forked from rpms/openssl
Refactor OpenSSL fips module MAC verification
Resolves: rhbz#2157965
This commit is contained in:
parent
c0667361a5
commit
b19d91aec3
@ -1,7 +1,7 @@
|
|||||||
diff -up openssl-3.0.0/providers/fips/self_test.c.embed-hmac openssl-3.0.0/providers/fips/self_test.c
|
diff -up openssl-3.0.7/providers/fips/self_test.c.embed-hmac openssl-3.0.7/providers/fips/self_test.c
|
||||||
--- openssl-3.0.0/providers/fips/self_test.c.embed-hmac 2021-11-16 13:57:05.127171056 +0100
|
--- openssl-3.0.7/providers/fips/self_test.c.embed-hmac 2023-01-05 10:03:44.864869710 +0100
|
||||||
+++ openssl-3.0.0/providers/fips/self_test.c 2021-11-16 14:07:21.963412455 +0100
|
+++ openssl-3.0.7/providers/fips/self_test.c 2023-01-05 10:15:17.041606472 +0100
|
||||||
@@ -171,11 +171,27 @@ DEP_FINI_ATTRIBUTE void cleanup(void)
|
@@ -172,11 +172,27 @@ DEP_FINI_ATTRIBUTE void cleanup(void)
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
@ -29,13 +29,7 @@ diff -up openssl-3.0.0/providers/fips/self_test.c.embed-hmac openssl-3.0.0/provi
|
|||||||
static int verify_integrity(OSSL_CORE_BIO *bio, OSSL_FUNC_BIO_read_ex_fn read_ex_cb,
|
static int verify_integrity(OSSL_CORE_BIO *bio, OSSL_FUNC_BIO_read_ex_fn read_ex_cb,
|
||||||
unsigned char *expected, size_t expected_len,
|
unsigned char *expected, size_t expected_len,
|
||||||
OSSL_LIB_CTX *libctx, OSSL_SELF_TEST *ev,
|
OSSL_LIB_CTX *libctx, OSSL_SELF_TEST *ev,
|
||||||
@@ -183,14 +199,26 @@ static int verify_integrity(OSSL_CORE_BI
|
@@ -189,9 +205,20 @@ static int verify_integrity(OSSL_CORE_BI
|
||||||
{
|
|
||||||
int ret = 0, status;
|
|
||||||
unsigned char out[MAX_MD_SIZE];
|
|
||||||
- unsigned char buf[INTEGRITY_BUF_SIZE];
|
|
||||||
+ unsigned char buf[INTEGRITY_BUF_SIZE+HMAC_LEN];
|
|
||||||
size_t bytes_read = 0, out_len = 0;
|
|
||||||
EVP_MAC *mac = NULL;
|
EVP_MAC *mac = NULL;
|
||||||
EVP_MAC_CTX *ctx = NULL;
|
EVP_MAC_CTX *ctx = NULL;
|
||||||
OSSL_PARAM params[2], *p = params;
|
OSSL_PARAM params[2], *p = params;
|
||||||
@ -44,7 +38,6 @@ diff -up openssl-3.0.0/providers/fips/self_test.c.embed-hmac openssl-3.0.0/provi
|
|||||||
+ struct link_map *lm = NULL;
|
+ struct link_map *lm = NULL;
|
||||||
+ unsigned long paddr;
|
+ unsigned long paddr;
|
||||||
+ unsigned long off = 0;
|
+ unsigned long off = 0;
|
||||||
+ int have_rest = 0;
|
|
||||||
|
|
||||||
OSSL_SELF_TEST_onbegin(ev, event_type, OSSL_SELF_TEST_DESC_INTEGRITY_HMAC);
|
OSSL_SELF_TEST_onbegin(ev, event_type, OSSL_SELF_TEST_DESC_INTEGRITY_HMAC);
|
||||||
|
|
||||||
@ -57,64 +50,52 @@ diff -up openssl-3.0.0/providers/fips/self_test.c.embed-hmac openssl-3.0.0/provi
|
|||||||
mac = EVP_MAC_fetch(libctx, MAC_NAME, NULL);
|
mac = EVP_MAC_fetch(libctx, MAC_NAME, NULL);
|
||||||
if (mac == NULL)
|
if (mac == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
@@ -204,12 +233,53 @@ static int verify_integrity(OSSL_CORE_BI
|
@@ -205,13 +233,42 @@ static int verify_integrity(OSSL_CORE_BI
|
||||||
if (!EVP_MAC_init(ctx, fixed_key, sizeof(fixed_key), params))
|
if (!EVP_MAC_init(ctx, fixed_key, sizeof(fixed_key), params))
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
+ status = read_ex_cb(bio, buf, HMAC_LEN, &bytes_read);
|
- while (1) {
|
||||||
+ if (status != 1 || bytes_read != HMAC_LEN)
|
|
||||||
+ goto err;
|
|
||||||
+ off += HMAC_LEN;
|
|
||||||
+
|
|
||||||
while (1) {
|
|
||||||
- status = read_ex_cb(bio, buf, sizeof(buf), &bytes_read);
|
- status = read_ex_cb(bio, buf, sizeof(buf), &bytes_read);
|
||||||
- if (status != 1)
|
+ while ((off + INTEGRITY_BUF_SIZE) <= paddr) {
|
||||||
+ status = read_ex_cb(bio, buf+HMAC_LEN, INTEGRITY_BUF_SIZE, &bytes_read);
|
+ status = read_ex_cb(bio, buf, INTEGRITY_BUF_SIZE, &bytes_read);
|
||||||
+ if (status != 1) {
|
if (status != 1)
|
||||||
+ have_rest = 1;
|
break;
|
||||||
+ break;
|
if (!EVP_MAC_update(ctx, buf, bytes_read))
|
||||||
+ }
|
goto err;
|
||||||
+
|
|
||||||
+ if (bytes_read == INTEGRITY_BUF_SIZE) { /* Full block */
|
|
||||||
+ /* Logic:
|
|
||||||
+ * We have HMAC_LEN (read before) + INTEGRITY_BUF_SIZE (read now) in buffer
|
|
||||||
+ * We calculate HMAC from first INTEGRITY_BUF_SIZE bytes
|
|
||||||
+ * and move last HMAC_LEN bytes to the beginning of the buffer
|
|
||||||
+ *
|
|
||||||
+ * If we have read (a part of) buffer fips_hmac_container
|
|
||||||
+ * we should replace it with zeros.
|
|
||||||
+ * If it is inside our current buffer, we will update now.
|
|
||||||
+ * If it intersects the upper bound, we will clean up on the next step.
|
|
||||||
+ */
|
|
||||||
+ if (off - HMAC_LEN <= paddr && paddr <= off + bytes_read)
|
|
||||||
+ memset (buf + HMAC_LEN + paddr - off, 0, HMAC_LEN);
|
|
||||||
+ off += bytes_read;
|
+ off += bytes_read;
|
||||||
|
}
|
||||||
+
|
+
|
||||||
|
+ if (off + INTEGRITY_BUF_SIZE > paddr) {
|
||||||
|
+ int delta = paddr - off;
|
||||||
|
+ status = read_ex_cb(bio, buf, delta, &bytes_read);
|
||||||
|
+ if (status != 1)
|
||||||
|
+ goto err;
|
||||||
+ if (!EVP_MAC_update(ctx, buf, bytes_read))
|
+ if (!EVP_MAC_update(ctx, buf, bytes_read))
|
||||||
+ goto err;
|
+ goto err;
|
||||||
+ memcpy (buf, buf+INTEGRITY_BUF_SIZE, HMAC_LEN);
|
+ off += bytes_read;
|
||||||
+ } else { /* Final block */
|
+
|
||||||
+ /* Logic is basically the same as in previous branch
|
+ status = read_ex_cb(bio, buf, HMAC_LEN, &bytes_read);
|
||||||
+ * but we calculate HMAC from HMAC_LEN (rest of previous step)
|
+ memset(buf, 0, HMAC_LEN);
|
||||||
+ * and bytes_read read on this step
|
+ if (status != 1)
|
||||||
+ * */
|
+ goto err;
|
||||||
+ if (off - HMAC_LEN <= paddr && paddr <= off + bytes_read)
|
+ if (!EVP_MAC_update(ctx, buf, bytes_read))
|
||||||
+ memset (buf + HMAC_LEN + paddr - off, 0, HMAC_LEN);
|
|
||||||
+ if (!EVP_MAC_update(ctx, buf, bytes_read+HMAC_LEN))
|
|
||||||
+ goto err;
|
+ goto err;
|
||||||
+ off += bytes_read;
|
+ off += bytes_read;
|
||||||
break;
|
|
||||||
- if (!EVP_MAC_update(ctx, buf, bytes_read))
|
|
||||||
+ }
|
+ }
|
||||||
|
+
|
||||||
|
+ while (bytes_read > 0) {
|
||||||
|
+ status = read_ex_cb(bio, buf, INTEGRITY_BUF_SIZE, &bytes_read);
|
||||||
|
+ if (status != 1)
|
||||||
|
+ break;
|
||||||
|
+ if (!EVP_MAC_update(ctx, buf, bytes_read))
|
||||||
|
+ goto err;
|
||||||
|
+ off += bytes_read;
|
||||||
+ }
|
+ }
|
||||||
+ if (have_rest) {
|
+
|
||||||
+ if (!EVP_MAC_update(ctx, buf, HMAC_LEN))
|
|
||||||
goto err;
|
|
||||||
+ off += HMAC_LEN;
|
|
||||||
}
|
|
||||||
if (!EVP_MAC_final(ctx, out, &out_len, sizeof(out)))
|
if (!EVP_MAC_final(ctx, out, &out_len, sizeof(out)))
|
||||||
goto err;
|
goto err;
|
||||||
@@ -284,8 +358,7 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS
|
|
||||||
|
@@ -285,8 +342,7 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS
|
||||||
CRYPTO_THREAD_unlock(fips_state_lock);
|
CRYPTO_THREAD_unlock(fips_state_lock);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -124,7 +105,7 @@ diff -up openssl-3.0.0/providers/fips/self_test.c.embed-hmac openssl-3.0.0/provi
|
|||||||
ERR_raise(ERR_LIB_PROV, PROV_R_MISSING_CONFIG_DATA);
|
ERR_raise(ERR_LIB_PROV, PROV_R_MISSING_CONFIG_DATA);
|
||||||
goto end;
|
goto end;
|
||||||
}
|
}
|
||||||
@@ -294,8 +367,9 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS
|
@@ -305,8 +361,9 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS
|
||||||
if (ev == NULL)
|
if (ev == NULL)
|
||||||
goto end;
|
goto end;
|
||||||
|
|
||||||
@ -136,7 +117,7 @@ diff -up openssl-3.0.0/providers/fips/self_test.c.embed-hmac openssl-3.0.0/provi
|
|||||||
if (module_checksum == NULL) {
|
if (module_checksum == NULL) {
|
||||||
ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_CONFIG_DATA);
|
ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_CONFIG_DATA);
|
||||||
goto end;
|
goto end;
|
||||||
@@ -357,7 +431,6 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS
|
@@ -356,7 +413,6 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS
|
||||||
ok = 1;
|
ok = 1;
|
||||||
end:
|
end:
|
||||||
OSSL_SELF_TEST_free(ev);
|
OSSL_SELF_TEST_free(ev);
|
||||||
|
@ -29,7 +29,7 @@ print(string.sub(hash, 0, 16))
|
|||||||
Summary: Utilities from the general purpose cryptography library with TLS implementation
|
Summary: Utilities from the general purpose cryptography library with TLS implementation
|
||||||
Name: openssl
|
Name: openssl
|
||||||
Version: 3.0.7
|
Version: 3.0.7
|
||||||
Release: 2%{?dist}
|
Release: 3%{?dist}
|
||||||
Epoch: 1
|
Epoch: 1
|
||||||
# We have to remove certain patented algorithms from the openssl source
|
# We have to remove certain patented algorithms from the openssl source
|
||||||
# tarball with the hobble-openssl script which is included below.
|
# tarball with the hobble-openssl script which is included below.
|
||||||
@ -484,6 +484,10 @@ install -m644 %{SOURCE9} \
|
|||||||
%ldconfig_scriptlets libs
|
%ldconfig_scriptlets libs
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Thu Jan 05 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.7-3
|
||||||
|
- Refactor OpenSSL fips module MAC verification
|
||||||
|
Resolves: rhbz#2157965
|
||||||
|
|
||||||
* Thu Nov 24 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.7-2
|
* Thu Nov 24 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.7-2
|
||||||
- Various provider-related imrovements necessary for PKCS#11 provider correct operations
|
- Various provider-related imrovements necessary for PKCS#11 provider correct operations
|
||||||
Resolves: rhbz#2142517
|
Resolves: rhbz#2142517
|
||||||
|
Loading…
Reference in New Issue
Block a user