forked from rpms/openssl
Forbid short RSA keys for key encapsulation/decapsulation in FIPS mode
Resolves: rhbz#2145170
This commit is contained in:
parent
80de7ffd9c
commit
5d738bdd7f
32
0090-FIPS-RSA-encapsulate.patch
Normal file
32
0090-FIPS-RSA-encapsulate.patch
Normal file
@ -0,0 +1,32 @@
|
||||
diff -up openssl-3.0.1/providers/implementations/kem/rsa_kem.c.encap openssl-3.0.1/providers/implementations/kem/rsa_kem.c
|
||||
--- openssl-3.0.1/providers/implementations/kem/rsa_kem.c.encap 2022-11-22 12:27:30.994530801 +0100
|
||||
+++ openssl-3.0.1/providers/implementations/kem/rsa_kem.c 2022-11-22 12:32:15.916875495 +0100
|
||||
@@ -264,6 +264,14 @@ static int rsasve_generate(PROV_RSA_CTX
|
||||
*secretlen = nlen;
|
||||
return 1;
|
||||
}
|
||||
+
|
||||
+#ifdef FIPS_MODULE
|
||||
+ if (nlen < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS/8) {
|
||||
+ ERR_raise(ERR_LIB_PROV, PROV_R_KEY_SIZE_TOO_SMALL);
|
||||
+ return 0;
|
||||
+ }
|
||||
+#endif
|
||||
+
|
||||
/*
|
||||
* Step (2): Generate a random byte string z of nlen bytes where
|
||||
* 1 < z < n - 1
|
||||
@@ -307,6 +315,13 @@ static int rsasve_recover(PROV_RSA_CTX *
|
||||
return 1;
|
||||
}
|
||||
|
||||
+#ifdef FIPS_MODULE
|
||||
+ if (nlen < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS/8) {
|
||||
+ ERR_raise(ERR_LIB_PROV, PROV_R_KEY_SIZE_TOO_SMALL);
|
||||
+ return 0;
|
||||
+ }
|
||||
+#endif
|
||||
+
|
||||
/* Step (2): check the input ciphertext 'inlen' matches the nlen */
|
||||
if (inlen != nlen) {
|
||||
ERR_raise(ERR_LIB_PROV, PROV_R_BAD_LENGTH);
|
@ -184,6 +184,8 @@ Patch87: 0087-FIPS-RSA-selftest-params.patch
|
||||
Patch88: 0088-signature-Add-indicator-for-PSS-salt-length.patch
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=2142087
|
||||
Patch89: 0089-signature-Clamp-PSS-salt-len-to-MD-len.patch
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=2144561
|
||||
Patch90: 0090-FIPS-RSA-encapsulate.patch
|
||||
|
||||
License: ASL 2.0
|
||||
URL: http://www.openssl.org/
|
||||
@ -535,6 +537,8 @@ install -m644 %{SOURCE9} \
|
||||
Resolves: rhbz#2144012
|
||||
- Clamp default PSS salt length to digest size for FIPS 186-4 compliance
|
||||
Related: rhbz#2144012
|
||||
- Forbid short RSA keys for key encapsulation/decapsulation in FIPS mode
|
||||
Resolves: rhbz#2145170
|
||||
|
||||
* Tue Nov 01 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.1-43
|
||||
- CVE-2022-3602: X.509 Email Address Buffer Overflow
|
||||
|
Loading…
Reference in New Issue
Block a user