From 9df33eabbe577b69c34138f869aa7582c5e56716 Mon Sep 17 00:00:00 2001
From: Dmitry Belyavskiy <dbelyavs@redhat.com>
Date: Wed, 19 Jan 2022 13:40:57 +0100
Subject: [PATCH] KATS self-tests should run before HMAC verifcation

Related: rhbz#2041994
---
 0047-FIPS-early-KATS.patch | 39 ++++++++++++++++++++++++++++++++++++++
 openssl.spec               |  9 ++++++++-
 2 files changed, 47 insertions(+), 1 deletion(-)
 create mode 100644 0047-FIPS-early-KATS.patch

diff --git a/0047-FIPS-early-KATS.patch b/0047-FIPS-early-KATS.patch
new file mode 100644
index 0000000..ef2d081
--- /dev/null
+++ b/0047-FIPS-early-KATS.patch
@@ -0,0 +1,39 @@
+diff -up openssl-3.0.1/providers/fips/self_test.c.earlykats openssl-3.0.1/providers/fips/self_test.c
+--- openssl-3.0.1/providers/fips/self_test.c.earlykats	2022-01-19 13:10:00.635830783 +0100
++++ openssl-3.0.1/providers/fips/self_test.c	2022-01-19 13:11:43.309342656 +0100
+@@ -362,6 +362,16 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS
+     if (ev == NULL)
+         goto end;
+ 
++    /*
++     * Run the KAT's before HMAC verification according to FIPS-140-3 requirements
++     */
++    if (kats_already_passed == 0) {
++        if (!SELF_TEST_kats(ev, st->libctx)) {
++            ERR_raise(ERR_LIB_PROV, PROV_R_SELF_TEST_KAT_FAILURE);
++            goto end;
++        }
++    }
++
+     module_checksum = fips_hmac_container;
+     checksum_len = sizeof(fips_hmac_container);
+ 
+@@ -411,18 +421,6 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS
+             kats_already_passed = 1;
+         }
+     }
+-
+-    /*
+-     * Only runs the KAT's during installation OR on_demand().
+-     * NOTE: If the installation option 'self_test_onload' is chosen then this
+-     * path will always be run, since kats_already_passed will always be 0.
+-     */
+-    if (on_demand_test || kats_already_passed == 0) {
+-        if (!SELF_TEST_kats(ev, st->libctx)) {
+-            ERR_raise(ERR_LIB_PROV, PROV_R_SELF_TEST_KAT_FAILURE);
+-            goto end;
+-        }
+-    }
+     ok = 1;
+ end:
+     OSSL_SELF_TEST_free(ev);
diff --git a/openssl.spec b/openssl.spec
index b225efe..2cc2b70 100644
--- a/openssl.spec
+++ b/openssl.spec
@@ -15,7 +15,7 @@
 Summary: Utilities from the general purpose cryptography library with TLS implementation
 Name: openssl
 Version: 3.0.1
-Release: 2%{?dist}
+Release: 3%{?dist}
 Epoch: 1
 # We have to remove certain patented algorithms from the openssl source
 # tarball with the hobble-openssl script which is included below.
@@ -69,6 +69,8 @@ Patch35: 0035-speed-skip-unavailable-dgst.patch
 Patch45: 0045-FIPS-services-minimize.patch
 # Enable SHA1 HMAC in FIPS mode
 Patch46: 0046-FIPS-permitsha1-hmac.patch
+# Execute KATS before HMAC verification
+Patch47: 0047-FIPS-early-KATS.patch
 
 License: ASL 2.0
 URL: http://www.openssl.org/
@@ -396,6 +398,11 @@ install -m644 %{SOURCE9} \
 %ldconfig_scriptlets libs
 
 %changelog
+* Fri Jan 21 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.1-3
+- KATS tests should be executed before HMAC verification
+- Restoring fips=yes for SHA1
+- Related: rhbz#2026445, rhbz#2041994
+
 * Thu Jan 20 2022 Sahana Prasad <sahana@redhat.com> - 1:3.0.1-2
 - Add enable-buildtest-c++ to the configure options.
 - Related: rhbz#1990814