diff --git a/openssl-1.0.0d-cavs.patch b/openssl-1.0.0d-cavs.patch new file mode 100644 index 0000000..eed8559 --- /dev/null +++ b/openssl-1.0.0d-cavs.patch @@ -0,0 +1,232 @@ +diff -up openssl-1.0.0d/crypto/dsa/dsa_gen.c.cavs openssl-1.0.0d/crypto/dsa/dsa_gen.c +--- openssl-1.0.0d/crypto/dsa/dsa_gen.c.cavs 2011-05-23 19:59:56.000000000 +0200 ++++ openssl-1.0.0d/crypto/dsa/dsa_gen.c 2011-05-23 22:32:45.000000000 +0200 +@@ -85,6 +85,14 @@ + #endif + #include "dsa_locl.h" + ++#ifndef OPENSSL_FIPS ++static int FIPS_dsa_generate_pq(BN_CTX *ctx, size_t bits, size_t qbits, ++ const EVP_MD *evpmd, unsigned char *seed, int seed_len, ++ BIGNUM **p_ret, BIGNUM **q_ret, int *counter_ret, BN_GENCB *cb); ++static int FIPS_dsa_generate_g(BN_CTX *ctx, BIGNUM *p, BIGNUM *q, ++ BIGNUM **g_ret, unsigned long *h_ret, BN_GENCB *cb); ++#endif ++ + int DSA_generate_parameters_ex(DSA *ret, int bits, + const unsigned char *seed_in, int seed_len, + int *counter_ret, unsigned long *h_ret, BN_GENCB *cb) +@@ -113,22 +121,26 @@ int DSA_generate_parameters_ex(DSA *ret, + } + } + ++#ifdef OPENSSL_FIPS ++int FIPS_dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits, ++ const EVP_MD *evpmd, const unsigned char *seed_in, size_t seed_len, ++ int *counter_ret, unsigned long *h_ret, BN_GENCB *cb) ++ { ++ return dsa_builtin_paramgen(ret, bits, qbits, ++ evpmd, seed_in, seed_len, ++ counter_ret, h_ret, cb); ++ } ++#endif ++ + int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits, + const EVP_MD *evpmd, const unsigned char *seed_in, size_t seed_len, + int *counter_ret, unsigned long *h_ret, BN_GENCB *cb) + { + int ok=0; + unsigned char seed[SHA256_DIGEST_LENGTH]; +- unsigned char md[SHA256_DIGEST_LENGTH]; +- unsigned char buf[SHA256_DIGEST_LENGTH]; +- BIGNUM *r0,*W,*X,*c,*test; + BIGNUM *g=NULL,*q=NULL,*p=NULL; +- BN_MONT_CTX *mont=NULL; +- int i, k, b, n=0, m=0, qsize = qbits >> 3; +- int counter=0; +- int r=0; ++ size_t qsize = qbits >> 3; + BN_CTX *ctx=NULL; +- unsigned int h=2; + + #ifdef OPENSSL_FIPS + if(FIPS_selftest_failed()) +@@ -148,6 +160,65 @@ int dsa_builtin_paramgen(DSA *ret, size_ + goto err; + } + #endif ++ if (seed_len && (seed_len < (size_t)qsize)) ++ seed_in = NULL; /* seed buffer too small -- ignore */ ++ if (seed_len > sizeof(seed)) ++ seed_len = sizeof(seed); /* App. 2.2 of FIPS PUB 186 allows larger SEED, ++ * but our internal buffers are restricted to 256 bits*/ ++ if (seed_in != NULL) ++ memcpy(seed, seed_in, seed_len); ++ else ++ seed_len = 0; ++ ++ if ((ctx=BN_CTX_new()) == NULL) ++ goto err; ++ ++ BN_CTX_start(ctx); ++ ++ if (!FIPS_dsa_generate_pq(ctx, bits, qbits, evpmd, ++ seed, seed_len, &p, &q, counter_ret, cb)) ++ goto err; ++ ++ if (!FIPS_dsa_generate_g(ctx, p, q, &g, h_ret, cb)) ++ goto err; ++ ++ ok=1; ++err: ++ if (ok) ++ { ++ if(ret->p) BN_free(ret->p); ++ if(ret->q) BN_free(ret->q); ++ if(ret->g) BN_free(ret->g); ++ ret->p=BN_dup(p); ++ ret->q=BN_dup(q); ++ ret->g=BN_dup(g); ++ if (ret->p == NULL || ret->q == NULL || ret->g == NULL) ++ ok=0; ++ } ++ if(ctx) ++ { ++ BN_CTX_end(ctx); ++ BN_CTX_free(ctx); ++ } ++ return ok; ++ } ++ ++#ifndef OPENSSL_FIPS ++static ++#endif ++int FIPS_dsa_generate_pq(BN_CTX *ctx, size_t bits, size_t qbits, ++ const EVP_MD *evpmd, unsigned char *seed, int seed_len, ++ BIGNUM **p_ret, BIGNUM **q_ret, int *counter_ret, BN_GENCB *cb) ++ { ++ int ok=0; ++ unsigned char md[SHA256_DIGEST_LENGTH]; ++ unsigned char buf[SHA256_DIGEST_LENGTH]; ++ BIGNUM *r0,*W,*X,*c,*test; ++ BIGNUM *g=NULL,*q=NULL,*p=NULL; ++ BN_MONT_CTX *mont=NULL; ++ int i, k, b, n=0, m=0, qsize = qbits >> 3; ++ int counter=0; ++ int r=0; + + if (qsize != SHA_DIGEST_LENGTH && qsize != SHA224_DIGEST_LENGTH && + qsize != SHA256_DIGEST_LENGTH) +@@ -169,28 +240,12 @@ int dsa_builtin_paramgen(DSA *ret, size_ + + bits = (bits+63)/64*64; + +- if (seed_len && (seed_len < (size_t)qsize)) +- seed_in = NULL; /* seed buffer too small -- ignore */ +- if (seed_len > (size_t)qsize) +- seed_len = qsize; /* App. 2.2 of FIPS PUB 186 allows larger SEED, +- * but our internal buffers are restricted to 256 bits*/ +- if (seed_in != NULL) +- memcpy(seed, seed_in, seed_len); +- +- if ((ctx=BN_CTX_new()) == NULL) +- goto err; +- +- if ((mont=BN_MONT_CTX_new()) == NULL) +- goto err; +- +- BN_CTX_start(ctx); + r0 = BN_CTX_get(ctx); +- g = BN_CTX_get(ctx); + W = BN_CTX_get(ctx); +- q = BN_CTX_get(ctx); ++ *q_ret = q = BN_CTX_get(ctx); + X = BN_CTX_get(ctx); + c = BN_CTX_get(ctx); +- p = BN_CTX_get(ctx); ++ *p_ret = p = BN_CTX_get(ctx); + test = BN_CTX_get(ctx); + + if (!BN_lshift(test,BN_value_one(),bits-1)) +@@ -312,7 +367,33 @@ end: + if(!BN_GENCB_call(cb, 2, 1)) + goto err; + +- /* We now need to generate g */ ++ ok=1; ++err: ++ if (ok) ++ { ++ if (counter_ret != NULL) *counter_ret=counter; ++ } ++ return ok; ++ } ++ ++#ifndef OPENSSL_FIPS ++static ++#endif ++int FIPS_dsa_generate_g(BN_CTX *ctx, BIGNUM *p, BIGNUM *q, ++ BIGNUM **g_ret, unsigned long *h_ret, BN_GENCB *cb) ++ { ++ int ok=0; ++ BIGNUM *r0, *test, *g = NULL; ++ BN_MONT_CTX *mont; ++ unsigned int h=2; ++ ++ if ((mont=BN_MONT_CTX_new()) == NULL) ++ goto err; ++ ++ r0 = BN_CTX_get(ctx); ++ *g_ret = g = BN_CTX_get(ctx); ++ test = BN_CTX_get(ctx); ++ + /* Set r0=(p-1)/q */ + if (!BN_sub(test,p,BN_value_one())) goto err; + if (!BN_div(r0,NULL,test,q,ctx)) goto err; +@@ -336,25 +417,8 @@ end: + err: + if (ok) + { +- if(ret->p) BN_free(ret->p); +- if(ret->q) BN_free(ret->q); +- if(ret->g) BN_free(ret->g); +- ret->p=BN_dup(p); +- ret->q=BN_dup(q); +- ret->g=BN_dup(g); +- if (ret->p == NULL || ret->q == NULL || ret->g == NULL) +- { +- ok=0; +- goto err; +- } +- if (counter_ret != NULL) *counter_ret=counter; + if (h_ret != NULL) *h_ret=h; + } +- if(ctx) +- { +- BN_CTX_end(ctx); +- BN_CTX_free(ctx); +- } + if (mont != NULL) BN_MONT_CTX_free(mont); + return ok; + } +diff -up openssl-1.0.0d/crypto/dsa/dsa.h.cavs openssl-1.0.0d/crypto/dsa/dsa.h +--- openssl-1.0.0d/crypto/dsa/dsa.h.cavs 2011-05-23 19:59:56.000000000 +0200 ++++ openssl-1.0.0d/crypto/dsa/dsa.h 2011-05-23 22:33:33.000000000 +0200 +@@ -266,6 +266,17 @@ int DSA_print_fp(FILE *bp, const DSA *x, + DH *DSA_dup_DH(const DSA *r); + #endif + ++#ifdef OPENSSL_FIPS ++int FIPS_dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits, ++ const EVP_MD *evpmd, const unsigned char *seed_in, size_t seed_len, ++ int *counter_ret, unsigned long *h_ret, BN_GENCB *cb); ++int FIPS_dsa_generate_pq(BN_CTX *ctx, size_t bits, size_t qbits, ++ const EVP_MD *evpmd, unsigned char *seed, int seed_len, ++ BIGNUM **p_ret, BIGNUM **q_ret, int *counter_ret, BN_GENCB *cb); ++int FIPS_dsa_generate_g(BN_CTX *ctx, BIGNUM *p, BIGNUM *q, ++ BIGNUM **g_ret, unsigned long *h_ret, BN_GENCB *cb); ++#endif ++ + #define EVP_PKEY_CTX_set_dsa_paramgen_bits(ctx, nbits) \ + EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN, \ + EVP_PKEY_CTRL_DSA_PARAMGEN_BITS, nbits, NULL) diff --git a/openssl.spec b/openssl.spec index 2f66dbe..15605df 100644 --- a/openssl.spec +++ b/openssl.spec @@ -21,7 +21,7 @@ Summary: A general purpose cryptography library with TLS implementation Name: openssl Version: 1.0.0d -Release: 3%{?dist} +Release: 4%{?dist} # We remove certain patented algorithms from the openssl source tarball # with the hobble-openssl script which is included below. Source: openssl-%{version}-usa.tar.bz2 @@ -70,8 +70,9 @@ Patch57: openssl-1.0.0c-fips186-3.patch Patch58: openssl-1.0.0c-fips-md5-allow.patch Patch59: openssl-1.0.0c-pkcs12-fips-default.patch Patch60: openssl-1.0.0d-apps-dgst.patch +Patch61: openssl-1.0.0d-cavs.patch # Backported fixes including security fixes -Patch61: openssl-1.0.0d-padlock64.patch +Patch81: openssl-1.0.0d-padlock64.patch License: OpenSSL Group: System Environment/Libraries @@ -161,7 +162,8 @@ from other formats to the formats used by the OpenSSL toolkit. %patch58 -p1 -b .md5-allow %patch59 -p1 -b .fips-default %patch60 -p1 -b .dgst -%patch61 -p1 -b .padlock64 +%patch61 -p1 -b .cavs +%patch81 -p1 -b .padlock64 # Modify the various perl scripts to reference perl in the right location. perl util/perlpath.pl `dirname %{__perl}` @@ -411,6 +413,9 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/fipscanister.* %postun -p /sbin/ldconfig %changelog +* Tue May 24 2011 Tomas Mraz 1.0.0d-4 +- add API necessary for CAVS testing of the new DSA parameter generation + * Thu Apr 28 2011 Tomas Mraz 1.0.0d-3 - add support for VIA Padlock on 64bit arch from upstream (#617539) - do not return bogus values from load_certs (#652286)