From 6ed7c92f3085dbbd9d653b3d275ba6affae024d4 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Dec 07 2021 18:44:58 +0000 Subject: import openssl-3.0.0-4.el9 --- diff --git a/.openssl.metadata b/.openssl.metadata index 8796d04..b5f3eda 100644 --- a/.openssl.metadata +++ b/.openssl.metadata @@ -1 +1 @@ -cf283f0e3bdfd2c7480797583c78efe4cabf600e SOURCES/openssl-3.0.0-hobbled.tar.xz +68bab87c3606ad903a4b74e2cd79bf3bb30fd6b3 SOURCES/openssl-3.0.0-hobbled.tar.xz diff --git a/SOURCES/0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch b/SOURCES/0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch index 9ad572d..a32c9e8 100644 --- a/SOURCES/0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch +++ b/SOURCES/0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch @@ -309,7 +309,7 @@ diff -up openssl-3.0.0-beta1/Configure.sys-default openssl-3.0.0-beta1/Configure +# # --banner=".." Output specified text instead of default completion banner # - # --cross-compile-prefix Add specified prefix to binutils components. + # -w Don't wait after showing a Configure warning @@ -385,6 +389,7 @@ $config{prefix}=""; $config{openssldir}=""; $config{processor}=""; diff --git a/SOURCES/0009-Add-Kernel-FIPS-mode-flag-support.patch b/SOURCES/0009-Add-Kernel-FIPS-mode-flag-support.patch new file mode 100644 index 0000000..73bd7f9 --- /dev/null +++ b/SOURCES/0009-Add-Kernel-FIPS-mode-flag-support.patch @@ -0,0 +1,71 @@ +diff -up openssl-3.0.0-alpha13/crypto/context.c.kernel-fips openssl-3.0.0-alpha13/crypto/context.c +--- openssl-3.0.0-alpha13/crypto/context.c.kernel-fips 2021-03-16 00:09:55.814826432 +0100 ++++ openssl-3.0.0-alpha13/crypto/context.c 2021-03-16 00:15:55.129043811 +0100 +@@ -12,11 +12,46 @@ + #include "internal/bio.h" + #include "internal/provider.h" + ++# include ++# include ++# include ++# include ++# include ++ + struct ossl_lib_ctx_onfree_list_st { + ossl_lib_ctx_onfree_fn *fn; + struct ossl_lib_ctx_onfree_list_st *next; + }; + ++# define FIPS_MODE_SWITCH_FILE "/proc/sys/crypto/fips_enabled" ++ ++static int kernel_fips_flag; ++ ++static void read_kernel_fips_flag(void) ++{ ++ char buf[2] = "0"; ++ int fd; ++ ++ if (ossl_safe_getenv("OPENSSL_FORCE_FIPS_MODE") != NULL) { ++ buf[0] = '1'; ++ } else if ((fd = open(FIPS_MODE_SWITCH_FILE, O_RDONLY)) >= 0) { ++ while (read(fd, buf, sizeof(buf)) < 0 && errno == EINTR) ; ++ close(fd); ++ } ++ ++ if (buf[0] == '1') { ++ kernel_fips_flag = 1; ++ } ++ ++ return; ++} ++ ++int ossl_get_kernel_fips_flag() ++{ ++ return kernel_fips_flag; ++} ++ ++ + struct ossl_lib_ctx_st { + CRYPTO_RWLOCK *lock; + CRYPTO_EX_DATA data; +@@ -121,6 +170,7 @@ static CRYPTO_THREAD_LOCAL default_conte + + DEFINE_RUN_ONCE_STATIC(default_context_do_init) + { ++ read_kernel_fips_flag(); + return CRYPTO_THREAD_init_local(&default_context_thread_local, NULL) + && context_init(&default_context_int); + } +diff -up openssl-3.0.0/include/internal/provider.h.embed-fips openssl-3.0.0/include/internal/provider.h +--- openssl-3.0.0/include/internal/provider.h.embed-fips 2021-11-12 12:18:36.215333452 +0100 ++++ openssl-3.0.0/include/internal/provider.h 2021-11-12 12:22:41.298409269 +0100 +@@ -109,6 +109,9 @@ int ossl_provider_init_as_child(OSSL_LIB + const OSSL_CORE_HANDLE *handle, + const OSSL_DISPATCH *in); + ++/* FIPS flag access */ ++int ossl_get_kernel_fips_flag(void); ++ + # ifdef __cplusplus + } + # endif diff --git a/SOURCES/0020-sigalgs-fix-alerts.patch b/SOURCES/0020-sigalgs-fix-alerts.patch deleted file mode 100644 index b1d571a..0000000 --- a/SOURCES/0020-sigalgs-fix-alerts.patch +++ /dev/null @@ -1,22 +0,0 @@ -diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c -index 3579202c22..134c948bcb 100644 ---- a/ssl/t1_lib.c -+++ b/ssl/t1_lib.c -@@ -3302,7 +3302,7 @@ int tls_choose_sigalg(SSL *s, int fatalerrs) - if ((lu = tls1_get_legacy_sigalg(s, -1)) == NULL) { - if (!fatalerrs) - return 1; -- SSLfatal(s, SSL_AD_INTERNAL_ERROR, -+ SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, - SSL_R_NO_SUITABLE_SIGNATURE_ALGORITHM); - return 0; - } -@@ -3317,7 +3317,7 @@ int tls_choose_sigalg(SSL *s, int fatalerrs) - if (i == sent_sigslen) { - if (!fatalerrs) - return 1; -- SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, -+ SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, - SSL_R_WRONG_SIGNATURE_TYPE); - return 0; - } diff --git a/SOURCES/0021-fix-core-dump-req.patch b/SOURCES/0021-fix-core-dump-req.patch deleted file mode 100644 index e4cf377..0000000 --- a/SOURCES/0021-fix-core-dump-req.patch +++ /dev/null @@ -1,38 +0,0 @@ -diff -up openssl-3.0.0-beta2/apps/req.c.req-segfault openssl-3.0.0-beta2/apps/req.c ---- openssl-3.0.0-beta2/apps/req.c.req-segfault 2021-08-10 16:24:58.784384336 +0200 -+++ openssl-3.0.0-beta2/apps/req.c 2021-08-10 16:26:38.347688172 +0200 -@@ -996,8 +996,8 @@ int req_main(int argc, char **argv) - if (EVP_PKEY_is_a(tpubkey, "RSA")) { - BIGNUM *n = NULL; - -- /* Every RSA key has an 'n' */ -- EVP_PKEY_get_bn_param(pkey, "n", &n); -+ if (!EVP_PKEY_get_bn_param(tpubkey, "n", &n)) -+ goto end; - BN_print(out, n); - BN_free(n); - } else { -diff -up openssl-3.0.0-beta2/test/recipes/25-test_req.t.req-segfault openssl-3.0.0-beta2/test/recipes/25-test_req.t ---- openssl-3.0.0-beta2/test/recipes/25-test_req.t.req-segfault 2021-08-10 16:26:53.305884053 +0200 -+++ openssl-3.0.0-beta2/test/recipes/25-test_req.t 2021-08-10 16:28:33.674221058 +0200 -@@ -78,7 +78,7 @@ subtest "generating alt certificate requ - - - subtest "generating certificate requests with RSA" => sub { -- plan tests => 7; -+ plan tests => 8; - - SKIP: { - skip "RSA is not supported by this OpenSSL build", 2 -@@ -105,6 +105,11 @@ subtest "generating certificate requests - - ok(run(app(["openssl", "req", - "-config", srctop_file("test", "test.cnf"), -+ "-modulus", "-in", "testreq-rsa.pem", "-noout"])), -+ "Printing a modulus of the request key"); -+ -+ ok(run(app(["openssl", "req", -+ "-config", srctop_file("test", "test.cnf"), - "-new", "-out", "testreq_withattrs_pem.pem", "-utf8", - "-key", srctop_file("test", "testrsa_withattrs.pem")])), - "Generating request from a key with extra attributes - PEM"); diff --git a/SOURCES/0022-fix-openssl-req-password.patch b/SOURCES/0022-fix-openssl-req-password.patch deleted file mode 100644 index 077b4c5..0000000 --- a/SOURCES/0022-fix-openssl-req-password.patch +++ /dev/null @@ -1,33 +0,0 @@ -diff -up openssl-3.0.0-beta2/apps/req.c.req-password openssl-3.0.0-beta2/apps/req.c ---- openssl-3.0.0-beta2/apps/req.c.req-password 2021-08-10 16:31:04.726233653 +0200 -+++ openssl-3.0.0-beta2/apps/req.c 2021-08-10 16:31:58.286947297 +0200 -@@ -686,7 +686,7 @@ int req_main(int argc, char **argv) - EVP_PKEY_CTX_free(genctx); - genctx = NULL; - } -- if (keyout == NULL) { -+ if (keyout == NULL && keyfile == NULL) { - keyout = NCONF_get_string(req_conf, section, KEYFILE); - if (keyout == NULL) - ERR_clear_error(); -diff -up openssl-3.0.0-beta2/doc/man1/openssl-req.pod.in.req-password openssl-3.0.0-beta2/doc/man1/openssl-req.pod.in ---- openssl-3.0.0-beta2/doc/man1/openssl-req.pod.in.req-password 2021-08-10 16:32:21.863261416 +0200 -+++ openssl-3.0.0-beta2/doc/man1/openssl-req.pod.in 2021-08-10 16:33:19.173025012 +0200 -@@ -205,11 +205,12 @@ See L for det - =item B<-keyout> I - - This gives the filename to write any private key to that has been newly created --or read from B<-key>. --If the B<-keyout> option is not given the filename specified in the --configuration file with the B option is used, if present. --If a new key is generated and no filename is specified --the key is written to standard output. -+or read from B<-key>. If neither the B<-keyout> option nor the B<-key> option -+are given then the filename specified in the configuration file with the -+B option is used, if present. Thus, if you want to write the -+private key and the B<-key> option is provided, you should provide the -+B<-keyout> option explicitly. If a new key is generated and no filename is -+specified the key is written to standard output. - - =item B<-noenc> - diff --git a/SOURCES/0023-cms-stdin.patch b/SOURCES/0023-cms-stdin.patch deleted file mode 100644 index 0c18c12..0000000 --- a/SOURCES/0023-cms-stdin.patch +++ /dev/null @@ -1,38 +0,0 @@ -diff -up openssl-3.0.0-beta2/apps/cms.c.cms-stdin openssl-3.0.0-beta2/apps/cms.c ---- openssl-3.0.0-beta2/apps/cms.c.cms-stdin 2021-08-10 16:20:07.787573587 +0200 -+++ openssl-3.0.0-beta2/apps/cms.c 2021-08-10 16:23:08.500940124 +0200 -@@ -278,6 +278,8 @@ static void warn_binary(const char *file - unsigned char linebuf[1024], *cur, *end; - int len; - -+ if (file == NULL) -+ return; /* cannot give a warning for stdin input */ - if ((bio = bio_open_default(file, 'r', FORMAT_BINARY)) == NULL) - return; /* cannot give a proper warning since there is an error */ - while ((len = BIO_read(bio, linebuf, sizeof(linebuf))) > 0) { -@@ -482,13 +484,9 @@ int cms_main(int argc, char **argv) - rr_allorfirst = 1; - break; - case OPT_RCTFORM: -- if (rctformat == FORMAT_ASN1) { -- if (!opt_format(opt_arg(), -- OPT_FMT_PEMDER | OPT_FMT_SMIME, &rctformat)) -- goto opthelp; -- } else { -- rcms = load_content_info(rctformat, rctin, 0, NULL, "recipient"); -- } -+ if (!opt_format(opt_arg(), -+ OPT_FMT_PEMDER | OPT_FMT_SMIME, &rctformat)) -+ goto opthelp; - break; - case OPT_CERTFILE: - certfile = opt_arg(); -@@ -954,7 +952,7 @@ int cms_main(int argc, char **argv) - goto end; - } - -- rcms = load_content_info(rctformat, rctin, 0, NULL, "recipient"); -+ rcms = load_content_info(rctformat, rctin, 0, NULL, "receipt"); - if (rcms == NULL) - goto end; - } diff --git a/SOURCES/0024-load-legacy-prov.patch b/SOURCES/0024-load-legacy-prov.patch index be0b354..c7d2958 100644 --- a/SOURCES/0024-load-legacy-prov.patch +++ b/SOURCES/0024-load-legacy-prov.patch @@ -1,7 +1,7 @@ -diff -up openssl-3.0.0-beta2/apps/openssl.cnf.legacy-prov openssl-3.0.0-beta2/apps/openssl.cnf ---- openssl-3.0.0-beta2/apps/openssl.cnf.legacy-prov 2021-08-16 14:02:48.029645419 +0200 -+++ openssl-3.0.0-beta2/apps/openssl.cnf 2021-08-16 14:14:48.006409467 +0200 -@@ -43,28 +43,29 @@ tsa_policy1 = 1.2.3.4.1 +diff -up openssl-3.0.0/apps/openssl.cnf.legacy-prov openssl-3.0.0/apps/openssl.cnf +--- openssl-3.0.0/apps/openssl.cnf.legacy-prov 2021-09-09 12:06:40.895793297 +0200 ++++ openssl-3.0.0/apps/openssl.cnf 2021-09-09 12:12:33.947482500 +0200 +@@ -42,36 +42,29 @@ tsa_policy1 = 1.2.3.4.1 tsa_policy2 = 1.2.3.4.5.6 tsa_policy3 = 1.2.3.4.5.7 @@ -19,6 +19,11 @@ diff -up openssl-3.0.0-beta2/apps/openssl.cnf.legacy-prov openssl-3.0.0-beta2/ap ssl_conf = ssl_module -# List of providers to load +-[provider_sect] +-default = default_sect +-# The fips section name should match the section name inside the +-# included fipsmodule.cnf. +-# fips = fips_sect +# Uncomment the sections that start with ## below to enable the legacy provider. +# Loading the legacy provider enables support for the following algorithms: +# Hashing Algorithms / Message Digests: MD2, MD4, MDC2, WHIRLPOOL, RIPEMD160 @@ -27,30 +32,33 @@ diff -up openssl-3.0.0-beta2/apps/openssl.cnf.legacy-prov openssl-3.0.0-beta2/ap +# In general it is not recommended to use the above mentioned algorithms for +# security critical operations, as they are cryptographically weak or vulnerable +# to side-channel attacks and as such have been deprecated. -+ - [provider_sect] --default = default_sect --# The fips section name should match the section name inside the --# included fipsmodule.cnf. --# fips = fips_sect -- + +-# If no providers are activated explicitly, the default one is activated implicitly. +-# See man 7 OSSL_PROVIDER-default for more details. +-# +-# If you add a section explicitly activating any other provider(s), you most +-# probably need to explicitly activate the default provider, otherwise it +-# becomes unavailable in openssl. As a consequence applications depending on +-# OpenSSL may not work correctly which could lead to significant system +-# problems including inability to remotely access the system. -[default_sect] -# activate = 1 -+##default = default_sect ++[provider_sect] ++default = default_sect +##legacy = legacy_sect +## -+##[default_sect] -+##activate = 1 -+## ++[default_sect] ++activate = 1 ++ +##[legacy_sect] +##activate = 1 [ ssl_module ] -diff -up openssl-3.0.0-beta2/doc/man5/config.pod.legacy-prov openssl-3.0.0-beta2/doc/man5/config.pod ---- openssl-3.0.0-beta2/doc/man5/config.pod.legacy-prov 2021-08-16 14:12:35.021606001 +0200 -+++ openssl-3.0.0-beta2/doc/man5/config.pod 2021-08-16 14:14:47.077396867 +0200 -@@ -269,6 +269,14 @@ significant. +diff -up openssl-3.0.0/doc/man5/config.pod.legacy-prov openssl-3.0.0/doc/man5/config.pod +--- openssl-3.0.0/doc/man5/config.pod.legacy-prov 2021-09-09 12:09:38.079040853 +0200 ++++ openssl-3.0.0/doc/man5/config.pod 2021-09-09 12:11:56.646224876 +0200 +@@ -273,6 +273,14 @@ significant. All parameters in the section as well as sub-sections are made available to the provider. @@ -62,6 +70,6 @@ diff -up openssl-3.0.0-beta2/doc/man5/config.pod.legacy-prov openssl-3.0.0-beta2 +security critical operations, as they are cryptographically weak or vulnerable +to side-channel attacks and as such have been deprecated. + - =head2 EVP Configuration + =head3 Default provider and its activation - The name B in the initialization section names the section + If no providers are activated explicitly, the default one is activated implicitly. diff --git a/SOURCES/0025-cms-stdin2.patch b/SOURCES/0025-cms-stdin2.patch deleted file mode 100644 index 6a76025..0000000 --- a/SOURCES/0025-cms-stdin2.patch +++ /dev/null @@ -1,70 +0,0 @@ -From 9bdf6bb619543248c1bee1d8207b455c1ee40ab6 Mon Sep 17 00:00:00 2001 -From: Dmitry Belyavskiy -Date: Fri, 20 Aug 2021 16:45:15 +0200 -Subject: [PATCH] Get rid of warn_binary - -Current implementation of warn_binary introduces a regression -when the content is passed in /dev/stdin as an explicit file name -and reads the file to be processed twice otherwise. - -I suggest to reimplement this functionality after 3.0 if necessary. - -Fixes #16359 ---- - apps/cms.c | 29 ----------------------------- - 1 file changed, 29 deletions(-) - -diff --git a/apps/cms.c b/apps/cms.c -index c22027e3b198..b30273f1710d 100644 ---- a/apps/cms.c -+++ b/apps/cms.c -@@ -272,31 +272,6 @@ static CMS_ContentInfo *load_content_info(int informat, BIO *in, int flags, - return NULL; - } - --static void warn_binary(const char *file) --{ -- BIO *bio; -- unsigned char linebuf[1024], *cur, *end; -- int len; -- -- if (file == NULL) -- return; /* cannot give a warning for stdin input */ -- if ((bio = bio_open_default(file, 'r', FORMAT_BINARY)) == NULL) -- return; /* cannot give a proper warning since there is an error */ -- while ((len = BIO_read(bio, linebuf, sizeof(linebuf))) > 0) { -- end = linebuf + len; -- for (cur = linebuf; cur < end; cur++) { -- if (*cur == '\0' || *cur >= 0x80) { -- BIO_printf(bio_err, "Warning: input file '%s' contains %s" -- " character; better use -binary option\n", -- file, *cur == '\0' ? "NUL" : "8-bit"); -- goto end; -- } -- } -- } -- end: -- BIO_free(bio); --} -- - int cms_main(int argc, char **argv) - { - CONF *conf = NULL; -@@ -911,8 +886,6 @@ int cms_main(int argc, char **argv) - goto end; - } - -- if ((flags & CMS_BINARY) == 0) -- warn_binary(infile); - in = bio_open_default(infile, 'r', - binary_files ? FORMAT_BINARY : informat); - if (in == NULL) -@@ -924,8 +897,6 @@ int cms_main(int argc, char **argv) - goto end; - if (contfile != NULL) { - BIO_free(indata); -- if ((flags & CMS_BINARY) == 0) -- warn_binary(contfile); - if ((indata = BIO_new_file(contfile, "rb")) == NULL) { - BIO_printf(bio_err, "Can't read content file %s\n", contfile); - goto end; diff --git a/SOURCES/0025-for-tests.patch b/SOURCES/0025-for-tests.patch new file mode 100644 index 0000000..aef200b --- /dev/null +++ b/SOURCES/0025-for-tests.patch @@ -0,0 +1,18 @@ +diff -up openssl-3.0.0/apps/openssl.cnf.xxx openssl-3.0.0/apps/openssl.cnf +--- openssl-3.0.0/apps/openssl.cnf.xxx 2021-11-23 16:29:50.618691603 +0100 ++++ openssl-3.0.0/apps/openssl.cnf 2021-11-23 16:28:16.872882099 +0100 +@@ -55,11 +55,11 @@ providers = provider_sect + # to side-channel attacks and as such have been deprecated. + + [provider_sect] +-default = default_sect ++##default = default_sect + ##legacy = legacy_sect + ## +-[default_sect] +-activate = 1 ++##[default_sect] ++##activate = 1 + + ##[legacy_sect] + ##activate = 1 diff --git a/SOURCES/0030-tmp-Fix-rng-seed-double-free.patch b/SOURCES/0030-tmp-Fix-rng-seed-double-free.patch new file mode 100644 index 0000000..35658eb --- /dev/null +++ b/SOURCES/0030-tmp-Fix-rng-seed-double-free.patch @@ -0,0 +1,18 @@ +diff --git a/providers/implementations/rands/seed_src.c b/providers/implementations/rands/seed_src.c +index 173c99ce1732..7a4b780bb469 100644 +--- a/providers/implementations/rands/seed_src.c ++++ b/providers/implementations/rands/seed_src.c +@@ -201,10 +201,11 @@ static size_t seed_get_seed(void *vseed, unsigned char **pout, + ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + return 0; + } +- *pout = p; + if (seed_src_generate(vseed, p, bytes_needed, 0, prediction_resistance, +- adin, adin_len) != 0) ++ adin, adin_len) != 0) { ++ *pout = p; + return bytes_needed; ++ } + OPENSSL_secure_clear_free(p, bytes_needed); + return 0; + } diff --git a/SOURCES/0031-tmp-Fix-test-names.patch b/SOURCES/0031-tmp-Fix-test-names.patch new file mode 100644 index 0000000..5c22f24 --- /dev/null +++ b/SOURCES/0031-tmp-Fix-test-names.patch @@ -0,0 +1,40 @@ +diff -up openssl-3.0.0/test/recipes/90-test_sslapi.t.beldmit openssl-3.0.0/test/recipes/90-test_sslapi.t +--- openssl-3.0.0/test/recipes/90-test_sslapi.t.beldmit 2021-09-22 11:56:49.452507975 +0200 ++++ openssl-3.0.0/test/recipes/90-test_sslapi.t 2021-09-22 11:57:19.371764742 +0200 +@@ -40,7 +40,7 @@ unless ($no_fips) { + srctop_file("test", "recipes", "90-test_sslapi_data", + "passwd.txt"), $tmpfilename, "fips", + srctop_file("test", "fips-and-base.cnf")])), +- "running sslapitest"); ++ "running sslapitest - FIPS"); + } + + unlink $tmpfilename; +diff --git a/test/sslapitest.c b/test/sslapitest.c +index e95d2657f46c..7af0eab3fce0 100644 +--- a/test/sslapitest.c ++++ b/test/sslapitest.c +@@ -1158,6 +1158,11 @@ static int execute_test_ktls(int cis_ktls, int sis_ktls, + goto end; + } + ++ if (is_fips && strstr(cipher, "CHACHA") != NULL) { ++ testresult = TEST_skip("CHACHA is not supported in FIPS"); ++ goto end; ++ } ++ + /* Create a session based on SHA-256 */ + if (!TEST_true(create_ssl_ctx_pair(libctx, TLS_server_method(), + TLS_client_method(), +@@ -1292,6 +1297,11 @@ static int execute_test_ktls_sendfile(int tls_version, const char *cipher) + goto end; + } + ++ if (is_fips && strstr(cipher, "CHACHA") != NULL) { ++ testresult = TEST_skip("CHACHA is not supported in FIPS"); ++ goto end; ++ } ++ + /* Create a session based on SHA-256 */ + if (!TEST_true(create_ssl_ctx_pair(libctx, TLS_server_method(), + TLS_client_method(), diff --git a/SOURCES/0032-Force-fips.patch b/SOURCES/0032-Force-fips.patch new file mode 100644 index 0000000..84687e4 --- /dev/null +++ b/SOURCES/0032-Force-fips.patch @@ -0,0 +1,155 @@ +diff -up openssl-3.0.0/crypto/provider_conf.c.fips-force openssl-3.0.0/crypto/provider_conf.c +--- openssl-3.0.0/crypto/provider_conf.c.fips-force 2021-11-12 14:21:01.878339467 +0100 ++++ openssl-3.0.0/crypto/provider_conf.c 2021-11-12 16:13:19.301542866 +0100 +@@ -136,13 +136,73 @@ static int prov_already_activated(const + return 0; + } + ++static int provider_conf_activate(OSSL_LIB_CTX *libctx, PROVIDER_CONF_GLOBAL *pcgbl, ++ const char *name, const char *value, const char *path, ++ int soft, const CONF *cnf) ++{ ++ int ok = 0; ++ OSSL_PROVIDER *prov = NULL, *actual = NULL; ++ ++ if (!CRYPTO_THREAD_write_lock(pcgbl->lock)) { ++ ERR_raise(ERR_LIB_CRYPTO, ERR_R_INTERNAL_ERROR); ++ return 0; ++ } ++ if (!prov_already_activated(name, pcgbl->activated_providers)) { ++ /* ++ * There is an attempt to activate a provider, so we should disable ++ * loading of fallbacks. Otherwise a misconfiguration could mean the ++ * intended provider does not get loaded. Subsequent fetches could ++ * then fallback to the default provider - which may be the wrong ++ * thing. ++ */ ++ if (!ossl_provider_disable_fallback_loading(libctx)) { ++ CRYPTO_THREAD_unlock(pcgbl->lock); ++ ERR_raise(ERR_LIB_CRYPTO, ERR_R_INTERNAL_ERROR); ++ return 0; ++ } ++ prov = ossl_provider_find(libctx, name, 1); ++ if (prov == NULL) ++ prov = ossl_provider_new(libctx, name, NULL, 1); ++ if (prov == NULL) { ++ CRYPTO_THREAD_unlock(pcgbl->lock); ++ if (soft) ++ ERR_clear_error(); ++ return 0; ++ } ++ ++ if (path != NULL) ++ ossl_provider_set_module_path(prov, path); ++ ++ ok = cnf ? provider_conf_params(prov, NULL, NULL, value, cnf) : 1; ++ ++ if (ok) { ++ if (!ossl_provider_activate(prov, 1, 0)) { ++ ok = 0; ++ } else if (!ossl_provider_add_to_store(prov, &actual, 0)) { ++ ossl_provider_deactivate(prov); ++ ok = 0; ++ } else { ++ if (pcgbl->activated_providers == NULL) ++ pcgbl->activated_providers = sk_OSSL_PROVIDER_new_null(); ++ sk_OSSL_PROVIDER_push(pcgbl->activated_providers, actual); ++ ok = 1; ++ } ++ } ++ if (!ok) ++ ossl_provider_free(prov); ++ } ++ CRYPTO_THREAD_unlock(pcgbl->lock); ++ return ok; ++} ++ ++ ++ + static int provider_conf_load(OSSL_LIB_CTX *libctx, const char *name, + const char *value, const CONF *cnf) + { + int i; + STACK_OF(CONF_VALUE) *ecmds; + int soft = 0; +- OSSL_PROVIDER *prov = NULL, *actual = NULL; + const char *path = NULL; + long activate = 0; + int ok = 0; +@@ -185,55 +245,7 @@ static int provider_conf_load(OSSL_LIB_C + } + + if (activate) { +- if (!CRYPTO_THREAD_write_lock(pcgbl->lock)) { +- ERR_raise(ERR_LIB_CRYPTO, ERR_R_INTERNAL_ERROR); +- return 0; +- } +- if (!prov_already_activated(name, pcgbl->activated_providers)) { +- /* +- * There is an attempt to activate a provider, so we should disable +- * loading of fallbacks. Otherwise a misconfiguration could mean the +- * intended provider does not get loaded. Subsequent fetches could +- * then fallback to the default provider - which may be the wrong +- * thing. +- */ +- if (!ossl_provider_disable_fallback_loading(libctx)) { +- CRYPTO_THREAD_unlock(pcgbl->lock); +- ERR_raise(ERR_LIB_CRYPTO, ERR_R_INTERNAL_ERROR); +- return 0; +- } +- prov = ossl_provider_find(libctx, name, 1); +- if (prov == NULL) +- prov = ossl_provider_new(libctx, name, NULL, 1); +- if (prov == NULL) { +- CRYPTO_THREAD_unlock(pcgbl->lock); +- if (soft) +- ERR_clear_error(); +- return 0; +- } +- +- if (path != NULL) +- ossl_provider_set_module_path(prov, path); +- +- ok = provider_conf_params(prov, NULL, NULL, value, cnf); +- +- if (ok) { +- if (!ossl_provider_activate(prov, 1, 0)) { +- ok = 0; +- } else if (!ossl_provider_add_to_store(prov, &actual, 0)) { +- ossl_provider_deactivate(prov); +- ok = 0; +- } else { +- if (pcgbl->activated_providers == NULL) +- pcgbl->activated_providers = sk_OSSL_PROVIDER_new_null(); +- sk_OSSL_PROVIDER_push(pcgbl->activated_providers, actual); +- ok = 1; +- } +- } +- if (!ok) +- ossl_provider_free(prov); +- } +- CRYPTO_THREAD_unlock(pcgbl->lock); ++ ok = provider_conf_activate(libctx, pcgbl, name, value, path, soft, cnf); + } else { + OSSL_PROVIDER_INFO entry; + +@@ -294,6 +306,19 @@ static int provider_conf_init(CONF_IMODU + return 0; + } + ++ if (ossl_get_kernel_fips_flag() != 0) { /* XXX from provider_conf_load */ ++ OSSL_LIB_CTX *libctx = NCONF_get0_libctx((CONF *)cnf); ++ PROVIDER_CONF_GLOBAL *pcgbl ++ = ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_PROVIDER_CONF_INDEX, ++ &provider_conf_ossl_ctx_method); ++ if (provider_conf_activate(libctx, pcgbl, "fips", NULL, NULL, 0, NULL) != 1) ++ return 0; ++ if (provider_conf_activate(libctx, pcgbl, "base", NULL, NULL, 0, NULL) != 1) ++ return 0; ++ if (EVP_default_properties_enable_fips(libctx, 1) != 1) ++ return 0; ++ } ++ + return 1; + } + diff --git a/SOURCES/0033-FIPS-embed-hmac.patch b/SOURCES/0033-FIPS-embed-hmac.patch new file mode 100644 index 0000000..5e914ed --- /dev/null +++ b/SOURCES/0033-FIPS-embed-hmac.patch @@ -0,0 +1,223 @@ +diff -up openssl-3.0.0/providers/fips/self_test.c.embed-hmac openssl-3.0.0/providers/fips/self_test.c +--- openssl-3.0.0/providers/fips/self_test.c.embed-hmac 2021-11-16 13:57:05.127171056 +0100 ++++ openssl-3.0.0/providers/fips/self_test.c 2021-11-16 14:07:21.963412455 +0100 +@@ -171,11 +171,27 @@ DEP_FINI_ATTRIBUTE void cleanup(void) + } + #endif + ++#define HMAC_LEN 32 ++/* ++ * The __attribute__ ensures we've created the .rodata1 section ++ * static ensures it's zero filled ++*/ ++static const volatile unsigned char __attribute__ ((section (".rodata1"))) fips_hmac_container[HMAC_LEN] = {0}; ++ + /* + * Calculate the HMAC SHA256 of data read using a BIO and read_cb, and verify + * the result matches the expected value. + * Return 1 if verified, or 0 if it fails. + */ ++#ifndef __USE_GNU ++#define __USE_GNU ++#include ++#undef __USE_GNU ++#else ++#include ++#endif ++#include ++ + static int verify_integrity(OSSL_CORE_BIO *bio, OSSL_FUNC_BIO_read_ex_fn read_ex_cb, + unsigned char *expected, size_t expected_len, + OSSL_LIB_CTX *libctx, OSSL_SELF_TEST *ev, +@@ -183,14 +199,26 @@ static int verify_integrity(OSSL_CORE_BI + { + int ret = 0, status; + unsigned char out[MAX_MD_SIZE]; +- unsigned char buf[INTEGRITY_BUF_SIZE]; ++ unsigned char buf[INTEGRITY_BUF_SIZE+HMAC_LEN]; + size_t bytes_read = 0, out_len = 0; + EVP_MAC *mac = NULL; + EVP_MAC_CTX *ctx = NULL; + OSSL_PARAM params[2], *p = params; ++ Dl_info info; ++ void *extra_info = NULL; ++ struct link_map *lm = NULL; ++ unsigned long paddr; ++ unsigned long off = 0; ++ int have_rest = 0; + + OSSL_SELF_TEST_onbegin(ev, event_type, OSSL_SELF_TEST_DESC_INTEGRITY_HMAC); + ++ if (!dladdr1 ((const void *)fips_hmac_container, ++ &info, &extra_info, RTLD_DL_LINKMAP)) ++ goto err; ++ lm = extra_info; ++ paddr = (unsigned long)fips_hmac_container - lm->l_addr; ++ + mac = EVP_MAC_fetch(libctx, MAC_NAME, NULL); + if (mac == NULL) + goto err; +@@ -204,12 +233,53 @@ static int verify_integrity(OSSL_CORE_BI + if (!EVP_MAC_init(ctx, fixed_key, sizeof(fixed_key), params)) + goto err; + ++ status = read_ex_cb(bio, buf, HMAC_LEN, &bytes_read); ++ if (status != 1 || bytes_read != HMAC_LEN) ++ goto err; ++ off += HMAC_LEN; ++ + while (1) { +- status = read_ex_cb(bio, buf, sizeof(buf), &bytes_read); +- if (status != 1) ++ status = read_ex_cb(bio, buf+HMAC_LEN, INTEGRITY_BUF_SIZE, &bytes_read); ++ if (status != 1) { ++ have_rest = 1; ++ break; ++ } ++ ++ if (bytes_read == INTEGRITY_BUF_SIZE) { /* Full block */ ++ /* Logic: ++ * We have HMAC_LEN (read before) + INTEGRITY_BUF_SIZE (read now) in buffer ++ * We calculate HMAC from first INTEGRITY_BUF_SIZE bytes ++ * and move last HMAC_LEN bytes to the beginning of the buffer ++ * ++ * If we have read (a part of) buffer fips_hmac_container ++ * we should replace it with zeros. ++ * If it is inside our current buffer, we will update now. ++ * If it intersects the upper bound, we will clean up on the next step. ++ */ ++ if (off - HMAC_LEN <= paddr && paddr <= off + bytes_read) ++ memset (buf + HMAC_LEN + paddr - off, 0, HMAC_LEN); ++ off += bytes_read; ++ ++ if (!EVP_MAC_update(ctx, buf, bytes_read)) ++ goto err; ++ memcpy (buf, buf+INTEGRITY_BUF_SIZE, HMAC_LEN); ++ } else { /* Final block */ ++ /* Logic is basically the same as in previous branch ++ * but we calculate HMAC from HMAC_LEN (rest of previous step) ++ * and bytes_read read on this step ++ * */ ++ if (off - HMAC_LEN <= paddr && paddr <= off + bytes_read) ++ memset (buf + HMAC_LEN + paddr - off, 0, HMAC_LEN); ++ if (!EVP_MAC_update(ctx, buf, bytes_read+HMAC_LEN)) ++ goto err; ++ off += bytes_read; + break; +- if (!EVP_MAC_update(ctx, buf, bytes_read)) ++ } ++ } ++ if (have_rest) { ++ if (!EVP_MAC_update(ctx, buf, HMAC_LEN)) + goto err; ++ off += HMAC_LEN; + } + if (!EVP_MAC_final(ctx, out, &out_len, sizeof(out))) + goto err; +@@ -284,8 +358,7 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS + CRYPTO_THREAD_unlock(fips_state_lock); + } + +- if (st == NULL +- || st->module_checksum_data == NULL) { ++ if (st == NULL) { + ERR_raise(ERR_LIB_PROV, PROV_R_MISSING_CONFIG_DATA); + goto end; + } +@@ -294,8 +367,9 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS + if (ev == NULL) + goto end; + +- module_checksum = OPENSSL_hexstr2buf(st->module_checksum_data, +- &checksum_len); ++ module_checksum = fips_hmac_container; ++ checksum_len = sizeof(fips_hmac_container); ++ + if (module_checksum == NULL) { + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_CONFIG_DATA); + goto end; +@@ -357,7 +431,6 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS + ok = 1; + end: + OSSL_SELF_TEST_free(ev); +- OPENSSL_free(module_checksum); + OPENSSL_free(indicator_checksum); + + if (st != NULL) { +diff -ruN openssl-3.0.0/test/recipes/00-prep_fipsmodule_cnf.t openssl-3.0.0-xxx/test/recipes/00-prep_fipsmodule_cnf.t +--- openssl-3.0.0/test/recipes/00-prep_fipsmodule_cnf.t 2021-09-07 13:46:32.000000000 +0200 ++++ openssl-3.0.0-xxx/test/recipes/00-prep_fipsmodule_cnf.t 2021-11-18 09:39:53.386817874 +0100 +@@ -20,7 +20,7 @@ + use lib bldtop_dir('.'); + use platform; + +-my $no_check = disabled("fips"); ++my $no_check = 1; + plan skip_all => "FIPS module config file only supported in a fips build" + if $no_check; + +diff -ruN openssl-3.0.0/test/recipes/01-test_fipsmodule_cnf.t openssl-3.0.0-xxx/test/recipes/01-test_fipsmodule_cnf.t +--- openssl-3.0.0/test/recipes/01-test_fipsmodule_cnf.t 2021-09-07 13:46:32.000000000 +0200 ++++ openssl-3.0.0-xxx/test/recipes/01-test_fipsmodule_cnf.t 2021-11-18 09:59:02.315619486 +0100 +@@ -23,7 +23,7 @@ + use lib bldtop_dir('.'); + use platform; + +-my $no_check = disabled("fips"); ++my $no_check = 1; + plan skip_all => "Test only supported in a fips build" + if $no_check; + plan tests => 1; +diff -ruN openssl-3.0.0/test/recipes/03-test_fipsinstall.t openssl-3.0.0-xxx/test/recipes/03-test_fipsinstall.t +--- openssl-3.0.0/test/recipes/03-test_fipsinstall.t 2021-09-07 13:46:32.000000000 +0200 ++++ openssl-3.0.0-xxx/test/recipes/03-test_fipsinstall.t 2021-11-18 09:59:55.365072074 +0100 +@@ -22,7 +22,7 @@ + use lib bldtop_dir('.'); + use platform; + +-plan skip_all => "Test only supported in a fips build" if disabled("fips"); ++plan skip_all => "Test only supported in a fips build" if 1; + + plan tests => 29; + +diff -ruN openssl-3.0.0/test/recipes/30-test_defltfips.t openssl-3.0.0-xxx/test/recipes/30-test_defltfips.t +--- openssl-3.0.0/test/recipes/30-test_defltfips.t 2021-09-07 13:46:32.000000000 +0200 ++++ openssl-3.0.0-xxx/test/recipes/30-test_defltfips.t 2021-11-18 10:22:54.179659682 +0100 +@@ -21,7 +21,7 @@ + use lib srctop_dir('Configurations'); + use lib bldtop_dir('.'); + +-my $no_fips = disabled('fips') || ($ENV{NO_FIPS} // 0); ++my $no_fips = 1; #disabled('fips') || ($ENV{NO_FIPS} // 0); + + plan tests => + ($no_fips ? 1 : 5); +diff -ruN openssl-3.0.0/test/recipes/80-test_ssl_new.t openssl-3.0.0-xxx/test/recipes/80-test_ssl_new.t +--- openssl-3.0.0/test/recipes/80-test_ssl_new.t 2021-09-07 13:46:32.000000000 +0200 ++++ openssl-3.0.0-xxx/test/recipes/80-test_ssl_new.t 2021-11-18 10:18:53.391721164 +0100 +@@ -23,7 +23,7 @@ + use lib srctop_dir('Configurations'); + use lib bldtop_dir('.'); + +-my $no_fips = disabled('fips') || ($ENV{NO_FIPS} // 0); ++my $no_fips = 1; #disabled('fips') || ($ENV{NO_FIPS} // 0); + + $ENV{TEST_CERTS_DIR} = srctop_dir("test", "certs"); + +diff -ruN openssl-3.0.0/test/recipes/90-test_sslapi.t openssl-3.0.0-xxx/test/recipes/90-test_sslapi.t +--- openssl-3.0.0/test/recipes/90-test_sslapi.t 2021-11-18 10:32:17.734196705 +0100 ++++ openssl-3.0.0-xxx/test/recipes/90-test_sslapi.t 2021-11-18 10:18:30.695538445 +0100 +@@ -18,7 +18,7 @@ + use lib srctop_dir('Configurations'); + use lib bldtop_dir('.'); + +-my $no_fips = disabled('fips') || ($ENV{NO_FIPS} // 0); ++my $no_fips = 1; #disabled('fips') || ($ENV{NO_FIPS} // 0); + + plan skip_all => "No TLS/SSL protocols are supported by this OpenSSL build" + if alldisabled(grep { $_ ne "ssl3" } available_protocols("tls")); +--- /dev/null 2021-11-16 15:27:32.915000000 +0100 ++++ openssl-3.0.0/test/fipsmodule.cnf 2021-11-18 11:15:34.538060408 +0100 +@@ -0,0 +1,2 @@ ++[fips_sect] ++activate = 1 diff --git a/SOURCES/0034.fipsinstall_disable.patch b/SOURCES/0034.fipsinstall_disable.patch new file mode 100644 index 0000000..b0e0c4b --- /dev/null +++ b/SOURCES/0034.fipsinstall_disable.patch @@ -0,0 +1,392 @@ +diff -up openssl-3.0.0/apps/fipsinstall.c.xxx openssl-3.0.0/apps/fipsinstall.c +--- openssl-3.0.0/apps/fipsinstall.c.xxx 2021-11-22 13:09:28.232560235 +0100 ++++ openssl-3.0.0/apps/fipsinstall.c 2021-11-22 13:12:22.272058910 +0100 +@@ -311,6 +311,9 @@ int fipsinstall_main(int argc, char **ar + EVP_MAC *mac = NULL; + CONF *conf = NULL; + ++ BIO_printf(bio_err, "This command is not enabled in the Red Hat Enterprise Linux OpenSSL build, please consult Red Hat documentation to learn how to enable FIPS mode\n"); ++ return 1; ++ + if ((opts = sk_OPENSSL_STRING_new_null()) == NULL) + goto end; + +diff -up openssl-3.0.0/doc/man1/openssl-fipsinstall.pod.in.xxx openssl-3.0.0/doc/man1/openssl-fipsinstall.pod.in +--- openssl-3.0.0/doc/man1/openssl-fipsinstall.pod.in.xxx 2021-11-22 13:19:55.192959061 +0100 ++++ openssl-3.0.0/doc/man1/openssl-fipsinstall.pod.in 2021-11-22 13:20:56.978491104 +0100 +@@ -8,224 +8,10 @@ openssl-fipsinstall - perform FIPS confi + =head1 SYNOPSIS + + B +-[B<-help>] +-[B<-in> I] +-[B<-out> I] +-[B<-module> I] +-[B<-provider_name> I] +-[B<-section_name> I] +-[B<-verify>] +-[B<-mac_name> I] +-[B<-macopt> I:I] +-[B<-noout>] +-[B<-quiet>] +-[B<-no_conditional_errors>] +-[B<-no_security_checks>] +-[B<-self_test_onload>] +-[B<-corrupt_desc> I] +-[B<-corrupt_type> I] +-[B<-config> I] + + =head1 DESCRIPTION + +-This command is used to generate a FIPS module configuration file. +-This configuration file can be used each time a FIPS module is loaded +-in order to pass data to the FIPS module self tests. The FIPS module always +-verifies its MAC, but optionally only needs to run the KAT's once, +-at installation. +- +-The generated configuration file consists of: +- +-=over 4 +- +-=item - A MAC of the FIPS module file. +- +-=item - A test status indicator. +- +-This indicates if the Known Answer Self Tests (KAT's) have successfully run. +- +-=item - A MAC of the status indicator. +- +-=item - A control for conditional self tests errors. +- +-By default if a continuous test (e.g a key pair test) fails then the FIPS module +-will enter an error state, and no services or cryptographic algorithms will be +-able to be accessed after this point. +-The default value of '1' will cause the fips module error state to be entered. +-If the value is '0' then the module error state will not be entered. +-Regardless of whether the error state is entered or not, the current operation +-(e.g. key generation) will return an error. The user is responsible for retrying +-the operation if the module error state is not entered. +- +-=item - A control to indicate whether run-time security checks are done. +- +-This indicates if run-time checks related to enforcement of security parameters +-such as minimum security strength of keys and approved curve names are used. +-The default value of '1' will perform the checks. +-If the value is '0' the checks are not performed and FIPS compliance must +-be done by procedures documented in the relevant Security Policy. +- +-=back +- +-This file is described in L. +- +-=head1 OPTIONS +- +-=over 4 +- +-=item B<-help> +- +-Print a usage message. +- +-=item B<-module> I +- +-Filename of the FIPS module to perform an integrity check on. +-The path provided in the filename is used to load the module when it is +-activated, and this overrides the environment variable B. +- +-=item B<-out> I +- +-Filename to output the configuration data to; the default is standard output. +- +-=item B<-in> I +- +-Input filename to load configuration data from. +-Must be used if the B<-verify> option is specified. +- +-=item B<-verify> +- +-Verify that the input configuration file contains the correct information. +- +-=item B<-provider_name> I +- +-Name of the provider inside the configuration file. +-The default value is C. +- +-=item B<-section_name> I +- +-Name of the section inside the configuration file. +-The default value is C. +- +-=item B<-mac_name> I +- +-Specifies the name of a supported MAC algorithm which will be used. +-The MAC mechanisms that are available will depend on the options +-used when building OpenSSL. +-To see the list of supported MAC's use the command +-C. The default is B. +- +-=item B<-macopt> I:I +- +-Passes options to the MAC algorithm. +-A comprehensive list of controls can be found in the EVP_MAC implementation +-documentation. +-Common control strings used for this command are: +- +-=over 4 +- +-=item B:I +- +-Specifies the MAC key as an alphanumeric string (use if the key contains +-printable characters only). +-The string length must conform to any restrictions of the MAC algorithm. +-A key must be specified for every MAC algorithm. +-If no key is provided, the default that was specified when OpenSSL was +-configured is used. +- +-=item B:I +- +-Specifies the MAC key in hexadecimal form (two hex digits per byte). +-The key length must conform to any restrictions of the MAC algorithm. +-A key must be specified for every MAC algorithm. +-If no key is provided, the default that was specified when OpenSSL was +-configured is used. +- +-=item B:I +- +-Used by HMAC as an alphanumeric string (use if the key contains printable +-characters only). +-The string length must conform to any restrictions of the MAC algorithm. +-To see the list of supported digests, use the command +-C. +-The default digest is SHA-256. +- +-=back +- +-=item B<-noout> +- +-Disable logging of the self tests. +- +-=item B<-no_conditional_errors> +- +-Configure the module to not enter an error state if a conditional self test +-fails as described above. +- +-=item B<-no_security_checks> +- +-Configure the module to not perform run-time security checks as described above. +- +-=item B<-self_test_onload> +- +-Do not write the two fields related to the "test status indicator" and +-"MAC status indicator" to the output configuration file. Without these fields +-the self tests KATS will run each time the module is loaded. This option could be +-used for cross compiling, since the self tests need to run at least once on each +-target machine. Once the self tests have run on the target machine the user +-could possibly then add the 2 fields into the configuration using some other +-mechanism. +- +-=item B<-quiet> +- +-Do not output pass/fail messages. Implies B<-noout>. +- +-=item B<-corrupt_desc> I, +-B<-corrupt_type> I +- +-The corrupt options can be used to test failure of one or more self tests by +-name. +-Either option or both may be used to select the tests to corrupt. +-Refer to the entries for B and B in L for +-values that can be used. +- +-=item B<-config> I +- +-Test that a FIPS provider can be loaded from the specified configuration file. +-A previous call to this application needs to generate the extra configuration +-data that is included by the base C configuration file. +-See L for further information on how to set up a provider section. +-All other options are ignored if '-config' is used. +- +-=back +- +-=head1 EXAMPLES +- +-Calculate the mac of a FIPS module F and run a FIPS self test +-for the module, and save the F configuration file: +- +- openssl fipsinstall -module ./fips.so -out fips.cnf -provider_name fips +- +-Verify that the configuration file F contains the correct info: +- +- openssl fipsinstall -module ./fips.so -in fips.cnf -provider_name fips -verify +- +-Corrupt any self tests which have the description C: +- +- openssl fipsinstall -module ./fips.so -out fips.cnf -provider_name fips \ +- -corrupt_desc 'SHA1' +- +-Validate that the fips module can be loaded from a base configuration file: +- +- export OPENSSL_CONF_INCLUDE= +- export OPENSSL_MODULES= +- openssl fipsinstall -config' 'default.cnf' +- +- +-=head1 SEE ALSO +- +-L, +-L, +-L, +-L ++This command is disabled. Please consult Red Hat Enterprise Linux documentation to learn how to correctly enable FIPS mode on Red Hat Enterprise Linux. + + =head1 COPYRIGHT + +diff -up openssl-3.0.0/doc/man1/openssl.pod.xxx openssl-3.0.0/doc/man1/openssl.pod +--- openssl-3.0.0/doc/man1/openssl.pod.xxx 2021-11-22 13:18:51.081406990 +0100 ++++ openssl-3.0.0/doc/man1/openssl.pod 2021-11-22 13:19:02.897508738 +0100 +@@ -158,10 +158,6 @@ Engine (loadable module) information and + + Error Number to Error String Conversion. + +-=item B +- +-FIPS configuration installation. +- + =item B + + Generation of DSA Private Key from Parameters. Superseded by +diff -up openssl-3.0.0/doc/man5/config.pod.xxx openssl-3.0.0/doc/man5/config.pod +--- openssl-3.0.0/doc/man5/config.pod.xxx 2021-11-22 13:24:51.359509501 +0100 ++++ openssl-3.0.0/doc/man5/config.pod 2021-11-22 13:26:02.360121820 +0100 +@@ -573,7 +573,6 @@ configuration files using that syntax wi + =head1 SEE ALSO + + L, L, L, +-L, + L, + L, + L, +diff -up openssl-3.0.0/doc/man5/fips_config.pod.xxx openssl-3.0.0/doc/man5/fips_config.pod +--- openssl-3.0.0/doc/man5/fips_config.pod.xxx 2021-11-22 13:21:13.812636065 +0100 ++++ openssl-3.0.0/doc/man5/fips_config.pod 2021-11-22 13:24:12.278172847 +0100 +@@ -6,106 +6,10 @@ fips_config - OpenSSL FIPS configuration + + =head1 DESCRIPTION + +-A separate configuration file, using the OpenSSL L syntax, +-is used to hold information about the FIPS module. This includes a digest +-of the shared library file, and status about the self-testing. +-This data is used automatically by the module itself for two +-purposes: +- +-=over 4 +- +-=item - Run the startup FIPS self-test known answer tests (KATS). +- +-This is normally done once, at installation time, but may also be set up to +-run each time the module is used. +- +-=item - Verify the module's checksum. +- +-This is done each time the module is used. +- +-=back +- +-This file is generated by the L program, and +-used internally by the FIPS module during its initialization. +- +-The following options are supported. They should all appear in a section +-whose name is identified by the B option in the B +-section, as described in L. +- +-=over 4 +- +-=item B +- +-If present, the module is activated. The value assigned to this name is not +-significant. +- +-=item B +- +-A version number for the fips install process. Should be 1. +- +-=item B +- +-The FIPS module normally enters an internal error mode if any self test fails. +-Once this error mode is active, no services or cryptographic algorithms are +-accessible from this point on. +-Continuous tests are a subset of the self tests (e.g., a key pair test during key +-generation, or the CRNG output test). +-Setting this value to C<0> allows the error mode to not be triggered if any +-continuous test fails. The default value of C<1> will trigger the error mode. +-Regardless of the value, the operation (e.g., key generation) that called the +-continuous test will return an error code if its continuous test fails. The +-operation may then be retried if the error mode has not been triggered. +- +-=item B +- +-This indicates if run-time checks related to enforcement of security parameters +-such as minimum security strength of keys and approved curve names are used. +-A value of '1' will perform the checks, otherwise if the value is '0' the checks +-are not performed and FIPS compliance must be done by procedures documented in +-the relevant Security Policy. +- +-=item B +- +-The calculated MAC of the FIPS provider file. +- +-=item B +- +-An indicator that the self-tests were successfully run. +-This should only be written after the module has +-successfully passed its self tests during installation. +-If this field is not present, then the self tests will run when the module +-loads. +- +-=item B +- +-A MAC of the value of the B option, to prevent accidental +-changes to that value. +-It is written-to at the same time as B is updated. +- +-=back +- +-For example: +- +- [fips_sect] +- activate = 1 +- install-version = 1 +- conditional-errors = 1 +- security-checks = 1 +- module-mac = 41:D0:FA:C2:5D:41:75:CD:7D:C3:90:55:6F:A4:DC +- install-mac = FE:10:13:5A:D3:B4:C7:82:1B:1E:17:4C:AC:84:0C +- install-status = INSTALL_SELF_TEST_KATS_RUN +- +-=head1 NOTES +- +-When using the FIPS provider, it is recommended that the +-B option is enabled to prevent accidental use of +-non-FIPS validated algorithms via broken or mistaken configuration. +-See L. +- +-=head1 SEE ALSO +- +-L +-L ++This command is disabled in Red Hat Enterprise Linux. The FIPS provider is ++automatically loaded when the system is boots in FIPS mode, or when the ++environment variable B is set. See the documentation ++for more information. + + =head1 COPYRIGHT + +diff -up openssl-3.0.0/doc/man7/OSSL_PROVIDER-FIPS.pod.xxx openssl-3.0.0/doc/man7/OSSL_PROVIDER-FIPS.pod +--- openssl-3.0.0/doc/man7/OSSL_PROVIDER-FIPS.pod.xxx 2021-11-22 13:18:13.850086386 +0100 ++++ openssl-3.0.0/doc/man7/OSSL_PROVIDER-FIPS.pod 2021-11-22 13:18:24.607179038 +0100 +@@ -388,7 +388,6 @@ A simple self test callback is shown bel + + =head1 SEE ALSO + +-L, + L, + L, + L, diff --git a/SOURCES/0100-coverity.patch b/SOURCES/0100-coverity.patch new file mode 100644 index 0000000..d81d531 --- /dev/null +++ b/SOURCES/0100-coverity.patch @@ -0,0 +1,12 @@ +diff -up openssl-3.0.0/apps/s_client.c.coverity openssl-3.0.0/apps/s_client.c +--- openssl-3.0.0/apps/s_client.c.coverity 2021-10-07 16:59:37.938432118 +0200 ++++ openssl-3.0.0/apps/s_client.c 2021-10-07 17:00:52.994075755 +0200 +@@ -3040,6 +3040,8 @@ int s_client_main(int argc, char **argv) + #endif + OPENSSL_free(connectstr); + OPENSSL_free(bindstr); ++ OPENSSL_free(bindhost); ++ OPENSSL_free(bindport); + OPENSSL_free(host); + OPENSSL_free(port); + OPENSSL_free(thost); diff --git a/SPECS/openssl.spec b/SPECS/openssl.spec index d372835..2e7e317 100644 --- a/SPECS/openssl.spec +++ b/SPECS/openssl.spec @@ -15,7 +15,7 @@ Summary: Utilities from the general purpose cryptography library with TLS implementation Name: openssl Version: 3.0.0 -Release: 0.beta2.7%{?dist} +Release: 4%{?dist} Epoch: 1 # We have to remove certain patented algorithms from the openssl source # tarball with the hobble-openssl script which is included below. @@ -30,6 +30,7 @@ Source9: configuration-switch.h Source10: configuration-prefix.h Source12: ec_curve.c Source13: ectest.c +Source14: 0025-for-tests.patch # Patches exported from source git # Aarch64 and ppc64le use lib64 @@ -49,21 +50,23 @@ Patch7: 0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch # Add FIPS_mode() compatibility macro Patch8: 0008-Add-FIPS_mode-compatibility-macro.patch # Add check to see if fips flag is enabled in kernel -#Patch9: 0009-Add-Kernel-FIPS-mode-flag-support.patch +Patch9: 0009-Add-Kernel-FIPS-mode-flag-support.patch # remove unsupported EC curves Patch11: 0011-Remove-EC-curves.patch -# Update alerts according to #1965017 -Patch20: 0020-sigalgs-fix-alerts.patch -# Fixes core dump in openssl req -modulus -Patch21: 0021-fix-core-dump-req.patch -# Fixes 'openssl req' to not ask for password when non-encrypted key -Patch22: 0022-fix-openssl-req-password.patch -# cms: Do not try to check binary format on stdin and -rctform fix -Patch23: 0023-cms-stdin.patch # Instructions to load legacy provider in openssl.cnf Patch24: 0024-load-legacy-prov.patch -# cms: don't read /dev/stdin twice -Patch25: 0025-cms-stdin2.patch +# Tmp: Upstream #16636 +Patch30: 0030-tmp-Fix-rng-seed-double-free.patch +# Tmp: test name change +Patch31: 0031-tmp-Fix-test-names.patch +# We load FIPS provider and set FIPS properties implicitly +Patch32: 0032-Force-fips.patch +# Embed HMAC into the fips.so +Patch33: 0033-FIPS-embed-hmac.patch +# Comment out fipsinstall command-line utility +Patch34: 0034.fipsinstall_disable.patch +# Tmp: coverity +Patch100: 0100-coverity.patch License: ASL 2.0 URL: http://www.openssl.org/ @@ -119,7 +122,7 @@ package provides Perl scripts for converting certificates and keys from other formats to the formats used by the OpenSSL toolkit. %prep -%autosetup -S git -n %{name}-%{version}-beta2 +%autosetup -S git -n %{name}-%{version} # The hobble_openssl is called here redundantly, just to be sure. # The tarball has already the sources removed. @@ -230,23 +233,34 @@ done # We must revert patch4 before tests otherwise they will fail patch -p1 -R < %{PATCH4} +#We must disable default provider before tests otherwise they will fail +patch -p1 < %{SOURCE14} OPENSSL_ENABLE_MD5_VERIFY= export OPENSSL_ENABLE_MD5_VERIFY OPENSSL_SYSTEM_CIPHERS_OVERRIDE=xyz_nonexistent_file export OPENSSL_SYSTEM_CIPHERS_OVERRIDE +#embed HMAC into fips provider for test run +LD_LIBRARY_PATH=. apps/openssl dgst -binary -sha256 -mac HMAC -macopt hexkey:f4556650ac31d35461610bac4ed81b1a181b2d8a43ea2854cbae22ca74560813 < providers/fips.so > providers/fips.so.hmac +cp providers/fips.so providers/fips.so.orig +objcopy --update-section .rodata1=providers/fips.so.hmac providers/fips.so providers/fips.so.mac +mv providers/fips.so.mac providers/fips.so +#run tests itself make test HARNESS_JOBS=8 # Add generation of HMAC checksum of the final stripped library -#%define __spec_install_post \ -# %{?__debug_package:%{__debug_install_post}} \ -# %{__arch_install_post} \ -# %{__os_install_post} \ -# crypto/fips/fips_standalone_hmac $RPM_BUILD_ROOT%{_libdir}/libcrypto.so.%{version} >$RPM_BUILD_ROOT%{_libdir}/.libcrypto.so.%{version}.hmac \ -# ln -sf .libcrypto.so.%{version}.hmac $RPM_BUILD_ROOT%{_libdir}/.libcrypto.so.%{soversion}.hmac \ -# crypto/fips/fips_standalone_hmac $RPM_BUILD_ROOT%{_libdir}/libssl.so.%{version} >$RPM_BUILD_ROOT%{_libdir}/.libssl.so.%{version}.hmac \ -# ln -sf .libssl.so.%{version}.hmac $RPM_BUILD_ROOT%{_libdir}/.libssl.so.%{soversion}.hmac \ -#%{nil} +# We manually copy standard definition of __spec_install_post +# and add hmac calculation/embedding to fips.so +%define __spec_install_post \ + %{?__debug_package:%{__debug_install_post}} \ + %{__arch_install_post} \ + %{__os_install_post} \ + LD_LIBRARY_PATH=. apps/openssl dgst -binary -sha256 -mac HMAC -macopt hexkey:f4556650ac31d35461610bac4ed81b1a181b2d8a43ea2854cbae22ca74560813 < $RPM_BUILD_ROOT%{_libdir}/ossl-modules/fips.so > $RPM_BUILD_ROOT%{_libdir}/ossl-modules/fips.so.hmac \ + cp $RPM_BUILD_ROOT%{_libdir}/ossl-modules/fips.so $RPM_BUILD_ROOT%{_libdir}/ossl-modules/fips.so.orig \ + objcopy --update-section .rodata1=$RPM_BUILD_ROOT%{_libdir}/ossl-modules/fips.so.hmac $RPM_BUILD_ROOT%{_libdir}/ossl-modules/fips.so $RPM_BUILD_ROOT%{_libdir}/ossl-modules/fips.so.mac \ + mv $RPM_BUILD_ROOT%{_libdir}/ossl-modules/fips.so.mac $RPM_BUILD_ROOT%{_libdir}/ossl-modules/fips.so \ + rm $RPM_BUILD_ROOT%{_libdir}/ossl-modules/fips.so.hmac \ +%{nil} %define __provides_exclude_from %{_libdir}/openssl @@ -386,6 +400,23 @@ install -m644 %{SOURCE9} \ %ldconfig_scriptlets libs %changelog +* Thu Nov 18 2021 Dmitry Belyavskiy - 1:3.0.0-4 +- Embed FIPS HMAC in fips.so +- Enforce loading FIPS provider when FIPS kernel flag is on + +* Thu Oct 07 2021 Dmitry Belyavskiy - 1:3.0.0-3 +- Fix memory leak in s_client +- Related: rhbz#1996092 + +* Mon Sep 20 2021 Dmitry Belyavskiy - 1:3.0.0-2 +- Avoid double-free on error seeding the RNG. +- KTLS and FIPS may interfere, so tests need to be tuned +- Resolves: rhbz#1952844, rhbz#1961643 + +* Thu Sep 09 2021 Sahana Prasad - 1:3.0.0-1 +- Rebase to upstream version 3.0.0 +- Related: rhbz#1990814 + * Wed Aug 25 2021 Sahana Prasad - 1:3.0.0-0.beta2.7 - Removes the dual-abi build as it not required anymore. The mass rebuild was completed and all packages are rebuilt against Beta version.