From 07bd81ddaf42b2e82820fd3c3e5f0ae44a740c70 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Mr=C3=A1z?= Date: Mon, 2 Feb 2009 16:46:33 +0000 Subject: [PATCH] - must also verify checksum of libssl.so in the FIPS mode - obtain the seed for FIPS rng directly from the kernel device - drop the temporary symlinks --- openssl-0.9.8j-fips-rng-seed.patch | 67 ++++++++++++++++++++++++++++++ openssl-0.9.8j-use-fipscheck.patch | 38 ++++++++--------- openssl.spec | 31 ++++++-------- 3 files changed, 99 insertions(+), 37 deletions(-) create mode 100644 openssl-0.9.8j-fips-rng-seed.patch diff --git a/openssl-0.9.8j-fips-rng-seed.patch b/openssl-0.9.8j-fips-rng-seed.patch new file mode 100644 index 0000000..0c24d89 --- /dev/null +++ b/openssl-0.9.8j-fips-rng-seed.patch @@ -0,0 +1,67 @@ +diff -up openssl-0.9.8j/crypto/rand/rand_lcl.h.rng-seed openssl-0.9.8j/crypto/rand/rand_lcl.h +--- openssl-0.9.8j/crypto/rand/rand_lcl.h.rng-seed 2009-02-02 13:40:37.000000000 +0100 ++++ openssl-0.9.8j/crypto/rand/rand_lcl.h 2009-02-02 13:50:42.000000000 +0100 +@@ -112,7 +112,7 @@ + #ifndef HEADER_RAND_LCL_H + #define HEADER_RAND_LCL_H + +-#define ENTROPY_NEEDED 32 /* require 256 bits = 32 bytes of randomness */ ++#define ENTROPY_NEEDED 48 /* we need 48 bytes of randomness for FIPS rng */ + + + #if !defined(USE_MD5_RAND) && !defined(USE_SHA1_RAND) && !defined(USE_MDC2_RAND) && !defined(USE_MD2_RAND) +diff -up openssl-0.9.8j/fips/rand/fips_rand.c.rng-seed openssl-0.9.8j/fips/rand/fips_rand.c +--- openssl-0.9.8j/fips/rand/fips_rand.c.rng-seed 2008-09-16 12:12:18.000000000 +0200 ++++ openssl-0.9.8j/fips/rand/fips_rand.c 2009-02-02 14:06:58.000000000 +0100 +@@ -155,7 +155,18 @@ static int fips_set_prng_seed(FIPS_PRNG_ + { + int i; + if (!ctx->keyed) +- return 0; ++ { ++ FIPS_RAND_SIZE_T keylen = 16; ++ ++ if (seedlen - keylen < AES_BLOCK_LENGTH) ++ return 0; ++ if (seedlen - keylen - 8 >= AES_BLOCK_LENGTH) ++ keylen += 8; ++ if (seedlen - keylen - 8 >= AES_BLOCK_LENGTH) ++ keylen += 8; ++ seedlen -= keylen; ++ fips_set_prng_key(ctx, seed+seedlen, keylen); ++ } + /* In test mode seed is just supplied data */ + if (ctx->test_mode) + { +diff -up openssl-0.9.8j/fips/fips.c.rng-seed openssl-0.9.8j/fips/fips.c +--- openssl-0.9.8j/fips/fips.c.rng-seed 2009-02-02 13:40:38.000000000 +0100 ++++ openssl-0.9.8j/fips/fips.c 2009-02-02 13:49:32.000000000 +0100 +@@ -509,22 +509,22 @@ int FIPS_mode_set(int onoff) + goto end; + } + ++ /* now switch into FIPS mode */ ++ fips_set_rand_check(FIPS_rand_method()); ++ RAND_set_rand_method(FIPS_rand_method()); ++ + /* automagically seed PRNG if not already seeded */ + if(!FIPS_rand_status()) + { +- if(RAND_bytes(buf,sizeof buf) <= 0) ++ RAND_poll(); ++ if (!FIPS_rand_status()) + { + fips_selftest_fail = 1; + ret = 0; + goto end; + } +- FIPS_rand_set_key(buf,32); +- FIPS_rand_seed(buf+32,16); + } + +- /* now switch into FIPS mode */ +- fips_set_rand_check(FIPS_rand_method()); +- RAND_set_rand_method(FIPS_rand_method()); + if(FIPS_selftest()) + fips_set_mode(1); + else diff --git a/openssl-0.9.8j-use-fipscheck.patch b/openssl-0.9.8j-use-fipscheck.patch index 6f2eca1..c21075a 100644 --- a/openssl-0.9.8j-use-fipscheck.patch +++ b/openssl-0.9.8j-use-fipscheck.patch @@ -1,8 +1,6 @@ -Use fipscheck compatible way of verification of the integrity of the libcrypto -shared library. diff -up openssl-0.9.8j/test/Makefile.use-fipscheck openssl-0.9.8j/test/Makefile --- openssl-0.9.8j/test/Makefile.use-fipscheck 2008-12-13 13:22:47.000000000 +0100 -+++ openssl-0.9.8j/test/Makefile 2009-01-13 22:49:25.000000000 +0100 ++++ openssl-0.9.8j/test/Makefile 2009-02-02 13:24:36.000000000 +0100 @@ -402,8 +402,7 @@ FIPS_BUILD_CMD=shlib_target=; if [ -n "$ if [ "$(FIPSCANLIB)" = "libfips" ]; then \ LIBRARIES="-L$(TOP) -lfips"; \ @@ -24,8 +22,8 @@ diff -up openssl-0.9.8j/test/Makefile.use-fipscheck openssl-0.9.8j/test/Makefile $(MAKE) -f $(TOP)/Makefile.shared -e \ CC=$${CC} APPNAME=$$target$(EXE_EXT) OBJECTS="$$target.o" \ diff -up openssl-0.9.8j/Makefile.org.use-fipscheck openssl-0.9.8j/Makefile.org ---- openssl-0.9.8j/Makefile.org.use-fipscheck 2009-01-13 22:35:48.000000000 +0100 -+++ openssl-0.9.8j/Makefile.org 2009-01-13 22:35:49.000000000 +0100 +--- openssl-0.9.8j/Makefile.org.use-fipscheck 2009-02-02 13:24:36.000000000 +0100 ++++ openssl-0.9.8j/Makefile.org 2009-02-02 13:24:36.000000000 +0100 @@ -357,10 +357,6 @@ libcrypto$(SHLIB_EXT): libcrypto.a $(SHA $(MAKE) SHLIBDIRS='crypto' SHLIBDEPS='-lfips' build-shared; \ $(AR) libcrypto.a fips/fipscanister.o ; \ @@ -59,7 +57,7 @@ diff -up openssl-0.9.8j/Makefile.org.use-fipscheck openssl-0.9.8j/Makefile.org Makefile: Makefile.org Configure config diff -up openssl-0.9.8j/fips/fips.c.use-fipscheck openssl-0.9.8j/fips/fips.c --- openssl-0.9.8j/fips/fips.c.use-fipscheck 2008-09-16 12:12:09.000000000 +0200 -+++ openssl-0.9.8j/fips/fips.c 2009-01-13 22:35:49.000000000 +0100 ++++ openssl-0.9.8j/fips/fips.c 2009-02-02 13:31:53.000000000 +0100 @@ -47,6 +47,7 @@ * */ @@ -100,7 +98,7 @@ diff -up openssl-0.9.8j/fips/fips.c.use-fipscheck openssl-0.9.8j/fips/fips.c + void *dl, *sym; + int rv = -1; + -+ dl = dlopen(libname, RTLD_NODELETE|RTLD_NOLOAD|RTLD_LAZY); ++ dl = dlopen(libname, RTLD_LAZY); + if (dl == NULL) { + return -1; + } @@ -293,26 +291,28 @@ diff -up openssl-0.9.8j/fips/fips.c.use-fipscheck openssl-0.9.8j/fips/fips.c int FIPS_mode_set(int onoff) { -@@ -280,16 +485,9 @@ int FIPS_mode_set(int onoff) +@@ -280,16 +485,17 @@ int FIPS_mode_set(int onoff) } #endif - if(fips_signature_witness() != FIPS_signature) -- { ++ if(!FIPSCHECK_verify("libcrypto.so." SHLIB_VERSION_NUMBER,"FIPS_mode_set")) + { - FIPSerr(FIPS_F_FIPS_MODE_SET,FIPS_R_CONTRADICTING_EVIDENCE); -- fips_selftest_fail = 1; -- ret = 0; -- goto end; -- } -- ++ FIPSerr(FIPS_F_FIPS_MODE_SET,FIPS_R_FINGERPRINT_DOES_NOT_MATCH); + fips_selftest_fail = 1; + ret = 0; + goto end; + } + - if(!FIPS_check_incore_fingerprint()) -+ if(!FIPSCHECK_verify("libcrypto.so.0.9.8e","FIPS_mode_set")) ++ if(!FIPSCHECK_verify("libssl.so." SHLIB_VERSION_NUMBER,"SSL_CTX_new")) { + FIPSerr(FIPS_F_FIPS_MODE_SET,FIPS_R_FINGERPRINT_DOES_NOT_MATCH); fips_selftest_fail = 1; ret = 0; goto end; -@@ -405,11 +603,13 @@ int fips_clear_owning_thread(void) +@@ -405,11 +611,13 @@ int fips_clear_owning_thread(void) return ret; } @@ -327,8 +327,8 @@ diff -up openssl-0.9.8j/fips/fips.c.use-fipscheck openssl-0.9.8j/fips/fips.c /* Generalized public key test routine. Signs and verifies the data * supplied in tbs using mesage digest md and setting option digest diff -up openssl-0.9.8j/fips/Makefile.use-fipscheck openssl-0.9.8j/fips/Makefile ---- openssl-0.9.8j/fips/Makefile.use-fipscheck 2009-01-13 22:35:49.000000000 +0100 -+++ openssl-0.9.8j/fips/Makefile 2009-01-13 22:36:15.000000000 +0100 +--- openssl-0.9.8j/fips/Makefile.use-fipscheck 2009-02-02 13:24:36.000000000 +0100 ++++ openssl-0.9.8j/fips/Makefile 2009-02-02 13:24:36.000000000 +0100 @@ -62,9 +62,9 @@ testapps: all: @@ -371,7 +371,7 @@ diff -up openssl-0.9.8j/fips/Makefile.use-fipscheck openssl-0.9.8j/fips/Makefile @target=lint; $(RECURSIVE_MAKE) diff -up openssl-0.9.8j/fips/fips_locl.h.use-fipscheck openssl-0.9.8j/fips/fips_locl.h --- openssl-0.9.8j/fips/fips_locl.h.use-fipscheck 2008-09-16 12:12:10.000000000 +0200 -+++ openssl-0.9.8j/fips/fips_locl.h 2009-01-13 22:35:49.000000000 +0100 ++++ openssl-0.9.8j/fips/fips_locl.h 2009-02-02 13:24:36.000000000 +0100 @@ -63,7 +63,9 @@ int fips_is_owning_thread(void); int fips_set_owning_thread(void); void fips_set_selftest_fail(void); diff --git a/openssl.spec b/openssl.spec index 94e3a34..4091bf8 100644 --- a/openssl.spec +++ b/openssl.spec @@ -23,7 +23,7 @@ Summary: A general purpose cryptography library with TLS implementation Name: openssl Version: 0.9.8j -Release: 6%{?dist} +Release: 7%{?dist} # We remove certain patented algorithms from the openssl source tarball # with the hobble-openssl script which is included below. Source: openssl-%{version}-usa.tar.bz2 @@ -64,6 +64,7 @@ Patch46: openssl-0.9.8j-eap-fast.patch Patch47: openssl-0.9.8j-readme-warning.patch Patch48: openssl-0.9.8j-bad-mime.patch Patch49: openssl-0.9.8j-fips-no-pairwise.patch +Patch50: openssl-0.9.8j-fips-rng-seed.patch # Backported fixes including security fixes License: OpenSSL @@ -74,15 +75,6 @@ BuildRequires: mktemp, krb5-devel, perl, sed, zlib-devel, /usr/bin/cmp BuildRequires: /usr/bin/rename Requires: mktemp, ca-certificates >= 2008-5 -# Temporary hack -Requires(post): /sbin/ldconfig coreutils -Requires(postun): /sbin/ldconfig -%ifarch ppc64 s390x sparc64 x86_64 -Provides: libcrypto.so.7()(64bit) libssl.so.7()(64bit) -%else -Provides: libcrypto.so.7 libssl.so.7 -%endif - %description The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared @@ -147,6 +139,7 @@ from other formats to the formats used by the OpenSSL toolkit. %patch47 -p1 -b .warning %patch48 -p1 -b .bad-mime %patch49 -p1 -b .no-pairwise +%patch50 -p1 -b .rng-seed # Modify the various perl scripts to reference perl in the right location. perl util/perlpath.pl `dirname %{__perl}` @@ -232,6 +225,8 @@ make -C test apps tests %{__os_install_post} \ fips/fips_standalone_sha1 $RPM_BUILD_ROOT/%{_lib}/libcrypto.so.%{version} >$RPM_BUILD_ROOT/%{_lib}/.libcrypto.so.%{version}.hmac \ ln -sf .libcrypto.so.%{version}.hmac $RPM_BUILD_ROOT/%{_lib}/.libcrypto.so.%{soversion}.hmac \ + fips/fips_standalone_sha1 $RPM_BUILD_ROOT/%{_lib}/libssl.so.%{version} >$RPM_BUILD_ROOT/%{_lib}/.libssl.so.%{version}.hmac \ + ln -sf .libssl.so.%{version}.hmac $RPM_BUILD_ROOT/%{_lib}/.libssl.so.%{soversion}.hmac \ %{nil} %install @@ -251,8 +246,6 @@ for lib in $RPM_BUILD_ROOT/%{_lib}/*.so.%{version} ; do chmod 755 ${lib} ln -s -f ../../%{_lib}/`basename ${lib}` $RPM_BUILD_ROOT%{_libdir}/`basename ${lib} .%{version}` ln -s -f `basename ${lib}` $RPM_BUILD_ROOT/%{_lib}/`basename ${lib} .%{version}`.%{soversion} -# temporary hack - ln -s -f `basename ${lib}` $RPM_BUILD_ROOT/%{_lib}/`basename ${lib} .%{version}`.7 rm -f $RPM_BUILD_ROOT%{_libdir}/`basename ${lib} .%{version}`.%{soversion} done @@ -375,8 +368,7 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/fipscanister.* %attr(0755,root,root) /%{_lib}/*.so.%{version} %attr(0755,root,root) /%{_lib}/*.so.%{soversion} %attr(0644,root,root) /%{_lib}/.libcrypto.so.*.hmac -# temporary hack -%attr(0755,root,root) /%{_lib}/*.so.7 +%attr(0644,root,root) /%{_lib}/.libssl.so.*.hmac %attr(0755,root,root) %{_libdir}/openssl %attr(0644,root,root) %{_mandir}/man1*/[ABD-Zabcd-z]* %attr(0644,root,root) %{_mandir}/man5*/* @@ -399,13 +391,16 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/fipscanister.* %{_sysconfdir}/pki/tls/misc/*.pl %endif -%post -/sbin/ldconfig -X +%post -p /sbin/ldconfig -%postun -/sbin/ldconfig -X +%postun -p /sbin/ldconfig %changelog +* Mon Feb 2 2009 Tomas Mraz 0.9.8j-7 +- must also verify checksum of libssl.so in the FIPS mode +- obtain the seed for FIPS rng directly from the kernel device +- drop the temporary symlinks + * Mon Jan 26 2009 Tomas Mraz 0.9.8j-6 - drop the temporary triggerpostun and symlinking in post - fix the pkgconfig files and drop the unnecessary buildrequires