diff --git a/crypto/ec/ec_err.c b/crypto/ec/ec_err.c index 9dc143c2ac69..4d6f2a76ad20 100644 --- a/crypto/ec/ec_err.c +++ b/crypto/ec/ec_err.c @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -35,6 +35,8 @@ static const ERR_STRING_DATA EC_str_reasons[] = { "discriminant is zero"}, {ERR_PACK(ERR_LIB_EC, 0, EC_R_EC_GROUP_NEW_BY_NAME_FAILURE), "ec group new by name failure"}, + {ERR_PACK(ERR_LIB_EC, 0, EC_R_EXPLICIT_PARAMS_NOT_SUPPORTED), + "explicit params not supported"}, {ERR_PACK(ERR_LIB_EC, 0, EC_R_FAILED_MAKING_PUBLIC_KEY), "failed making public key"}, {ERR_PACK(ERR_LIB_EC, 0, EC_R_FIELD_TOO_LARGE), "field too large"}, diff --git a/crypto/ec/ec_lib.c b/crypto/ec/ec_lib.c index 2aeab7e3b6b5..f686e45f899d 100644 --- a/crypto/ec/ec_lib.c +++ b/crypto/ec/ec_lib.c @@ -1387,6 +1387,7 @@ int EC_GROUP_get_pentanomial_basis(const EC_GROUP *group, unsigned int *k1, } #endif +#ifndef FIPS_MODULE /* * Check if the explicit parameters group matches any built-in curves. * @@ -1424,7 +1425,7 @@ static EC_GROUP *ec_group_explicit_to_named(const EC_GROUP *group, * parameters with one created from a named group. */ -#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128 +# ifndef OPENSSL_NO_EC_NISTP_64_GCC_128 /* * NID_wap_wsg_idm_ecid_wtls12 and NID_secp224r1 are both aliases for * the same curve, we prefer the SECP nid when matching explicit @@ -1432,7 +1433,7 @@ static EC_GROUP *ec_group_explicit_to_named(const EC_GROUP *group, */ if (curve_name_nid == NID_wap_wsg_idm_ecid_wtls12) curve_name_nid = NID_secp224r1; -#endif /* !def(OPENSSL_NO_EC_NISTP_64_GCC_128) */ +# endif /* !def(OPENSSL_NO_EC_NISTP_64_GCC_128) */ ret_group = EC_GROUP_new_by_curve_name_ex(libctx, propq, curve_name_nid); if (ret_group == NULL) @@ -1467,6 +1468,7 @@ static EC_GROUP *ec_group_explicit_to_named(const EC_GROUP *group, EC_GROUP_free(ret_group); return NULL; } +#endif /* FIPS_MODULE */ static EC_GROUP *group_new_from_name(const OSSL_PARAM *p, OSSL_LIB_CTX *libctx, const char *propq) @@ -1536,9 +1538,13 @@ int ossl_ec_group_set_params(EC_GROUP *group, const OSSL_PARAM params[]) EC_GROUP *EC_GROUP_new_from_params(const OSSL_PARAM params[], OSSL_LIB_CTX *libctx, const char *propq) { - const OSSL_PARAM *ptmp, *pa, *pb; + const OSSL_PARAM *ptmp; + EC_GROUP *group = NULL; + +#ifndef FIPS_MODULE + const OSSL_PARAM *pa, *pb; int ok = 0; - EC_GROUP *group = NULL, *named_group = NULL; + EC_GROUP *named_group = NULL; BIGNUM *p = NULL, *a = NULL, *b = NULL, *order = NULL, *cofactor = NULL; EC_POINT *point = NULL; int field_bits = 0; @@ -1546,6 +1552,7 @@ EC_GROUP *EC_GROUP_new_from_params(const OSSL_PARAM params[], BN_CTX *bnctx = NULL; const unsigned char *buf = NULL; int encoding_flag = -1; +#endif /* This is the simple named group case */ ptmp = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_GROUP_NAME); @@ -1559,6 +1566,10 @@ EC_GROUP *EC_GROUP_new_from_params(const OSSL_PARAM params[], } return group; } +#ifdef FIPS_MODULE + ERR_raise(ERR_LIB_EC, EC_R_EXPLICIT_PARAMS_NOT_SUPPORTED); + return NULL; +#else /* If it gets here then we are trying explicit parameters */ bnctx = BN_CTX_new_ex(libctx); if (bnctx == NULL) { @@ -1623,10 +1634,10 @@ EC_GROUP *EC_GROUP_new_from_params(const OSSL_PARAM params[], /* create the EC_GROUP structure */ group = EC_GROUP_new_curve_GFp(p, a, b, bnctx); } else { -#ifdef OPENSSL_NO_EC2M +# ifdef OPENSSL_NO_EC2M ERR_raise(ERR_LIB_EC, EC_R_GF2M_NOT_SUPPORTED); goto err; -#else +# else /* create the EC_GROUP structure */ group = EC_GROUP_new_curve_GF2m(p, a, b, NULL); if (group != NULL) { @@ -1636,7 +1647,7 @@ EC_GROUP *EC_GROUP_new_from_params(const OSSL_PARAM params[], goto err; } } -#endif /* OPENSSL_NO_EC2M */ +# endif /* OPENSSL_NO_EC2M */ } if (group == NULL) { @@ -1733,4 +1744,5 @@ EC_GROUP *EC_GROUP_new_from_params(const OSSL_PARAM params[], BN_CTX_free(bnctx); return group; +#endif /* FIPS_MODULE */ } diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt index c4a94f955905..41df7127403c 100644 --- a/crypto/err/openssl.txt +++ b/crypto/err/openssl.txt @@ -553,6 +553,7 @@ EC_R_CURVE_DOES_NOT_SUPPORT_SIGNING:159:curve does not support signing EC_R_DECODE_ERROR:142:decode error EC_R_DISCRIMINANT_IS_ZERO:118:discriminant is zero EC_R_EC_GROUP_NEW_BY_NAME_FAILURE:119:ec group new by name failure +EC_R_EXPLICIT_PARAMS_NOT_SUPPORTED:127:explicit params not supported EC_R_FAILED_MAKING_PUBLIC_KEY:166:failed making public key EC_R_FIELD_TOO_LARGE:143:field too large EC_R_GF2M_NOT_SUPPORTED:147:gf2m not supported diff --git a/include/crypto/ecerr.h b/include/crypto/ecerr.h index 07b6c7aa62dd..4658ae8fb2cd 100644 --- a/include/crypto/ecerr.h +++ b/include/crypto/ecerr.h @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/include/openssl/ecerr.h b/include/openssl/ecerr.h index 49088d208b2c..46405ac62d91 100644 --- a/include/openssl/ecerr.h +++ b/include/openssl/ecerr.h @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -35,6 +35,7 @@ # define EC_R_DECODE_ERROR 142 # define EC_R_DISCRIMINANT_IS_ZERO 118 # define EC_R_EC_GROUP_NEW_BY_NAME_FAILURE 119 +# define EC_R_EXPLICIT_PARAMS_NOT_SUPPORTED 127 # define EC_R_FAILED_MAKING_PUBLIC_KEY 166 # define EC_R_FIELD_TOO_LARGE 143 # define EC_R_GF2M_NOT_SUPPORTED 147 diff --git a/test/endecode_test.c b/test/endecode_test.c index 0c33dff0ee2b..3d78bea50ea3 100644 --- a/test/endecode_test.c +++ b/test/endecode_test.c @@ -147,6 +147,7 @@ typedef int (checker)(const char *file, const int line, typedef void (dumper)(const char *label, const void *data, size_t data_len); #define FLAG_DECODE_WITH_TYPE 0x0001 +#define FLAG_FAIL_IF_FIPS 0x0002 static int test_encode_decode(const char *file, const int line, const char *type, EVP_PKEY *pkey, @@ -170,8 +171,19 @@ static int test_encode_decode(const char *file, const int line, * dumping purposes. */ if (!TEST_true(encode_cb(file, line, &encoded, &encoded_len, pkey, selection, - output_type, output_structure, pass, pcipher)) - || !TEST_true(check_cb(file, line, type, encoded, encoded_len)) + output_type, output_structure, pass, pcipher))) + goto end; + + if ((flags & FLAG_FAIL_IF_FIPS) != 0 && is_fips) { + if (TEST_false(decode_cb(file, line, (void **)&pkey2, encoded, + encoded_len, output_type, output_structure, + (flags & FLAG_DECODE_WITH_TYPE ? type : NULL), + selection, pass))) + ok = 1; + goto end; + } + + if (!TEST_true(check_cb(file, line, type, encoded, encoded_len)) || !TEST_true(decode_cb(file, line, (void **)&pkey2, encoded, encoded_len, output_type, output_structure, (flags & FLAG_DECODE_WITH_TYPE ? type : NULL), @@ -525,7 +537,7 @@ static int check_unprotected_PKCS8_DER(const char *file, const int line, return ok; } -static int test_unprotected_via_DER(const char *type, EVP_PKEY *key) +static int test_unprotected_via_DER(const char *type, EVP_PKEY *key, int fips) { return test_encode_decode(__FILE__, __LINE__, type, key, OSSL_KEYMGMT_SELECT_KEYPAIR @@ -533,7 +545,7 @@ static int test_unprotected_via_DER(const char *type, EVP_PKEY *key) "DER", "PrivateKeyInfo", NULL, NULL, encode_EVP_PKEY_prov, decode_EVP_PKEY_prov, test_mem, check_unprotected_PKCS8_DER, - dump_der, 0); + dump_der, fips ? 0 : FLAG_FAIL_IF_FIPS); } static int check_unprotected_PKCS8_PEM(const char *file, const int line, @@ -547,7 +559,7 @@ static int check_unprotected_PKCS8_PEM(const char *file, const int line, sizeof(expected_pem_header) - 1); } -static int test_unprotected_via_PEM(const char *type, EVP_PKEY *key) +static int test_unprotected_via_PEM(const char *type, EVP_PKEY *key, int fips) { return test_encode_decode(__FILE__, __LINE__, type, key, OSSL_KEYMGMT_SELECT_KEYPAIR @@ -555,7 +567,7 @@ static int test_unprotected_via_PEM(const char *type, EVP_PKEY *key) "PEM", "PrivateKeyInfo", NULL, NULL, encode_EVP_PKEY_prov, decode_EVP_PKEY_prov, test_text, check_unprotected_PKCS8_PEM, - dump_pem, 0); + dump_pem, fips ? 0 : FLAG_FAIL_IF_FIPS); } #ifndef OPENSSL_NO_KEYPARAMS @@ -702,7 +714,7 @@ static int check_protected_PKCS8_DER(const char *file, const int line, return ok; } -static int test_protected_via_DER(const char *type, EVP_PKEY *key) +static int test_protected_via_DER(const char *type, EVP_PKEY *key, int fips) { return test_encode_decode(__FILE__, __LINE__, type, key, OSSL_KEYMGMT_SELECT_KEYPAIR @@ -711,7 +723,7 @@ static int test_protected_via_DER(const char *type, EVP_PKEY *key) pass, pass_cipher, encode_EVP_PKEY_prov, decode_EVP_PKEY_prov, test_mem, check_protected_PKCS8_DER, - dump_der, 0); + dump_der, fips ? 0 : FLAG_FAIL_IF_FIPS); } static int check_protected_PKCS8_PEM(const char *file, const int line, @@ -725,7 +737,7 @@ static int check_protected_PKCS8_PEM(const char *file, const int line, sizeof(expected_pem_header) - 1); } -static int test_protected_via_PEM(const char *type, EVP_PKEY *key) +static int test_protected_via_PEM(const char *type, EVP_PKEY *key, int fips) { return test_encode_decode(__FILE__, __LINE__, type, key, OSSL_KEYMGMT_SELECT_KEYPAIR @@ -734,7 +746,7 @@ static int test_protected_via_PEM(const char *type, EVP_PKEY *key) pass, pass_cipher, encode_EVP_PKEY_prov, decode_EVP_PKEY_prov, test_text, check_protected_PKCS8_PEM, - dump_pem, 0); + dump_pem, fips ? 0 : FLAG_FAIL_IF_FIPS); } static int check_protected_legacy_PEM(const char *file, const int line, @@ -795,14 +807,15 @@ static int check_public_DER(const char *file, const int line, return ok; } -static int test_public_via_DER(const char *type, EVP_PKEY *key) +static int test_public_via_DER(const char *type, EVP_PKEY *key, int fips) { return test_encode_decode(__FILE__, __LINE__, type, key, OSSL_KEYMGMT_SELECT_PUBLIC_KEY | OSSL_KEYMGMT_SELECT_ALL_PARAMETERS, "DER", "SubjectPublicKeyInfo", NULL, NULL, encode_EVP_PKEY_prov, decode_EVP_PKEY_prov, - test_mem, check_public_DER, dump_der, 0); + test_mem, check_public_DER, dump_der, + fips ? 0 : FLAG_FAIL_IF_FIPS); } static int check_public_PEM(const char *file, const int line, @@ -816,14 +829,15 @@ static int check_public_PEM(const char *file, const int line, sizeof(expected_pem_header) - 1); } -static int test_public_via_PEM(const char *type, EVP_PKEY *key) +static int test_public_via_PEM(const char *type, EVP_PKEY *key, int fips) { return test_encode_decode(__FILE__, __LINE__, type, key, OSSL_KEYMGMT_SELECT_PUBLIC_KEY | OSSL_KEYMGMT_SELECT_ALL_PARAMETERS, "PEM", "SubjectPublicKeyInfo", NULL, NULL, encode_EVP_PKEY_prov, decode_EVP_PKEY_prov, - test_text, check_public_PEM, dump_pem, 0); + test_text, check_public_PEM, dump_pem, + fips ? 0 : FLAG_FAIL_IF_FIPS); } static int check_public_MSBLOB(const char *file, const int line, @@ -868,30 +882,30 @@ static int test_public_via_MSBLOB(const char *type, EVP_PKEY *key) EVP_PKEY_free(template_##KEYTYPE); \ EVP_PKEY_free(key_##KEYTYPE) -#define IMPLEMENT_TEST_SUITE(KEYTYPE, KEYTYPEstr) \ +#define IMPLEMENT_TEST_SUITE(KEYTYPE, KEYTYPEstr, fips) \ static int test_unprotected_##KEYTYPE##_via_DER(void) \ { \ - return test_unprotected_via_DER(KEYTYPEstr, key_##KEYTYPE); \ + return test_unprotected_via_DER(KEYTYPEstr, key_##KEYTYPE, fips); \ } \ static int test_unprotected_##KEYTYPE##_via_PEM(void) \ { \ - return test_unprotected_via_PEM(KEYTYPEstr, key_##KEYTYPE); \ + return test_unprotected_via_PEM(KEYTYPEstr, key_##KEYTYPE, fips); \ } \ static int test_protected_##KEYTYPE##_via_DER(void) \ { \ - return test_protected_via_DER(KEYTYPEstr, key_##KEYTYPE); \ + return test_protected_via_DER(KEYTYPEstr, key_##KEYTYPE, fips); \ } \ static int test_protected_##KEYTYPE##_via_PEM(void) \ { \ - return test_protected_via_PEM(KEYTYPEstr, key_##KEYTYPE); \ + return test_protected_via_PEM(KEYTYPEstr, key_##KEYTYPE, fips); \ } \ static int test_public_##KEYTYPE##_via_DER(void) \ { \ - return test_public_via_DER(KEYTYPEstr, key_##KEYTYPE); \ + return test_public_via_DER(KEYTYPEstr, key_##KEYTYPE, fips); \ } \ static int test_public_##KEYTYPE##_via_PEM(void) \ { \ - return test_public_via_PEM(KEYTYPEstr, key_##KEYTYPE); \ + return test_public_via_PEM(KEYTYPEstr, key_##KEYTYPE, fips); \ } #define ADD_TEST_SUITE(KEYTYPE) \ @@ -965,10 +979,10 @@ static int test_public_via_MSBLOB(const char *type, EVP_PKEY *key) #ifndef OPENSSL_NO_DH DOMAIN_KEYS(DH); -IMPLEMENT_TEST_SUITE(DH, "DH") +IMPLEMENT_TEST_SUITE(DH, "DH", 1) IMPLEMENT_TEST_SUITE_PARAMS(DH, "DH") DOMAIN_KEYS(DHX); -IMPLEMENT_TEST_SUITE(DHX, "X9.42 DH") +IMPLEMENT_TEST_SUITE(DHX, "X9.42 DH", 1) IMPLEMENT_TEST_SUITE_PARAMS(DHX, "X9.42 DH") /* * DH has no support for PEM_write_bio_PrivateKey_traditional(), @@ -977,7 +991,7 @@ IMPLEMENT_TEST_SUITE_PARAMS(DHX, "X9.42 DH") #endif #ifndef OPENSSL_NO_DSA DOMAIN_KEYS(DSA); -IMPLEMENT_TEST_SUITE(DSA, "DSA") +IMPLEMENT_TEST_SUITE(DSA, "DSA", 1) IMPLEMENT_TEST_SUITE_PARAMS(DSA, "DSA") IMPLEMENT_TEST_SUITE_LEGACY(DSA, "DSA") IMPLEMENT_TEST_SUITE_MSBLOB(DSA, "DSA") @@ -988,41 +1002,41 @@ IMPLEMENT_TEST_SUITE_PROTECTED_PVK(DSA, "DSA") #endif #ifndef OPENSSL_NO_EC DOMAIN_KEYS(EC); -IMPLEMENT_TEST_SUITE(EC, "EC") +IMPLEMENT_TEST_SUITE(EC, "EC", 1) IMPLEMENT_TEST_SUITE_PARAMS(EC, "EC") IMPLEMENT_TEST_SUITE_LEGACY(EC, "EC") DOMAIN_KEYS(ECExplicitPrimeNamedCurve); -IMPLEMENT_TEST_SUITE(ECExplicitPrimeNamedCurve, "EC") +IMPLEMENT_TEST_SUITE(ECExplicitPrimeNamedCurve, "EC", 1) IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitPrimeNamedCurve, "EC") /*DOMAIN_KEYS(ECExplicitPrime2G);*/ -/*IMPLEMENT_TEST_SUITE(ECExplicitPrime2G, "EC")*/ +/*IMPLEMENT_TEST_SUITE(ECExplicitPrime2G, "EC", 0)*/ /*IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitPrime2G, "EC")*/ # ifndef OPENSSL_NO_EC2M DOMAIN_KEYS(ECExplicitTriNamedCurve); -IMPLEMENT_TEST_SUITE(ECExplicitTriNamedCurve, "EC") +IMPLEMENT_TEST_SUITE(ECExplicitTriNamedCurve, "EC", 1) IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitTriNamedCurve, "EC") DOMAIN_KEYS(ECExplicitTri2G); -IMPLEMENT_TEST_SUITE(ECExplicitTri2G, "EC") +IMPLEMENT_TEST_SUITE(ECExplicitTri2G, "EC", 0) IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitTri2G, "EC") # endif KEYS(ED25519); -IMPLEMENT_TEST_SUITE(ED25519, "ED25519") +IMPLEMENT_TEST_SUITE(ED25519, "ED25519", 1) KEYS(ED448); -IMPLEMENT_TEST_SUITE(ED448, "ED448") +IMPLEMENT_TEST_SUITE(ED448, "ED448", 1) KEYS(X25519); -IMPLEMENT_TEST_SUITE(X25519, "X25519") +IMPLEMENT_TEST_SUITE(X25519, "X25519", 1) KEYS(X448); -IMPLEMENT_TEST_SUITE(X448, "X448") +IMPLEMENT_TEST_SUITE(X448, "X448", 1) /* * ED25519, ED448, X25519 and X448 have no support for * PEM_write_bio_PrivateKey_traditional(), so no legacy tests. */ #endif KEYS(RSA); -IMPLEMENT_TEST_SUITE(RSA, "RSA") +IMPLEMENT_TEST_SUITE(RSA, "RSA", 1) IMPLEMENT_TEST_SUITE_LEGACY(RSA, "RSA") KEYS(RSA_PSS); -IMPLEMENT_TEST_SUITE(RSA_PSS, "RSA-PSS") +IMPLEMENT_TEST_SUITE(RSA_PSS, "RSA-PSS", 1) /* * RSA-PSS has no support for PEM_write_bio_PrivateKey_traditional(), * so no legacy tests.