diff --git a/0113-asymciphers-kem-Add-explicit-FIPS-indicator.patch b/0113-asymciphers-kem-Add-explicit-FIPS-indicator.patch index 23777c1..4c648d8 100644 --- a/0113-asymciphers-kem-Add-explicit-FIPS-indicator.patch +++ b/0113-asymciphers-kem-Add-explicit-FIPS-indicator.patch @@ -21,9 +21,9 @@ Signed-off-by: Clemens Lang --- include/openssl/core_names.h | 2 ++ include/openssl/evp.h | 4 +++ - .../implementations/asymciphers/rsa_enc.c | 31 +++++++++++++++++++ - providers/implementations/kem/rsa_kem.c | 30 +++++++++++++++++- - 4 files changed, 66 insertions(+), 1 deletion(-) + .../implementations/asymciphers/rsa_enc.c | 24 +++++++++++++++ + providers/implementations/kem/rsa_kem.c | 30 ++++++++++++++++++- + 4 files changed, 59 insertions(+), 1 deletion(-) diff --git a/include/openssl/core_names.h b/include/openssl/core_names.h index 832502a034..e15d208421 100644 @@ -61,10 +61,10 @@ index ec2ba46fbd..3803b03422 100644 const char *properties); int EVP_KEYMGMT_up_ref(EVP_KEYMGMT *keymgmt); diff --git a/providers/implementations/asymciphers/rsa_enc.c b/providers/implementations/asymciphers/rsa_enc.c -index 568452ec56..0a9adb4056 100644 +index 568452ec56..2e7ea632d7 100644 --- a/providers/implementations/asymciphers/rsa_enc.c +++ b/providers/implementations/asymciphers/rsa_enc.c -@@ -399,6 +399,34 @@ static int rsa_get_ctx_params(void *vprsactx, OSSL_PARAM *params) +@@ -399,6 +399,27 @@ static int rsa_get_ctx_params(void *vprsactx, OSSL_PARAM *params) if (p != NULL && !OSSL_PARAM_set_uint(p, prsactx->alt_version)) return 0; @@ -73,23 +73,16 @@ index 568452ec56..0a9adb4056 100644 + if (p != NULL) { + int fips_indicator = EVP_PKEY_REDHAT_FIPS_INDICATOR_APPROVED; + -+ if (prsactx->operation == EVP_PKEY_OP_ENCRYPT) { -+ /* NIST SP 800-56Br2 section 6.4.2.1 requires either explicit key -+ * confirmation (section 6.4.2.3.2), or assurance from a trusted -+ * third party (section 6.4.2.3.1) for the KTS-OAEP key transport -+ * scheme, but explicit key confirmation is not implemented here -+ * and cannot be implemented without protocol changes, and the FIPS -+ * provider does not implement trusted third party validation, -+ * since it relies on its callers to do that. We must thus mark -+ * RSA-OAEP as unapproved until we have received clarification from -+ * NIST on how library modules such as OpenSSL should implement TTP -+ * validation. -+ * -+ * This does not affect decryption, because it is approved as -+ * a component according to the FIPS 140-3 IG, section 2.4.G. -+ */ -+ fips_indicator = EVP_PKEY_REDHAT_FIPS_INDICATOR_NOT_APPROVED; -+ } ++ /* NIST SP 800-56Br2 section 6.4.2.1 requires either explicit key ++ * confirmation (section 6.4.2.3.2), or assurance from a trusted third ++ * party (section 6.4.2.3.1) for the KTS-OAEP key transport scheme, but ++ * explicit key confirmation is not implemented here and cannot be ++ * implemented without protocol changes, and the FIPS provider does not ++ * implement trusted third party validation, since it relies on its ++ * callers to do that. We must thus mark RSA-OAEP as unapproved until ++ * we have received clarification from NIST on how library modules such ++ * as OpenSSL should implement TTP validation. */ ++ fips_indicator = EVP_PKEY_REDHAT_FIPS_INDICATOR_NOT_APPROVED; + + if (!OSSL_PARAM_set_int(p, fips_indicator)) + return 0; diff --git a/openssl.spec b/openssl.spec index b335440..3b0de37 100644 --- a/openssl.spec +++ b/openssl.spec @@ -29,7 +29,7 @@ print(string.sub(hash, 0, 16)) Summary: Utilities from the general purpose cryptography library with TLS implementation Name: openssl Version: 3.0.7 -Release: 11%{?dist} +Release: 12%{?dist} Epoch: 1 # We have to remove certain patented algorithms from the openssl source # tarball with the hobble-openssl script which is included below. @@ -507,6 +507,10 @@ install -m644 %{SOURCE9} \ %ldconfig_scriptlets libs %changelog +* Fri Mar 24 2023 Clemens Lang - 1:3.0.7-12 +- Change explicit FIPS indicator for RSA decryption to unapproved + Resolves: rhbz#2179379 + * Mon Mar 20 2023 Clemens Lang - 1:3.0.7-11 - Add missing reference to patchfile to add explicit FIPS indicator to RSA encryption and RSASVE and fix the gettable parameter list for the RSA