|
|
e4b8d1 |
diff -up openssl-1.1.1/crypto/x509/x509_vfy.c.seclevel openssl-1.1.1/crypto/x509/x509_vfy.c
|
|
|
e4b8d1 |
--- openssl-1.1.1/crypto/x509/x509_vfy.c.seclevel 2018-09-11 14:48:22.000000000 +0200
|
|
|
e4b8d1 |
+++ openssl-1.1.1/crypto/x509/x509_vfy.c 2018-10-01 14:34:43.083145020 +0200
|
|
|
e4b8d1 |
@@ -3220,6 +3220,7 @@ static int build_chain(X509_STORE_CTX *c
|
|
|
e4b8d1 |
}
|
|
|
e4b8d1 |
|
|
|
e4b8d1 |
static const int minbits_table[] = { 80, 112, 128, 192, 256 };
|
|
|
e4b8d1 |
+static const int minbits_digest_table[] = { 80, 80, 128, 192, 256 };
|
|
|
e4b8d1 |
static const int NUM_AUTH_LEVELS = OSSL_NELEM(minbits_table);
|
|
|
e4b8d1 |
|
|
|
e4b8d1 |
/*
|
|
|
e4b8d1 |
@@ -3264,6 +3265,8 @@ static int check_sig_level(X509_STORE_CT
|
|
|
e4b8d1 |
|
|
|
e4b8d1 |
if (!X509_get_signature_info(cert, NULL, NULL, &secbits, NULL))
|
|
|
e4b8d1 |
return 0;
|
|
|
e4b8d1 |
-
|
|
|
e4b8d1 |
- return secbits >= minbits_table[level - 1];
|
|
|
e4b8d1 |
+ /* Allow SHA1 in SECLEVEL 2 in non-FIPS mode */
|
|
|
e4b8d1 |
+ if (FIPS_mode())
|
|
|
e4b8d1 |
+ return secbits >= minbits_table[level - 1];
|
|
|
e4b8d1 |
+ return secbits >= minbits_digest_table[level - 1];
|
|
|
e4b8d1 |
}
|
|
|
e4b8d1 |
diff -up openssl-1.1.1/doc/man3/SSL_CTX_set_security_level.pod.seclevel openssl-1.1.1/doc/man3/SSL_CTX_set_security_level.pod
|
|
|
e4b8d1 |
--- openssl-1.1.1/doc/man3/SSL_CTX_set_security_level.pod.seclevel 2018-09-11 14:48:22.000000000 +0200
|
|
|
e4b8d1 |
+++ openssl-1.1.1/doc/man3/SSL_CTX_set_security_level.pod 2018-10-01 14:34:43.083145020 +0200
|
|
|
e4b8d1 |
@@ -81,8 +81,10 @@ using MD5 for the MAC is also prohibited
|
|
|
e4b8d1 |
|
|
|
e4b8d1 |
=item B<Level 2>
|
|
|
e4b8d1 |
|
|
|
e4b8d1 |
-Security level set to 112 bits of security. As a result RSA, DSA and DH keys
|
|
|
e4b8d1 |
-shorter than 2048 bits and ECC keys shorter than 224 bits are prohibited.
|
|
|
e4b8d1 |
+Security level set to 112 bits of security with the exception of SHA1 allowed
|
|
|
e4b8d1 |
+for signatures.
|
|
|
e4b8d1 |
+As a result RSA, DSA and DH keys shorter than 2048 bits and ECC keys
|
|
|
e4b8d1 |
+shorter than 224 bits are prohibited.
|
|
|
e4b8d1 |
In addition to the level 1 exclusions any cipher suite using RC4 is also
|
|
|
e4b8d1 |
prohibited. SSL version 3 is also not allowed. Compression is disabled.
|
|
|
e4b8d1 |
|
|
|
e4b8d1 |
diff -up openssl-1.1.1/ssl/ssl_cert.c.seclevel openssl-1.1.1/ssl/ssl_cert.c
|
|
|
e4b8d1 |
--- openssl-1.1.1/ssl/ssl_cert.c.seclevel 2018-09-11 14:48:23.000000000 +0200
|
|
|
e4b8d1 |
+++ openssl-1.1.1/ssl/ssl_cert.c 2018-10-12 14:22:38.561931080 +0200
|
|
|
e4b8d1 |
@@ -951,8 +951,8 @@ static int ssl_security_default_callback
|
|
|
e4b8d1 |
if (level >= 2 && c->algorithm_enc == SSL_RC4)
|
|
|
e4b8d1 |
return 0;
|
|
|
e4b8d1 |
/* Level 3: forward secure ciphersuites only */
|
|
|
e4b8d1 |
- if (level >= 3 && (c->min_tls != TLS1_3_VERSION ||
|
|
|
e4b8d1 |
- !(c->algorithm_mkey & (SSL_kEDH | SSL_kEECDH))))
|
|
|
e4b8d1 |
+ if (level >= 3 && c->min_tls != TLS1_3_VERSION &&
|
|
|
e4b8d1 |
+ !(c->algorithm_mkey & (SSL_kEDH | SSL_kEECDH)))
|
|
|
e4b8d1 |
return 0;
|
|
|
e4b8d1 |
break;
|
|
|
e4b8d1 |
}
|
|
|
e4b8d1 |
@@ -983,6 +983,9 @@ static int ssl_security_default_callback
|
|
|
e4b8d1 |
return 0;
|
|
|
e4b8d1 |
break;
|
|
|
e4b8d1 |
default:
|
|
|
e4b8d1 |
+ /* allow SHA1 in SECLEVEL 2 in non FIPS mode */
|
|
|
e4b8d1 |
+ if (nid == NID_sha1 && minbits == 112 && !FIPS_mode())
|
|
|
e4b8d1 |
+ break;
|
|
|
e4b8d1 |
if (bits < minbits)
|
|
|
e4b8d1 |
return 0;
|
|
|
e4b8d1 |
}
|
|
|
e4b8d1 |
diff -up openssl-1.1.1/test/recipes/25-test_verify.t.seclevel openssl-1.1.1/test/recipes/25-test_verify.t
|
|
|
e4b8d1 |
--- openssl-1.1.1/test/recipes/25-test_verify.t.seclevel 2018-09-11 14:48:24.000000000 +0200
|
|
|
e4b8d1 |
+++ openssl-1.1.1/test/recipes/25-test_verify.t 2018-10-01 14:34:43.084145044 +0200
|
|
|
e4b8d1 |
@@ -342,8 +342,8 @@ ok(verify("ee-pss-sha1-cert", "sslserver
|
|
|
e4b8d1 |
ok(verify("ee-pss-sha256-cert", "sslserver", ["root-cert"], ["ca-cert"], ),
|
|
|
e4b8d1 |
"CA with PSS signature using SHA256");
|
|
|
e4b8d1 |
|
|
|
e4b8d1 |
-ok(!verify("ee-pss-sha1-cert", "sslserver", ["root-cert"], ["ca-cert"], "-auth_level", "2"),
|
|
|
e4b8d1 |
- "Reject PSS signature using SHA1 and auth level 2");
|
|
|
e4b8d1 |
+ok(!verify("ee-pss-sha1-cert", "sslserver", ["root-cert"], ["ca-cert"], "-auth_level", "3"),
|
|
|
e4b8d1 |
+ "Reject PSS signature using SHA1 and auth level 3");
|
|
|
e4b8d1 |
|
|
|
e4b8d1 |
ok(verify("ee-pss-sha256-cert", "sslserver", ["root-cert"], ["ca-cert"], "-auth_level", "2"),
|
|
|
e4b8d1 |
"PSS signature using SHA256 and auth level 2");
|
|
|
e4b8d1 |
diff -up openssl-1.1.1/test/recipes/80-test_ssl_new.t.seclevel openssl-1.1.1/test/recipes/80-test_ssl_new.t
|
|
|
e4b8d1 |
--- openssl-1.1.1/test/recipes/80-test_ssl_new.t.seclevel 2018-09-11 14:48:25.000000000 +0200
|
|
|
e4b8d1 |
+++ openssl-1.1.1/test/recipes/80-test_ssl_new.t 2018-10-15 10:45:16.178992425 +0200
|
|
|
e4b8d1 |
@@ -28,7 +28,7 @@ map { s/\^// } @conf_files if $^O eq "VM
|
|
|
e4b8d1 |
|
|
|
e4b8d1 |
# We hard-code the number of tests to double-check that the globbing above
|
|
|
e4b8d1 |
# finds all files as expected.
|
|
|
e4b8d1 |
-plan tests => 27; # = scalar @conf_srcs
|
|
|
e4b8d1 |
+plan tests => 28; # = scalar @conf_srcs
|
|
|
e4b8d1 |
|
|
|
e4b8d1 |
# Some test results depend on the configuration of enabled protocols. We only
|
|
|
e4b8d1 |
# verify generated sources in the default configuration.
|
|
|
e4b8d1 |
diff -up openssl-1.1.1/test/ssl-tests/28-seclevel.conf.in.seclevel openssl-1.1.1/test/ssl-tests/28-seclevel.conf.in
|
|
|
e4b8d1 |
--- openssl-1.1.1/test/ssl-tests/28-seclevel.conf.in.seclevel 2018-10-15 10:44:02.119198865 +0200
|
|
|
e4b8d1 |
+++ openssl-1.1.1/test/ssl-tests/28-seclevel.conf.in 2018-10-15 10:34:37.014517257 +0200
|
|
|
e4b8d1 |
@@ -0,0 +1,48 @@
|
|
|
e4b8d1 |
+# -*- mode: perl; -*-
|
|
|
e4b8d1 |
+# Copyright 2016-2016 The OpenSSL Project Authors. All Rights Reserved.
|
|
|
e4b8d1 |
+#
|
|
|
e4b8d1 |
+# Licensed under the OpenSSL license (the "License"). You may not use
|
|
|
e4b8d1 |
+# this file except in compliance with the License. You can obtain a copy
|
|
|
e4b8d1 |
+# in the file LICENSE in the source distribution or at
|
|
|
e4b8d1 |
+# https://www.openssl.org/source/license.html
|
|
|
e4b8d1 |
+
|
|
|
e4b8d1 |
+
|
|
|
e4b8d1 |
+## SSL test configurations
|
|
|
e4b8d1 |
+
|
|
|
e4b8d1 |
+package ssltests;
|
|
|
e4b8d1 |
+
|
|
|
e4b8d1 |
+our @tests = (
|
|
|
e4b8d1 |
+ {
|
|
|
e4b8d1 |
+ name => "SECLEVEL 3 with default key",
|
|
|
e4b8d1 |
+ server => { "CipherString" => "DEFAULT:\@SECLEVEL=3" },
|
|
|
e4b8d1 |
+ client => { },
|
|
|
e4b8d1 |
+ test => { "ExpectedResult" => "ServerFail" },
|
|
|
e4b8d1 |
+ },
|
|
|
e4b8d1 |
+ {
|
|
|
e4b8d1 |
+ name => "SECLEVEL 3 with ED448 key",
|
|
|
e4b8d1 |
+ server => { "CipherString" => "DEFAULT:\@SECLEVEL=3",
|
|
|
e4b8d1 |
+ "Certificate" => test_pem("server-ed448-cert.pem"),
|
|
|
e4b8d1 |
+ "PrivateKey" => test_pem("server-ed448-key.pem") },
|
|
|
e4b8d1 |
+ client => { },
|
|
|
e4b8d1 |
+ test => { "ExpectedResult" => "Success" },
|
|
|
e4b8d1 |
+ },
|
|
|
e4b8d1 |
+ {
|
|
|
e4b8d1 |
+ name => "SECLEVEL 3 with ED448 key, TLSv1.2",
|
|
|
e4b8d1 |
+ server => { "CipherString" => "DEFAULT:\@SECLEVEL=3",
|
|
|
e4b8d1 |
+ "Certificate" => test_pem("server-ed448-cert.pem"),
|
|
|
e4b8d1 |
+ "PrivateKey" => test_pem("server-ed448-key.pem"),
|
|
|
e4b8d1 |
+ "MaxProtocol" => "TLSv1.2" },
|
|
|
e4b8d1 |
+ client => { },
|
|
|
e4b8d1 |
+ test => { "ExpectedResult" => "Success" },
|
|
|
e4b8d1 |
+ },
|
|
|
e4b8d1 |
+ {
|
|
|
e4b8d1 |
+ name => "SECLEVEL 3 with P-384 key, X25519 ECDHE",
|
|
|
e4b8d1 |
+ server => { "CipherString" => "DEFAULT:\@SECLEVEL=3",
|
|
|
e4b8d1 |
+ "Certificate" => test_pem("p384-server-cert.pem"),
|
|
|
e4b8d1 |
+ "PrivateKey" => test_pem("p384-server-key.pem"),
|
|
|
e4b8d1 |
+ "Groups" => "X25519" },
|
|
|
e4b8d1 |
+ client => { "CipherString" => "ECDHE:\@SECLEVEL=3",
|
|
|
e4b8d1 |
+ "VerifyCAFile" => test_pem("p384-root.pem") },
|
|
|
e4b8d1 |
+ test => { "ExpectedResult" => "Success" },
|
|
|
e4b8d1 |
+ },
|
|
|
e4b8d1 |
+);
|
|
|
e4b8d1 |
diff -up openssl-1.1.1/test/ssl-tests/28-seclevel.conf.seclevel openssl-1.1.1/test/ssl-tests/28-seclevel.conf
|
|
|
e4b8d1 |
--- openssl-1.1.1/test/ssl-tests/28-seclevel.conf.seclevel 2018-10-15 10:43:53.424988302 +0200
|
|
|
e4b8d1 |
+++ openssl-1.1.1/test/ssl-tests/28-seclevel.conf 2018-10-15 10:34:46.350742591 +0200
|
|
|
e4b8d1 |
@@ -0,0 +1,102 @@
|
|
|
e4b8d1 |
+# Generated with generate_ssl_tests.pl
|
|
|
e4b8d1 |
+
|
|
|
e4b8d1 |
+num_tests = 4
|
|
|
e4b8d1 |
+
|
|
|
e4b8d1 |
+test-0 = 0-SECLEVEL 3 with default key
|
|
|
e4b8d1 |
+test-1 = 1-SECLEVEL 3 with ED448 key
|
|
|
e4b8d1 |
+test-2 = 2-SECLEVEL 3 with ED448 key, TLSv1.2
|
|
|
e4b8d1 |
+test-3 = 3-SECLEVEL 3 with P-384 key, X25519 ECDHE
|
|
|
e4b8d1 |
+# ===========================================================
|
|
|
e4b8d1 |
+
|
|
|
e4b8d1 |
+[0-SECLEVEL 3 with default key]
|
|
|
e4b8d1 |
+ssl_conf = 0-SECLEVEL 3 with default key-ssl
|
|
|
e4b8d1 |
+
|
|
|
e4b8d1 |
+[0-SECLEVEL 3 with default key-ssl]
|
|
|
e4b8d1 |
+server = 0-SECLEVEL 3 with default key-server
|
|
|
e4b8d1 |
+client = 0-SECLEVEL 3 with default key-client
|
|
|
e4b8d1 |
+
|
|
|
e4b8d1 |
+[0-SECLEVEL 3 with default key-server]
|
|
|
e4b8d1 |
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
|
|
e4b8d1 |
+CipherString = DEFAULT:@SECLEVEL=3
|
|
|
e4b8d1 |
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
|
|
e4b8d1 |
+
|
|
|
e4b8d1 |
+[0-SECLEVEL 3 with default key-client]
|
|
|
e4b8d1 |
+CipherString = DEFAULT
|
|
|
e4b8d1 |
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
|
|
e4b8d1 |
+VerifyMode = Peer
|
|
|
e4b8d1 |
+
|
|
|
e4b8d1 |
+[test-0]
|
|
|
e4b8d1 |
+ExpectedResult = ServerFail
|
|
|
e4b8d1 |
+
|
|
|
e4b8d1 |
+
|
|
|
e4b8d1 |
+# ===========================================================
|
|
|
e4b8d1 |
+
|
|
|
e4b8d1 |
+[1-SECLEVEL 3 with ED448 key]
|
|
|
e4b8d1 |
+ssl_conf = 1-SECLEVEL 3 with ED448 key-ssl
|
|
|
e4b8d1 |
+
|
|
|
e4b8d1 |
+[1-SECLEVEL 3 with ED448 key-ssl]
|
|
|
e4b8d1 |
+server = 1-SECLEVEL 3 with ED448 key-server
|
|
|
e4b8d1 |
+client = 1-SECLEVEL 3 with ED448 key-client
|
|
|
e4b8d1 |
+
|
|
|
e4b8d1 |
+[1-SECLEVEL 3 with ED448 key-server]
|
|
|
e4b8d1 |
+Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
|
|
|
e4b8d1 |
+CipherString = DEFAULT:@SECLEVEL=3
|
|
|
e4b8d1 |
+PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
|
|
|
e4b8d1 |
+
|
|
|
e4b8d1 |
+[1-SECLEVEL 3 with ED448 key-client]
|
|
|
e4b8d1 |
+CipherString = DEFAULT
|
|
|
e4b8d1 |
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
|
|
e4b8d1 |
+VerifyMode = Peer
|
|
|
e4b8d1 |
+
|
|
|
e4b8d1 |
+[test-1]
|
|
|
e4b8d1 |
+ExpectedResult = Success
|
|
|
e4b8d1 |
+
|
|
|
e4b8d1 |
+
|
|
|
e4b8d1 |
+# ===========================================================
|
|
|
e4b8d1 |
+
|
|
|
e4b8d1 |
+[2-SECLEVEL 3 with ED448 key, TLSv1.2]
|
|
|
e4b8d1 |
+ssl_conf = 2-SECLEVEL 3 with ED448 key, TLSv1.2-ssl
|
|
|
e4b8d1 |
+
|
|
|
e4b8d1 |
+[2-SECLEVEL 3 with ED448 key, TLSv1.2-ssl]
|
|
|
e4b8d1 |
+server = 2-SECLEVEL 3 with ED448 key, TLSv1.2-server
|
|
|
e4b8d1 |
+client = 2-SECLEVEL 3 with ED448 key, TLSv1.2-client
|
|
|
e4b8d1 |
+
|
|
|
e4b8d1 |
+[2-SECLEVEL 3 with ED448 key, TLSv1.2-server]
|
|
|
e4b8d1 |
+Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
|
|
|
e4b8d1 |
+CipherString = DEFAULT:@SECLEVEL=3
|
|
|
e4b8d1 |
+MaxProtocol = TLSv1.2
|
|
|
e4b8d1 |
+PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
|
|
|
e4b8d1 |
+
|
|
|
e4b8d1 |
+[2-SECLEVEL 3 with ED448 key, TLSv1.2-client]
|
|
|
e4b8d1 |
+CipherString = DEFAULT
|
|
|
e4b8d1 |
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
|
|
e4b8d1 |
+VerifyMode = Peer
|
|
|
e4b8d1 |
+
|
|
|
e4b8d1 |
+[test-2]
|
|
|
e4b8d1 |
+ExpectedResult = Success
|
|
|
e4b8d1 |
+
|
|
|
e4b8d1 |
+
|
|
|
e4b8d1 |
+# ===========================================================
|
|
|
e4b8d1 |
+
|
|
|
e4b8d1 |
+[3-SECLEVEL 3 with P-384 key, X25519 ECDHE]
|
|
|
e4b8d1 |
+ssl_conf = 3-SECLEVEL 3 with P-384 key, X25519 ECDHE-ssl
|
|
|
e4b8d1 |
+
|
|
|
e4b8d1 |
+[3-SECLEVEL 3 with P-384 key, X25519 ECDHE-ssl]
|
|
|
e4b8d1 |
+server = 3-SECLEVEL 3 with P-384 key, X25519 ECDHE-server
|
|
|
e4b8d1 |
+client = 3-SECLEVEL 3 with P-384 key, X25519 ECDHE-client
|
|
|
e4b8d1 |
+
|
|
|
e4b8d1 |
+[3-SECLEVEL 3 with P-384 key, X25519 ECDHE-server]
|
|
|
e4b8d1 |
+Certificate = ${ENV::TEST_CERTS_DIR}/p384-server-cert.pem
|
|
|
e4b8d1 |
+CipherString = DEFAULT:@SECLEVEL=3
|
|
|
e4b8d1 |
+Groups = X25519
|
|
|
e4b8d1 |
+PrivateKey = ${ENV::TEST_CERTS_DIR}/p384-server-key.pem
|
|
|
e4b8d1 |
+
|
|
|
e4b8d1 |
+[3-SECLEVEL 3 with P-384 key, X25519 ECDHE-client]
|
|
|
e4b8d1 |
+CipherString = ECDHE:@SECLEVEL=3
|
|
|
e4b8d1 |
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/p384-root.pem
|
|
|
e4b8d1 |
+VerifyMode = Peer
|
|
|
e4b8d1 |
+
|
|
|
e4b8d1 |
+[test-3]
|
|
|
e4b8d1 |
+ExpectedResult = Success
|
|
|
e4b8d1 |
+
|
|
|
e4b8d1 |
+
|