From 53b85f538ce686d9753c04f4ac7a75d117b8f32e Mon Sep 17 00:00:00 2001 From: Dmitry Belyavskiy Date: Tue, 22 Feb 2022 15:20:01 +0100 Subject: [PATCH] OpenSSL will generate keys with prime192v1 curve if it is provided using explicit parameters Resolves: rhbz#1977867 --- 0012-Disable-explicit-ec.patch | 40 +++++++++++++++++++ ...patch => 0050-FIPS-enable-pkcs12-mac.patch | 0 ectest.c | 4 +- openssl.spec | 13 +++++- 4 files changed, 54 insertions(+), 3 deletions(-) create mode 100644 0012-Disable-explicit-ec.patch rename 0049-FIPS-enable-pkcs12-mac.patch => 0050-FIPS-enable-pkcs12-mac.patch (100%) diff --git a/0012-Disable-explicit-ec.patch b/0012-Disable-explicit-ec.patch new file mode 100644 index 0000000..3b3e821 --- /dev/null +++ b/0012-Disable-explicit-ec.patch @@ -0,0 +1,40 @@ +diff -up openssl-3.0.1/crypto/ec/ec_lib.c.disable_explicit_ec openssl-3.0.1/crypto/ec/ec_lib.c +--- openssl-3.0.1/crypto/ec/ec_lib.c.disable_explicit_ec 2022-02-22 09:08:48.557823665 +0100 ++++ openssl-3.0.1/crypto/ec/ec_lib.c 2022-02-22 09:09:26.634133847 +0100 +@@ -1458,7 +1458,7 @@ static EC_GROUP *ec_group_explicit_to_na + goto err; + } + } else { +- ret_group = (EC_GROUP *)group; ++ goto err; + } + EC_GROUP_free(dup); + return ret_group; +diff -up openssl-3.0.1/providers/implementations/keymgmt/ec_kmgmt.c.disable_explicit_ec openssl-3.0.1/providers/implementations/keymgmt/ec_kmgmt.c +--- openssl-3.0.1/providers/implementations/keymgmt/ec_kmgmt.c.disable_explicit_ec 2022-02-22 13:04:16.850856612 +0100 ++++ openssl-3.0.1/providers/implementations/keymgmt/ec_kmgmt.c 2022-02-22 14:16:19.848369641 +0100 +@@ -936,11 +936,8 @@ int ec_validate(const void *keydata, int + if ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) != 0) { + int flags = EC_KEY_get_flags(eck); + +- if ((flags & EC_FLAG_CHECK_NAMED_GROUP) != 0) +- ok = ok && EC_GROUP_check_named_curve(EC_KEY_get0_group(eck), +- (flags & EC_FLAG_CHECK_NAMED_GROUP_NIST) != 0, ctx); +- else +- ok = ok && EC_GROUP_check(EC_KEY_get0_group(eck), ctx); ++ ok = ok && EC_GROUP_check_named_curve(EC_KEY_get0_group(eck), ++ (flags & EC_FLAG_CHECK_NAMED_GROUP_NIST) != 0, ctx); + } + + if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) { +@@ -1217,6 +1214,10 @@ static int ec_gen_assign_group(EC_KEY *e + ERR_raise(ERR_LIB_PROV, PROV_R_NO_PARAMETERS_SET); + return 0; + } ++ if (EC_GROUP_get_curve_name(group) == NID_undef) { ++ ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_CURVE); ++ return 0; ++ } + return EC_KEY_set_group(ec, group) > 0; + } + diff --git a/0049-FIPS-enable-pkcs12-mac.patch b/0050-FIPS-enable-pkcs12-mac.patch similarity index 100% rename from 0049-FIPS-enable-pkcs12-mac.patch rename to 0050-FIPS-enable-pkcs12-mac.patch diff --git a/ectest.c b/ectest.c index 625305c..2ba662f 100644 --- a/ectest.c +++ b/ectest.c @@ -2300,8 +2300,8 @@ int setup_tests(void) ADD_ALL_TESTS(check_ec_key_field_public_range_test, crv_len); ADD_ALL_TESTS(check_named_curve_from_ecparameters, crv_len); ADD_ALL_TESTS(ec_point_hex2point_test, crv_len); - ADD_ALL_TESTS(custom_generator_test, crv_len); - ADD_ALL_TESTS(custom_params_test, crv_len); + /* ADD_ALL_TESTS(custom_generator_test, crv_len); + ADD_ALL_TESTS(custom_params_test, crv_len); */ return 1; } diff --git a/openssl.spec b/openssl.spec index f3acb90..38f26a0 100644 --- a/openssl.spec +++ b/openssl.spec @@ -15,7 +15,7 @@ Summary: Utilities from the general purpose cryptography library with TLS implementation Name: openssl Version: 3.0.1 -Release: 8%{?dist} +Release: 9%{?dist} Epoch: 1 # We have to remove certain patented algorithms from the openssl source # tarball with the hobble-openssl script which is included below. @@ -53,6 +53,9 @@ Patch8: 0008-Add-FIPS_mode-compatibility-macro.patch Patch9: 0009-Add-Kernel-FIPS-mode-flag-support.patch # remove unsupported EC curves Patch11: 0011-Remove-EC-curves.patch +# Disable explicit EC curves +# https://bugzilla.redhat.com/show_bug.cgi?id=1977867 +Patch12: 0012-Disable-explicit-ec.patch # Instructions to load legacy provider in openssl.cnf Patch24: 0024-load-legacy-prov.patch # Tmp: test name change @@ -75,6 +78,8 @@ Patch47: 0047-FIPS-early-KATS.patch Patch48: 0048-correctly-handle-records.patch # Selectively disallow SHA1 signatures Patch49: 0049-Selectively-disallow-SHA1-signatures.patch +# https://bugzilla.redhat.com/show_bug.cgi?id=2049265 +Patch50: 0050-FIPS-enable-pkcs12-mac.patch License: ASL 2.0 URL: http://www.openssl.org/ @@ -405,6 +410,12 @@ install -m644 %{SOURCE9} \ %ldconfig_scriptlets libs %changelog +* Tue Feb 22 2022 Dmitry Belyavskiy - 1:3.0.1-8 +- OpenSSL will generate keys with prime192v1 curve if it is provided using explicit parameters +- Resolves: rhbz#1977867 +- pkcs12 export broken in FIPS mode +- Resolves: rhbz#2049265 + * Tue Feb 22 2022 Clemens Lang - 1:3.0.1-8 - Disable SHA1 signature creation and verification by default - Set rh-allow-sha1-signatures = yes to re-enable