dynamic PROVIDER */ -- else if (strcmp(confname, "module") == 0) -- path = confvalue; -- else if (strcmp(confname, "activate") == 0) -- activate = 1; -- } -- -- if (activate) { -- PROVIDER_CONF_GLOBAL *pcgbl -- = ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_PROVIDER_CONF_INDEX, -- &provider_conf_ossl_ctx_method); -+ OSSL_PROVIDER *prov = NULL, *actual = NULL; -+ PROVIDER_CONF_GLOBAL *pcgbl -+ = ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_PROVIDER_CONF_INDEX, -+ &provider_conf_ossl_ctx_method); - - if (pcgbl == NULL || !CRYPTO_THREAD_write_lock(pcgbl->lock)) { -- ERR_raise(ERR_LIB_CRYPTO, ERR_R_INTERNAL_ERROR); -+ ERR_raise(ERR_LIB_CRYPTO, ERR_R_INTERNAL_ERROR); - return 0; - } - if (!prov_already_activated(name, pcgbl->activated_providers)) { @@ -216,7 +176,7 @@ static int provider_conf_load(OSSL_LIB_C - if (path != NULL) - ossl_provider_set_module_path(prov, path); + if (path != NULL) + ossl_provider_set_module_path(prov, path); -- ok = provider_conf_params(prov, NULL, NULL, value, cnf); -+ ok = cnf ? provider_conf_params(prov, NULL, NULL, value, cnf) : 1; - - if (ok) { - if (!ossl_provider_activate(prov, 1, 0)) { -@@ -244,8 +204,59 @@ static int provider_conf_load(OSSL_LIB_C - } - if (!ok) - ossl_provider_free(prov); -+ } else { /* No reason to activate the provider twice, returning OK */ -+ ok = 1; - } - CRYPTO_THREAD_unlock(pcgbl->lock); -+ return ok; -+} -+ -+static int provider_conf_load(OSSL_LIB_CTX *libctx, const char *name, -+ const char *value, const CONF *cnf) -+{ -+ int i; -+ STACK_OF(CONF_VALUE) *ecmds; -+ int soft = 0; -+ const char *path = NULL; -+ long activate = 0; -+ int ok = 0; -+ -+ name = skip_dot(name); -+ OSSL_TRACE1(CONF, "Configuring provider %s\n", name); -+ /* Value is a section containing PROVIDER commands */ -+ ecmds = NCONF_get_section(cnf, value); -+ -+ if (!ecmds) { -+ ERR_raise_data(ERR_LIB_CRYPTO, CRYPTO_R_PROVIDER_SECTION_ERROR, -+ "section=%s not found", value); -+ return 0; -+ } -+ -+ /* Find the needed data first */ -+ for (i = 0; i < sk_CONF_VALUE_num(ecmds); i++) { -+ CONF_VALUE *ecmd = sk_CONF_VALUE_value(ecmds, i); -+ const char *confname = skip_dot(ecmd->name); -+ const char *confvalue = ecmd->value; -+ -+ OSSL_TRACE2(CONF, "Provider command: %s = %s\n", -+ confname, confvalue); -+ -+ /* First handle some special pseudo confs */ -+ -+ /* Override provider name to use */ -+ if (strcmp(confname, "identity") == 0) -+ name = confvalue; -+ else if (strcmp(confname, "soft_load") == 0) -+ soft = 1; -+ /* Load a dynamic PROVIDER */ -+ else if (strcmp(confname, "module") == 0) -+ path = confvalue; -+ else if (strcmp(confname, "activate") == 0) -+ activate = 1; -+ } -+ -+ if (activate) { -+ ok = provider_conf_activate(libctx, name, value, path, soft, cnf); - } else { - OSSL_PROVIDER_INFO entry; +- ok = provider_conf_params(prov, NULL, NULL, value, cnf); ++ ok = cnf ? provider_conf_params(prov, NULL, NULL, value, cnf) : 1; + if (ok) { + if (!ossl_provider_activate(prov, 1, 0)) { @@ -306,6 +317,19 @@ static int provider_conf_init(CONF_IMODU return 0; } diff --git a/0033-FIPS-embed-hmac.patch b/0033-FIPS-embed-hmac.patch index 484a75e..f014a07 100644 --- a/0033-FIPS-embed-hmac.patch +++ b/0033-FIPS-embed-hmac.patch @@ -2,8 +2,8 @@ diff -up openssl-3.0.7/providers/fips/self_test.c.embed-hmac openssl-3.0.7/provi --- openssl-3.0.7/providers/fips/self_test.c.embed-hmac 2023-01-05 10:03:44.864869710 +0100 +++ openssl-3.0.7/providers/fips/self_test.c 2023-01-05 10:15:17.041606472 +0100 @@ -172,11 +172,27 @@ DEP_FINI_ATTRIBUTE void cleanup(void) + return ok; } - #endif +#define HMAC_LEN 32 +/* @@ -29,7 +29,7 @@ diff -up openssl-3.0.7/providers/fips/self_test.c.embed-hmac openssl-3.0.7/provi static int verify_integrity(OSSL_CORE_BIO *bio, OSSL_FUNC_BIO_read_ex_fn read_ex_cb, unsigned char *expected, size_t expected_len, OSSL_LIB_CTX *libctx, OSSL_SELF_TEST *ev, -@@ -189,9 +205,20 @@ static int verify_integrity(OSSL_CORE_BI +@@ -189,12 +205,23 @@ static int verify_integrity(OSSL_CORE_BI EVP_MAC *mac = NULL; EVP_MAC_CTX *ctx = NULL; OSSL_PARAM params[2], *p = params; @@ -39,6 +39,9 @@ diff -up openssl-3.0.7/providers/fips/self_test.c.embed-hmac openssl-3.0.7/provi + unsigned long paddr; + unsigned long off = 0; + if (!integrity_self_test(ev, libctx)) + goto err; + OSSL_SELF_TEST_onbegin(ev, event_type, OSSL_SELF_TEST_DESC_INTEGRITY_HMAC); + if (!dladdr1 ((const void *)fips_hmac_container, @@ -118,8 +121,8 @@ diff -up openssl-3.0.7/providers/fips/self_test.c.embed-hmac openssl-3.0.7/provi ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_CONFIG_DATA); goto end; @@ -356,7 +413,6 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS - ok = 1; end: + EVP_RAND_free(testrand); OSSL_SELF_TEST_free(ev); - OPENSSL_free(module_checksum); OPENSSL_free(indicator_checksum); @@ -159,8 +162,8 @@ diff -ruN openssl-3.0.0/test/recipes/03-test_fipsinstall.t openssl-3.0.0-xxx/tes -plan skip_all => "Test only supported in a fips build" if disabled("fips"); +plan skip_all => "Test only supported in a fips build" if 1; - plan tests => 29; - + # Compatible options for pedantic FIPS compliance + my @pedantic_okay = diff -ruN openssl-3.0.0/test/recipes/30-test_defltfips.t openssl-3.0.0-xxx/test/recipes/30-test_defltfips.t --- openssl-3.0.0/test/recipes/30-test_defltfips.t 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.0-xxx/test/recipes/30-test_defltfips.t 2021-11-18 10:22:54.179659682 +0100 @@ -194,9 +197,9 @@ diff -ruN openssl-3.0.0/test/recipes/90-test_sslapi.t openssl-3.0.0-xxx/test/rec -my $no_fips = disabled('fips') || ($ENV{NO_FIPS} // 0); +my $no_fips = 1; #disabled('fips') || ($ENV{NO_FIPS} // 0); + my $fipsmodcfg_filename = "fipsmodule.cnf"; + my $fipsmodcfg = bldtop_file("test", $fipsmodcfg_filename); - plan skip_all => "No TLS/SSL protocols are supported by this OpenSSL build" - if alldisabled(grep { $_ ne "ssl3" } available_protocols("tls")); --- /dev/null 2021-11-16 15:27:32.915000000 +0100 +++ openssl-3.0.0/test/fipsmodule.cnf 2021-11-18 11:15:34.538060408 +0100 @@ -0,0 +1,2 @@ diff --git a/0034.fipsinstall_disable.patch b/0034.fipsinstall_disable.patch index ab9d460..11779fe 100644 --- a/0034.fipsinstall_disable.patch +++ b/0034.fipsinstall_disable.patch @@ -164,7 +164,7 @@ diff -up openssl-3.0.0/doc/man7/OSSL_PROVIDER-FIPS.pod.xxx openssl-3.0.0/doc/man diff -up openssl-3.0.1/doc/man1/openssl-fipsinstall.pod.in.embed-hmac openssl-3.0.1/doc/man1/openssl-fipsinstall.pod.in --- openssl-3.0.1/doc/man1/openssl-fipsinstall.pod.in.embed-hmac 2022-01-11 13:26:33.279906225 +0100 +++ openssl-3.0.1/doc/man1/openssl-fipsinstall.pod.in 2022-01-11 13:33:18.757994419 +0100 -@@ -8,236 +8,11 @@ openssl-fipsinstall - perform FIPS confi +@@ -8,275 +8,9 @@ openssl-fipsinstall - perform FIPS confi =head1 SYNOPSIS B @@ -179,14 +179,18 @@ diff -up openssl-3.0.1/doc/man1/openssl-fipsinstall.pod.in.embed-hmac openssl-3. -[B<-macopt> I:I] -[B<-noout>] -[B<-quiet>] +-[B<-pedantic>] -[B<-no_conditional_errors>] -[B<-no_security_checks>] +-[B<-ems_check>] +-[B<-no_drbg_truncated_digests>] -[B<-self_test_onload>] +-[B<-self_test_oninstall>] -[B<-corrupt_desc> I] -[B<-corrupt_type> I] -[B<-config> I] - - =head1 DESCRIPTION +- +-=head1 DESCRIPTION - -This command is used to generate a FIPS module configuration file. -This configuration file can be used each time a FIPS module is loaded @@ -315,6 +319,14 @@ diff -up openssl-3.0.1/doc/man1/openssl-fipsinstall.pod.in.embed-hmac openssl-3. - -Disable logging of the self tests. - +-=item B<-pedantic> +- +-Configure the module so that it is strictly FIPS compliant rather +-than being backwards compatible. This enables conditional errors, +-security checks etc. Note that any previous configuration options will +-be overwritten and any subsequent configuration options that violate +-FIPS compliance will result in an error. +- -=item B<-no_conditional_errors> - -Configure the module to not enter an error state if a conditional self test @@ -324,6 +336,20 @@ diff -up openssl-3.0.1/doc/man1/openssl-fipsinstall.pod.in.embed-hmac openssl-3. - -Configure the module to not perform run-time security checks as described above. - +-Enabling the configuration option "no-fips-securitychecks" provides another way to +-turn off the check at compile time. +- +-=item B<-ems_check> +- +-Configure the module to enable a run-time Extended Master Secret (EMS) check +-when using the TLS1_PRF KDF algorithm. This check is disabled by default. +-See RFC 7627 for information related to EMS. +- +-=item B<-no_drbg_truncated_digests> +- +-Configure the module to not allow truncated digests to be used with Hash and +-HMAC DRBGs. See FIPS 140-3 IG D.R for details. +- -=item B<-self_test_onload> - -Do not write the two fields related to the "test status indicator" and @@ -334,6 +360,14 @@ diff -up openssl-3.0.1/doc/man1/openssl-fipsinstall.pod.in.embed-hmac openssl-3. -could possibly then add the 2 fields into the configuration using some other -mechanism. - +-This is the default. +- +-=item B<-self_test_oninstall> +- +-The converse of B<-self_test_oninstall>. The two fields related to the +-"test status indicator" and "MAC status indicator" are written to the +-output configuration file. +- -=item B<-quiet> - -Do not output pass/fail messages. Implies B<-noout>. @@ -369,6 +403,11 @@ diff -up openssl-3.0.1/doc/man1/openssl-fipsinstall.pod.in.embed-hmac openssl-3. -For normal usage the base configuration file should use the default provider -when generating the fips configuration file. - +-The B<-self_test_oninstall> option was added and the +-B<-self_test_onload> option was made the default in OpenSSL 3.1. +- +-The command and all remaining options were added in OpenSSL 3.0. +- -=head1 EXAMPLES - -Calculate the mac of a FIPS module F and run a FIPS self test diff --git a/0044-FIPS-140-3-keychecks.patch b/0044-FIPS-140-3-keychecks.patch index a0ec627..137a26d 100644 --- a/0044-FIPS-140-3-keychecks.patch +++ b/0044-FIPS-140-3-keychecks.patch @@ -89,21 +89,6 @@ diff -up openssl-3.0.1/providers/implementations/exchange/ecdh_exch.c.fips3 open retlen = ECDH_compute_key(secret, size, ppubkey, privk, NULL); -diff -up openssl-3.0.1/crypto/ec/ec_key.c.fips3 openssl-3.0.1/crypto/ec/ec_key.c ---- openssl-3.0.1/crypto/ec/ec_key.c.fips3 2022-07-25 14:03:34.420222507 +0200 -+++ openssl-3.0.1/crypto/ec/ec_key.c 2022-07-25 14:09:00.728164294 +0200 -@@ -336,6 +336,11 @@ static int ec_generate_key(EC_KEY *eckey - - OSSL_SELF_TEST_get_callback(eckey->libctx, &cb, &cbarg); - ok = ecdsa_keygen_pairwise_test(eckey, cb, cbarg); -+ -+#ifdef FIPS_MODULE -+ ok &= ossl_ec_key_public_check(eckey, ctx); -+ ok &= ossl_ec_key_pairwise_check(eckey, ctx); -+#endif /* FIPS_MODULE */ - } - err: - /* Step (9): If there is an error return an invalid keypair. */ diff -up openssl-3.0.1/crypto/rsa/rsa_gen.c.fips3 openssl-3.0.1/crypto/rsa/rsa_gen.c --- openssl-3.0.1/crypto/rsa/rsa_gen.c.fips3 2022-07-25 17:02:17.807271297 +0200 +++ openssl-3.0.1/crypto/rsa/rsa_gen.c 2022-07-25 17:18:24.931959649 +0200 diff --git a/0045-FIPS-services-minimize.patch b/0045-FIPS-services-minimize.patch index e8e6fd9..2791eb5 100644 --- a/0045-FIPS-services-minimize.patch +++ b/0045-FIPS-services-minimize.patch @@ -15,16 +15,8 @@ diff -up openssl-3.0.1/providers/common/capabilities.c.fipsmin3 openssl-3.0.1/pr diff -up openssl-3.0.1/providers/fips/fipsprov.c.fipsmin2 openssl-3.0.1/providers/fips/fipsprov.c --- openssl-3.0.1/providers/fips/fipsprov.c.fipsmin2 2022-05-05 11:42:58.596848856 +0200 +++ openssl-3.0.1/providers/fips/fipsprov.c 2022-05-05 11:55:42.997562712 +0200 -@@ -54,7 +54,6 @@ static void fips_deinit_casecmp(void); - - #define ALGC(NAMES, FUNC, CHECK) { { NAMES, FIPS_DEFAULT_PROPERTIES, FUNC }, CHECK } - #define ALG(NAMES, FUNC) ALGC(NAMES, FUNC, NULL) -- - extern OSSL_FUNC_core_thread_start_fn *c_thread_start; - int FIPS_security_check_enabled(OSSL_LIB_CTX *libctx); - @@ -191,13 +190,13 @@ static int fips_get_params(void *provctx - &fips_prov_ossl_ctx_method); + OSSL_LIB_CTX_FIPS_PROV_INDEX); p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_NAME); - if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, "OpenSSL FIPS Provider")) @@ -58,8 +50,8 @@ diff -up openssl-3.0.1/providers/fips/fipsprov.c.fipsmin2 openssl-3.0.1/provider ALGC(PROV_NAMES_AES_256_CBC_HMAC_SHA256, ossl_aes256cbc_hmac_sha256_functions, ossl_cipher_capable_aes_cbc_hmac_sha256), #ifndef OPENSSL_NO_DES -- ALG(PROV_NAMES_DES_EDE3_ECB, ossl_tdes_ede3_ecb_functions), -- ALG(PROV_NAMES_DES_EDE3_CBC, ossl_tdes_ede3_cbc_functions), +- UNAPPROVED_ALG(PROV_NAMES_DES_EDE3_ECB, ossl_tdes_ede3_ecb_functions), +- UNAPPROVED_ALG(PROV_NAMES_DES_EDE3_CBC, ossl_tdes_ede3_cbc_functions), + /* We don't certify 3DES in our FIPS provider */ + /* ALG(PROV_NAMES_DES_EDE3_ECB, ossl_tdes_ede3_ecb_functions), + ALG(PROV_NAMES_DES_EDE3_CBC, ossl_tdes_ede3_cbc_functions), */ @@ -90,7 +82,7 @@ diff -up openssl-3.0.1/providers/fips/fipsprov.c.fipsmin2 openssl-3.0.1/provider #endif { PROV_NAMES_TLS1_PRF, FIPS_DEFAULT_PROPERTIES, ossl_kdf_tls1_prf_keyexch_functions }, -@@ -403,12 +406,14 @@ static const OSSL_ALGORITHM fips_keyexch +@@ -403,13 +406,14 @@ static const OSSL_ALGORITHM fips_keyexch static const OSSL_ALGORITHM fips_signature[] = { #ifndef OPENSSL_NO_DSA @@ -100,8 +92,9 @@ diff -up openssl-3.0.1/providers/fips/fipsprov.c.fipsmin2 openssl-3.0.1/provider #endif { PROV_NAMES_RSA, FIPS_DEFAULT_PROPERTIES, ossl_rsa_signature_functions }, #ifndef OPENSSL_NO_EC -- { PROV_NAMES_ED25519, FIPS_DEFAULT_PROPERTIES, ossl_ed25519_signature_functions }, -- { PROV_NAMES_ED448, FIPS_DEFAULT_PROPERTIES, ossl_ed448_signature_functions }, +- { PROV_NAMES_ED25519, FIPS_UNAPPROVED_PROPERTIES, +- ossl_ed25519_signature_functions }, +- { PROV_NAMES_ED448, FIPS_UNAPPROVED_PROPERTIES, ossl_ed448_signature_functions }, + /* We don't certify Edwards curves in our FIPS provider */ + /* { PROV_NAMES_ED25519, FIPS_DEFAULT_PROPERTIES, ossl_ed25519_signature_functions }, + { PROV_NAMES_ED448, FIPS_DEFAULT_PROPERTIES, ossl_ed448_signature_functions }, */ @@ -130,9 +123,9 @@ diff -up openssl-3.0.1/providers/fips/fipsprov.c.fipsmin2 openssl-3.0.1/provider PROV_DESCS_X25519 }, { PROV_NAMES_X448, FIPS_DEFAULT_PROPERTIES, ossl_x448_keymgmt_functions, PROV_DESCS_X448 }, - { PROV_NAMES_ED25519, FIPS_DEFAULT_PROPERTIES, ossl_ed25519_keymgmt_functions, + { PROV_NAMES_ED25519, FIPS_UNAPPROVED_PROPERTIES, ossl_ed25519_keymgmt_functions, PROV_DESCS_ED25519 }, - { PROV_NAMES_ED448, FIPS_DEFAULT_PROPERTIES, ossl_ed448_keymgmt_functions, + { PROV_NAMES_ED448, FIPS_UNAPPROVED_PROPERTIES, ossl_ed448_keymgmt_functions, - PROV_DESCS_ED448 }, + PROV_DESCS_ED448 }, */ #endif @@ -158,22 +151,6 @@ diff -up openssl-3.0.1/providers/fips/self_test_data.inc.fipsmin3 openssl-3.0.1/ /* AES-256 GCM test data */ static const unsigned char aes_256_gcm_key[] = { 0x92, 0xe1, 0x1d, 0xcd, 0xaa, 0x86, 0x6f, 0x5c, -@@ -235,6 +236,7 @@ static const unsigned char aes_128_ecb_c - }; - - static const ST_KAT_CIPHER st_kat_cipher_tests[] = { -+#if 0 - #ifndef OPENSSL_NO_DES - { - { -@@ -248,6 +250,7 @@ static const ST_KAT_CIPHER st_kat_cipher - ITM(des_ede3_cbc_iv), - }, - #endif -+#endif - { - { - OSSL_SELF_TEST_DESC_CIPHER_AES_GCM, @@ -1424,8 +1427,9 @@ static const ST_KAT_PARAM ecdsa_bin_key[ # endif /* OPENSSL_NO_EC2M */ #endif /* OPENSSL_NO_EC */ @@ -193,9 +170,9 @@ diff -up openssl-3.0.1/providers/fips/self_test_data.inc.fipsmin3 openssl-3.0.1/ - +#endif +#endif - static const ST_KAT_SIGN st_kat_sign_tests[] = { - { - OSSL_SELF_TEST_DESC_SIGN_RSA, + /* Hash DRBG inputs for signature KATs */ + static const unsigned char sig_kat_entropyin[] = { + 0x06, 0x6d, 0xc8, 0xce, 0x75, 0xb2, 0x89, 0x66, 0xa6, 0x85, 0x16, 0x3f, @@ -1583,6 +1587,7 @@ static const ST_KAT_SIGN st_kat_sign_tes }, # endif @@ -205,7 +182,7 @@ diff -up openssl-3.0.1/providers/fips/self_test_data.inc.fipsmin3 openssl-3.0.1/ { OSSL_SELF_TEST_DESC_SIGN_DSA, @@ -1595,6 +1600,7 @@ static const ST_KAT_SIGN st_kat_sign_tes - */ + ITM(dsa_expected_sig) }, #endif /* OPENSSL_NO_DSA */ +#endif @@ -401,8 +378,8 @@ diff -up openssl-3.0.1/test/recipes/30-test_evp.t.fipsmin3 openssl-3.0.1/test/re evpciph_aes_stitched.txt - evpciph_des3_common.txt evpkdf_hkdf.txt - evpkdf_pbkdf1.txt - evpkdf_pbkdf2.txt + evpkdf_kbkdf_counter.txt + evpkdf_kbkdf_kmac.txt @@ -66,12 +65,6 @@ push @files, qw( evppkey_dh.txt ) unless $no_dh; @@ -441,8 +418,8 @@ diff -up openssl-3.0.1/test/recipes/30-test_evp_data/evpmac_common.txt.fipsmin3 --- openssl-3.0.1/test/recipes/30-test_evp_data/evpmac_common.txt.fipsmin3 2022-05-05 14:46:32.721700697 +0200 +++ openssl-3.0.1/test/recipes/30-test_evp_data/evpmac_common.txt 2022-05-05 14:51:40.205418897 +0200 @@ -328,6 +328,7 @@ Input = 68F2E77696CE7AE8E2CA4EC588E54100 - Output = 00BDA1B7E87608BCBF470F12157F4C07 - + Input = 68F2E77696CE7AE8E2CA4EC588E541002E58495C08000F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D0007 + Result = MAC_INIT_ERROR +Availablein = default Title = KMAC Tests (From NIST) diff --git a/0047-FIPS-early-KATS.patch b/0047-FIPS-early-KATS.patch index ef2d081..3604e6f 100644 --- a/0047-FIPS-early-KATS.patch +++ b/0047-FIPS-early-KATS.patch @@ -34,6 +34,6 @@ diff -up openssl-3.0.1/providers/fips/self_test.c.earlykats openssl-3.0.1/provid - goto end; - } - } - ok = 1; - end: - OSSL_SELF_TEST_free(ev); + + /* Verify that the RNG has been restored properly */ + testrand = EVP_RAND_fetch(st->libctx, "TEST-RAND", NULL); diff --git a/0049-Allow-disabling-of-SHA1-signatures.patch b/0049-Allow-disabling-of-SHA1-signatures.patch index 7485b95..5594235 100644 --- a/0049-Allow-disabling-of-SHA1-signatures.patch +++ b/0049-Allow-disabling-of-SHA1-signatures.patch @@ -258,8 +258,8 @@ index 1291299b6e..e234341e6a 100644 +# define OSSL_LIB_CTX_LEGACY_DIGEST_SIGNATURES 19 +# define OSSL_LIB_CTX_MAX_INDEXES 20 - # define OSSL_LIB_CTX_METHOD_LOW_PRIORITY -1 - # define OSSL_LIB_CTX_METHOD_DEFAULT_PRIORITY 0 + OSSL_LIB_CTX *ossl_lib_ctx_get_concrete(OSSL_LIB_CTX *ctx); + int ossl_lib_ctx_is_default(OSSL_LIB_CTX *ctx); diff --git a/include/internal/sslconf.h b/include/internal/sslconf.h index fd7f7e3331..05464b0655 100644 --- a/include/internal/sslconf.h @@ -493,8 +493,8 @@ index 10b4e57d79..2d3c363bb0 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -5426,3 +5426,5 @@ ASN1_item_d2i_ex 5552 3_0_0 EXIST::FUNCTION: - OPENSSL_strncasecmp 5557 3_0_3 EXIST::FUNCTION: - OSSL_CMP_CTX_reset_geninfo_ITAVs 5558 3_0_8 EXIST::FUNCTION:CMP + BN_are_coprime 5564 3_1_0 EXIST::FUNCTION: + OSSL_CMP_MSG_update_recipNonce 5565 3_0_9 EXIST::FUNCTION:CMP ossl_safe_getenv ? 3_0_0 EXIST::FUNCTION: +ossl_ctx_legacy_digest_signatures_allowed ? 3_0_1 EXIST::FUNCTION: +ossl_ctx_legacy_digest_signatures_allowed_set ? 3_0_1 EXIST::FUNCTION: diff --git a/0056-strcasecmp.patch b/0056-strcasecmp.patch index da64805..73c5262 100644 --- a/0056-strcasecmp.patch +++ b/0056-strcasecmp.patch @@ -2,9 +2,9 @@ diff -up openssl-3.0.3/util/libcrypto.num.locale openssl-3.0.3/util/libcrypto.nu --- openssl-3.0.3/util/libcrypto.num.locale 2022-06-01 12:35:52.667498724 +0200 +++ openssl-3.0.3/util/libcrypto.num 2022-06-01 12:36:08.112633093 +0200 @@ -5425,6 +5425,8 @@ ASN1_item_d2i_ex - OPENSSL_strcasecmp 5556 3_0_3 EXIST::FUNCTION: - OPENSSL_strncasecmp 5557 3_0_3 EXIST::FUNCTION: - OSSL_CMP_CTX_reset_geninfo_ITAVs 5558 3_0_8 EXIST::FUNCTION:CMP + EVP_CIPHER_CTX_dup 5563 3_1_0 EXIST::FUNCTION: + BN_are_coprime 5564 3_1_0 EXIST::FUNCTION: + OSSL_CMP_MSG_update_recipNonce 5565 3_0_9 EXIST::FUNCTION:CMP +OPENSSL_strcasecmp ? 3_0_1 EXIST::FUNCTION: +OPENSSL_strncasecmp ? 3_0_1 EXIST::FUNCTION: ossl_safe_getenv ? 3_0_0 EXIST::FUNCTION: diff --git a/0062-fips-Expose-a-FIPS-indicator.patch b/0062-fips-Expose-a-FIPS-indicator.patch index d2e9b0a..f1ad59d 100644 --- a/0062-fips-Expose-a-FIPS-indicator.patch +++ b/0062-fips-Expose-a-FIPS-indicator.patch @@ -248,8 +248,8 @@ index de391ce067..1cfd71c5cf 100644 --- a/providers/fips/fipsprov.c +++ b/providers/fips/fipsprov.c @@ -23,6 +23,7 @@ - #include "prov/seeding.h" #include "self_test.h" + #include "crypto/context.h" #include "internal/core.h" +#include "indicator.h" diff --git a/0073-FIPS-Use-OAEP-in-KATs-support-fixed-OAEP-seed.patch b/0073-FIPS-Use-OAEP-in-KATs-support-fixed-OAEP-seed.patch index eeafbfa..85338b9 100644 --- a/0073-FIPS-Use-OAEP-in-KATs-support-fixed-OAEP-seed.patch +++ b/0073-FIPS-Use-OAEP-in-KATs-support-fixed-OAEP-seed.patch @@ -295,7 +295,7 @@ index 00cf65fcd6..83be3d8ede 100644 static void *rsa_newctx(void *provctx) @@ -190,12 +196,21 @@ static int rsa_encrypt(void *vprsactx, unsigned char *out, size_t *outlen, - return 0; + } } ret = - ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex(prsactx->libctx, tbuf, diff --git a/0074-FIPS-Use-digest_sign-digest_verify-in-self-test-eln.patch b/0074-FIPS-Use-digest_sign-digest_verify-in-self-test-eln.patch index 0b6a9fb..30d5465 100644 --- a/0074-FIPS-Use-digest_sign-digest_verify-in-self-test-eln.patch +++ b/0074-FIPS-Use-digest_sign-digest_verify-in-self-test-eln.patch @@ -231,7 +231,7 @@ diff --git a/providers/fips/self_test_kats.c b/providers/fips/self_test_kats.c index b6d5e8e134..77eec075e6 100644 --- a/providers/fips/self_test_kats.c +++ b/providers/fips/self_test_kats.c -@@ -444,11 +444,14 @@ static int self_test_sign(const ST_KAT_SIGN *t, +@@ -444,10 +444,13 @@ static int self_test_sign(const ST_KAT_SIGN *t, int ret = 0; OSSL_PARAM *params = NULL, *params_sig = NULL; OSSL_PARAM_BLD *bld = NULL; @@ -241,7 +241,6 @@ index b6d5e8e134..77eec075e6 100644 EVP_PKEY *pkey = NULL; - unsigned char sig[256]; BN_CTX *bnctx = NULL; - BIGNUM *K = NULL; + const char *msg = "Hello World!"; + unsigned char sig[256]; size_t siglen = sizeof(sig); diff --git a/0074-FIPS-Use-digest_sign-digest_verify-in-self-test.patch b/0074-FIPS-Use-digest_sign-digest_verify-in-self-test.patch index 807b3c4..9ba77e5 100644 --- a/0074-FIPS-Use-digest_sign-digest_verify-in-self-test.patch +++ b/0074-FIPS-Use-digest_sign-digest_verify-in-self-test.patch @@ -231,7 +231,7 @@ diff --git a/providers/fips/self_test_kats.c b/providers/fips/self_test_kats.c index b6d5e8e134..77eec075e6 100644 --- a/providers/fips/self_test_kats.c +++ b/providers/fips/self_test_kats.c -@@ -444,11 +444,14 @@ static int self_test_sign(const ST_KAT_SIGN *t, +@@ -444,10 +444,13 @@ static int self_test_sign(const ST_KAT_SIGN *t, int ret = 0; OSSL_PARAM *params = NULL, *params_sig = NULL; OSSL_PARAM_BLD *bld = NULL; @@ -241,7 +241,6 @@ index b6d5e8e134..77eec075e6 100644 EVP_PKEY *pkey = NULL; - unsigned char sig[256]; BN_CTX *bnctx = NULL; - BIGNUM *K = NULL; + const char *msg = "Hello World!"; + unsigned char sig[256]; size_t siglen = sizeof(sig); diff --git a/0076-FIPS-140-3-DRBG.patch b/0076-FIPS-140-3-DRBG.patch index 0d91598..6577995 100644 --- a/0076-FIPS-140-3-DRBG.patch +++ b/0076-FIPS-140-3-DRBG.patch @@ -9,7 +9,7 @@ diff -up openssl-3.0.1/providers/implementations/rands/seeding/rand_unix.c.fipsr +# include static uint64_t get_time_stamp(void); - static uint64_t get_timer_bits(void); + @@ -342,66 +342,8 @@ static ssize_t syscall_random(void *buf, * which is way below the OSSL_SSIZE_MAX limit. Therefore sign conversion * between size_t and ssize_t is safe even without a range check. diff --git a/0100-RSA-PKCS15-implicit-rejection.patch b/0100-RSA-PKCS15-implicit-rejection.patch index 40b8078..6821325 100644 --- a/0100-RSA-PKCS15-implicit-rejection.patch +++ b/0100-RSA-PKCS15-implicit-rejection.patch @@ -183,11 +183,11 @@ index 54e2a1c61ca..094a6632b66 100644 + } + } + - if (blinding) { - /* - * ossl_bn_rsa_do_unblind() combines blinding inversion and + if (blinding) + if (!rsa_blinding_invert(blinding, ret, unblind, ctx)) + goto err; @@ -471,9 +545,12 @@ static int rsa_ossl_private_decrypt(int flen, const unsigned char *from, - } + goto err; switch (padding) { - case RSA_PKCS1_PADDING: @@ -739,9 +739,9 @@ index e6c4758a33e..6e4a4f8539d 100644 #define OSSL_PKEY_PARAM_PUB_KEY "pub" #define OSSL_PKEY_PARAM_PRIV_KEY "priv" +#define OSSL_PKEY_PARAM_IMPLICIT_REJECTION "implicit-rejection" - #define OSSL_PKEY_PARAM_REDHAT_SIGN_KAT_K "rh_sign_kat_k" /* Diffie-Hellman/DSA Parameters */ + #define OSSL_PKEY_PARAM_FFC_P "p" @@ -482,6 +483,7 @@ extern "C" { #define OSSL_ASYM_CIPHER_PARAM_OAEP_LABEL "oaep-label" #define OSSL_ASYM_CIPHER_PARAM_TLS_CLIENT_VERSION "tls-client-version" diff --git a/openssl.spec b/openssl.spec index 8f6e53c..8af07cb 100644 --- a/openssl.spec +++ b/openssl.spec @@ -28,8 +28,8 @@ print(string.sub(hash, 0, 16)) Summary: Utilities from the general purpose cryptography library with TLS implementation Name: openssl -Version: 3.0.8 -Release: 2%{?dist} +Version: 3.1.1 +Release: 1%{?dist} Epoch: 1 Source: openssl-%{version}.tar.gz Source2: Makefile.certificate @@ -96,7 +96,8 @@ Patch49: 0049-Selectively-disallow-SHA1-signatures.patch Patch49: 0049-Allow-disabling-of-SHA1-signatures.patch %endif # Backport of patch for RHEL for Edge rhbz #2027261 -Patch51: 0051-Support-different-R_BITS-lengths-for-KBKDF.patch +# To be removed +# Patch51: 0051-Support-different-R_BITS-lengths-for-KBKDF.patch %if 0%{?rhel} # Allow SHA1 in seclevel 2 if rh-allow-sha1-signatures = yes Patch52: 0052-Allow-SHA1-in-seclevel-2-if-rh-allow-sha1-signatures.patch @@ -119,18 +120,22 @@ Patch56: 0056-strcasecmp.patch # https://bugzilla.redhat.com/show_bug.cgi?id=2053289 Patch58: 0058-FIPS-limit-rsa-encrypt.patch # https://bugzilla.redhat.com/show_bug.cgi?id=2069235 -Patch60: 0060-FIPS-KAT-signature-tests.patch +# This patch to be removed +# Tests for 384/521 curves TBD +# Patch60: 0060-FIPS-KAT-signature-tests.patch # https://bugzilla.redhat.com/show_bug.cgi?id=2087147 Patch61: 0061-Deny-SHA-1-signature-verification-in-FIPS-provider.patch Patch62: 0062-fips-Expose-a-FIPS-indicator.patch # https://github.com/openssl/openssl/commit/44a563dde1584cd9284e80b6e45ee5019be8d36c # https://github.com/openssl/openssl/commit/345c99b6654b8313c792d54f829943068911ddbd # Regression on Power8, see rhbz2124845, https://github.com/openssl/openssl/issues/19163; fix in 0079-Fix-AES-GCM-on-Power-8-CPUs.patch -Patch71: 0071-AES-GCM-performance-optimization.patch +# To be removed +# Patch71: 0071-AES-GCM-performance-optimization.patch # https://github.com/openssl/openssl/commit/f596bbe4da779b56eea34d96168b557d78e1149 # https://github.com/openssl/openssl/commit/7e1f3ffcc5bc15fb9a12b9e3bb202f544c6ed5aa # hunks in crypto/ppccap.c from https://github.com/openssl/openssl/commit/f5485b97b6c9977c0d39c7669b9f97a879312447 -Patch72: 0072-ChaCha20-performance-optimizations-for-ppc64le.patch +# To be removed +# Patch72: 0072-ChaCha20-performance-optimizations-for-ppc64le.patch # https://bugzilla.redhat.com/show_bug.cgi?id=2102535 Patch73: 0073-FIPS-Use-OAEP-in-KATs-support-fixed-OAEP-seed.patch # https://bugzilla.redhat.com/show_bug.cgi?id=2102535 @@ -149,7 +154,8 @@ Patch77: 0077-FIPS-140-3-zeroization.patch # https://bugzilla.redhat.com/show_bug.cgi?id=2114772 Patch78: 0078-Add-FIPS-indicator-parameter-to-HKDF.patch # https://bugzilla.redhat.com/show_bug.cgi?id=2124845, https://github.com/openssl/openssl/pull/19182 -Patch79: 0079-Fix-AES-GCM-on-Power-8-CPUs.patch +# To be removed +# Patch79: 0079-Fix-AES-GCM-on-Power-8-CPUs.patch # https://github.com/openssl/openssl/pull/13817 Patch100: 0100-RSA-PKCS15-implicit-rejection.patch @@ -483,6 +489,14 @@ install -m644 %{SOURCE9} \ %ldconfig_scriptlets libs %changelog +* Wed May 31 2023 Dmitry Belyavskiy - 1:3.0.9-1 +- Rebase to upstream version 3.1.1 + Resolves: CVE-2023-0464 + Resolves: CVE-2023-0465 + Resolves: CVE-2023-0466 + Resolves: CVE-2023-1255 + Resolves: CVE-2023-2650 + * Tue Mar 21 2023 Sahana Prasad - 1:3.0.8-2 - Upload new upstream sources without manually hobbling them. - Remove the hobbling script as it is redundant. It is now allowed to ship diff --git a/sources b/sources index 1c23723..b60869c 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (openssl-3.0.8.tar.gz) = 6c5651e1ed66a567238948b306aa9140c407a153da9c6afe14268c830748df252c955819fac4eb0759dae4dcbc9ec98f5cc2a4a90bb575747b1b040e104c7ffd +SHA512 (openssl-3.1.1.tar.gz) = 8ba9dd6ab87451e126c19cc106ccd1643ca48667d6c37504d0ab98205fbccf855fd0db54474b4113c4c3a15215a4ef77a039fb897a69f71bcab2054b2effd1d9 From 241eb6125f6ed5cd61efd433298fc992fea40c56 Mon Sep 17 00:00:00 2001 From: Dmitry Belyavskiy Date: Jun 08 2023 10:26:33 +0000 Subject: [PATCH 2/4] Enforcing FIPS - compilation fix --- diff --git a/0032-Force-fips.patch b/0032-Force-fips.patch index 07a56a8..47e5f26 100644 --- a/0032-Force-fips.patch +++ b/0032-Force-fips.patch @@ -18,15 +18,12 @@ diff -up openssl-3.0.1/crypto/provider_conf.c.fipsact openssl-3.0.1/crypto/provi if (ok) { if (!ossl_provider_activate(prov, 1, 0)) { -@@ -306,6 +317,19 @@ static int provider_conf_init(CONF_IMODU +@@ -306,6 +317,16 @@ static int provider_conf_init(CONF_IMODU return 0; } + if (ossl_get_kernel_fips_flag() != 0) { /* XXX from provider_conf_load */ + OSSL_LIB_CTX *libctx = NCONF_get0_libctx((CONF *)cnf); -+ PROVIDER_CONF_GLOBAL *pcgbl -+ = ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_PROVIDER_CONF_INDEX, -+ &provider_conf_ossl_ctx_method); + if (provider_conf_activate(libctx, "fips", NULL, NULL, 0, NULL) != 1) + return 0; + if (provider_conf_activate(libctx, "base", NULL, NULL, 0, NULL) != 1) From 5d2ef7b4199d1caad5f8765f60001e9eec4650d1 Mon Sep 17 00:00:00 2001 From: Dmitry Belyavskiy Date: Jun 08 2023 12:50:41 +0000 Subject: [PATCH 3/4] Temporary commenting out SHA1 Fedora dances, need to refactor --- diff --git a/0056-strcasecmp.patch b/0056-strcasecmp.patch index 73c5262..a2c8d6e 100644 --- a/0056-strcasecmp.patch +++ b/0056-strcasecmp.patch @@ -1,15 +1,13 @@ diff -up openssl-3.0.3/util/libcrypto.num.locale openssl-3.0.3/util/libcrypto.num --- openssl-3.0.3/util/libcrypto.num.locale 2022-06-01 12:35:52.667498724 +0200 +++ openssl-3.0.3/util/libcrypto.num 2022-06-01 12:36:08.112633093 +0200 -@@ -5425,6 +5425,8 @@ ASN1_item_d2i_ex +@@ -5425,4 +5425,6 @@ ASN1_item_d2i_ex EVP_CIPHER_CTX_dup 5563 3_1_0 EXIST::FUNCTION: BN_are_coprime 5564 3_1_0 EXIST::FUNCTION: OSSL_CMP_MSG_update_recipNonce 5565 3_0_9 EXIST::FUNCTION:CMP +OPENSSL_strcasecmp ? 3_0_1 EXIST::FUNCTION: +OPENSSL_strncasecmp ? 3_0_1 EXIST::FUNCTION: ossl_safe_getenv ? 3_0_0 EXIST::FUNCTION: - ossl_ctx_legacy_digest_signatures_allowed ? 3_0_1 EXIST::FUNCTION: - ossl_ctx_legacy_digest_signatures_allowed_set ? 3_0_1 EXIST::FUNCTION: diff -up openssl-3.0.7/crypto/o_str.c.cmp openssl-3.0.7/crypto/o_str.c --- openssl-3.0.7/crypto/o_str.c.cmp 2022-11-25 12:50:22.449760653 +0100 +++ openssl-3.0.7/crypto/o_str.c 2022-11-25 12:51:19.416350584 +0100 diff --git a/0074-FIPS-Use-digest_sign-digest_verify-in-self-test.patch b/0074-FIPS-Use-digest_sign-digest_verify-in-self-test.patch index 9ba77e5..b30a5a3 100644 --- a/0074-FIPS-Use-digest_sign-digest_verify-in-self-test.patch +++ b/0074-FIPS-Use-digest_sign-digest_verify-in-self-test.patch @@ -75,7 +75,7 @@ index db1a1d7bc3..c94c3c53bd 100644 } else { /* legacy engine support : remove the mark when this is deleted */ ctx->reqdigest = ctx->digest = EVP_get_digestbyname(mdname); -@@ -318,11 +326,13 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, +@@ -318,6 +326,7 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR); goto err; } @@ -83,20 +83,6 @@ index db1a1d7bc3..c94c3c53bd 100644 } (void)ERR_pop_to_mark(); } - } - -+#ifndef FIPS_MODULE - if (ctx->reqdigest != NULL - && !EVP_PKEY_is_a(locpctx->pkey, SN_hmac) - && !EVP_PKEY_is_a(locpctx->pkey, SN_tls1_prf) -@@ -334,6 +344,7 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, - } - } - } -+#endif /* !defined(FIPS_MODULE) */ - - if (ver) { - if (signature->digest_verify_init == NULL) { @@ -366,6 +377,7 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, EVP_KEYMGMT_free(tmp_keymgmt); return 0; diff --git a/openssl.spec b/openssl.spec index 8af07cb..76e72ed 100644 --- a/openssl.spec +++ b/openssl.spec @@ -93,7 +93,10 @@ Patch47: 0047-FIPS-early-KATS.patch Patch49: 0049-Selectively-disallow-SHA1-signatures.patch %else # Selectively disallow SHA1 signatures rhbz#2070977 -Patch49: 0049-Allow-disabling-of-SHA1-signatures.patch +#XXX add OSSL_LIB_CTX_LEGACY_DIGEST_SIGNATURES to ossl_lib_ctx_get_data +# To be reimplemented +# See also https://github.com/openssl/openssl/pull/17881 +#Patch49: 0049-Allow-disabling-of-SHA1-signatures.patch %endif # Backport of patch for RHEL for Edge rhbz #2027261 # To be removed @@ -102,14 +105,16 @@ Patch49: 0049-Allow-disabling-of-SHA1-signatures.patch # Allow SHA1 in seclevel 2 if rh-allow-sha1-signatures = yes Patch52: 0052-Allow-SHA1-in-seclevel-2-if-rh-allow-sha1-signatures.patch %else +# To be reimplemented # Support SHA1 in TLS in LEGACY crypto-policy (which is SECLEVEL=1) -Patch52: 0052-Allow-SHA1-in-seclevel-1-if-rh-allow-sha1-signatures.patch +# Patch52: 0052-Allow-SHA1-in-seclevel-1-if-rh-allow-sha1-signatures.patch %endif %if 0%{?rhel} # no USDT probe instrumentation required %else +# To be reimplemented # Instrument with USDT probes related to SHA-1 deprecation -Patch53: 0053-Add-SHA1-probes.patch +# Patch53: 0053-Add-SHA1-probes.patch %endif # https://github.com/openssl/openssl/pull/18103 # The patch is incorporated in 3.0.3 but we provide this function since 3.0.1 @@ -123,8 +128,9 @@ Patch58: 0058-FIPS-limit-rsa-encrypt.patch # This patch to be removed # Tests for 384/521 curves TBD # Patch60: 0060-FIPS-KAT-signature-tests.patch +# To be reimplemented # https://bugzilla.redhat.com/show_bug.cgi?id=2087147 -Patch61: 0061-Deny-SHA-1-signature-verification-in-FIPS-provider.patch +# Patch61: 0061-Deny-SHA-1-signature-verification-in-FIPS-provider.patch Patch62: 0062-fips-Expose-a-FIPS-indicator.patch # https://github.com/openssl/openssl/commit/44a563dde1584cd9284e80b6e45ee5019be8d36c # https://github.com/openssl/openssl/commit/345c99b6654b8313c792d54f829943068911ddbd @@ -336,7 +342,7 @@ export OPENSSL_ENABLE_SHA1_SIGNATURES OPENSSL_SYSTEM_CIPHERS_OVERRIDE=xyz_nonexistent_file export OPENSSL_SYSTEM_CIPHERS_OVERRIDE #embed HMAC into fips provider for test run -LD_LIBRARY_PATH=. apps/openssl dgst -binary -sha256 -mac HMAC -macopt hexkey:f4556650ac31d35461610bac4ed81b1a181b2d8a43ea2854cbae22ca74560813 < providers/fips.so > providers/fips.so.hmac +OPENSSL_CONF=/dev/null LD_LIBRARY_PATH=. apps/openssl dgst -binary -sha256 -mac HMAC -macopt hexkey:f4556650ac31d35461610bac4ed81b1a181b2d8a43ea2854cbae22ca74560813 < providers/fips.so > providers/fips.so.hmac objcopy --update-section .rodata1=providers/fips.so.hmac providers/fips.so providers/fips.so.mac mv providers/fips.so.mac providers/fips.so #run tests itself @@ -349,7 +355,7 @@ make test HARNESS_JOBS=8 %{?__debug_package:%{__debug_install_post}} \ %{__arch_install_post} \ %{__os_install_post} \ - LD_LIBRARY_PATH=. apps/openssl dgst -binary -sha256 -mac HMAC -macopt hexkey:f4556650ac31d35461610bac4ed81b1a181b2d8a43ea2854cbae22ca74560813 < $RPM_BUILD_ROOT%{_libdir}/ossl-modules/fips.so > $RPM_BUILD_ROOT%{_libdir}/ossl-modules/fips.so.hmac \ + OPENSSL_CONF=/dev/null LD_LIBRARY_PATH=. apps/openssl dgst -binary -sha256 -mac HMAC -macopt hexkey:f4556650ac31d35461610bac4ed81b1a181b2d8a43ea2854cbae22ca74560813 < $RPM_BUILD_ROOT%{_libdir}/ossl-modules/fips.so > $RPM_BUILD_ROOT%{_libdir}/ossl-modules/fips.so.hmac \ objcopy --update-section .rodata1=$RPM_BUILD_ROOT%{_libdir}/ossl-modules/fips.so.hmac $RPM_BUILD_ROOT%{_libdir}/ossl-modules/fips.so $RPM_BUILD_ROOT%{_libdir}/ossl-modules/fips.so.mac \ mv $RPM_BUILD_ROOT%{_libdir}/ossl-modules/fips.so.mac $RPM_BUILD_ROOT%{_libdir}/ossl-modules/fips.so \ rm $RPM_BUILD_ROOT%{_libdir}/ossl-modules/fips.so.hmac \ From 2f0c01bf9fa7094787feb2bc6b02e8ffd2199b35 Mon Sep 17 00:00:00 2001 From: Dmitry Belyavskiy Date: Jun 08 2023 13:55:21 +0000 Subject: [PATCH 4/4] Making tests pass --- diff --git a/0045-FIPS-services-minimize.patch b/0045-FIPS-services-minimize.patch index 2791eb5..6e667b8 100644 --- a/0045-FIPS-services-minimize.patch +++ b/0045-FIPS-services-minimize.patch @@ -372,14 +372,17 @@ diff -up openssl-3.0.1/test/recipes/80-test_cms.t.fipsmin3 openssl-3.0.1/test/re diff -up openssl-3.0.1/test/recipes/30-test_evp.t.fipsmin3 openssl-3.0.1/test/recipes/30-test_evp.t --- openssl-3.0.1/test/recipes/30-test_evp.t.fipsmin3 2022-05-05 14:43:04.276857033 +0200 +++ openssl-3.0.1/test/recipes/30-test_evp.t 2022-05-05 14:43:35.975138234 +0200 -@@ -43,7 +43,6 @@ my @files = qw( +@@ -43,10 +43,8 @@ my @files = qw( evpciph_aes_cts.txt evpciph_aes_wrap.txt evpciph_aes_stitched.txt - evpciph_des3_common.txt evpkdf_hkdf.txt evpkdf_kbkdf_counter.txt - evpkdf_kbkdf_kmac.txt +- evpkdf_kbkdf_kmac.txt + evpkdf_pbkdf1.txt + evpkdf_pbkdf2.txt + evpkdf_ss.txt @@ -66,12 +65,6 @@ push @files, qw( evppkey_dh.txt ) unless $no_dh; @@ -393,11 +396,12 @@ diff -up openssl-3.0.1/test/recipes/30-test_evp.t.fipsmin3 openssl-3.0.1/test/re evppkey_ecc.txt evppkey_ecdh.txt evppkey_ecdsa.txt -@@ -91,6 +84,7 @@ my @defltfiles = qw( +@@ -91,6 +84,8 @@ my @defltfiles = qw( evpciph_cast5.txt evpciph_chacha.txt evpciph_des.txt + evpciph_des3_common.txt ++ evpkdf_kbkdf_kmac.txt evpciph_idea.txt evpciph_rc2.txt evpciph_rc4.txt