forked from rpms/openssl
e33651f416
This is an automated DistroBaker update from upstream sources. If you do not know what this is about or would like to opt out, contact the OSCI team. Source: https://src.fedoraproject.org/rpms/openssl.git#a07706cf0e50b02a61d3cb10ecad554d4ac4240c
190 lines
6.5 KiB
Diff
190 lines
6.5 KiB
Diff
diff -up openssl-1.1.1i/crypto/fips/fips.c.fips-post-rand openssl-1.1.1i/crypto/fips/fips.c
|
|
--- openssl-1.1.1i/crypto/fips/fips.c.fips-post-rand 2020-12-09 10:26:41.634106328 +0100
|
|
+++ openssl-1.1.1i/crypto/fips/fips.c 2020-12-09 10:26:41.652106475 +0100
|
|
@@ -68,6 +68,7 @@
|
|
|
|
# include <openssl/fips.h>
|
|
# include "internal/thread_once.h"
|
|
+# include "crypto/rand.h"
|
|
|
|
# ifndef PATH_MAX
|
|
# define PATH_MAX 1024
|
|
@@ -76,6 +77,7 @@
|
|
static int fips_selftest_fail = 0;
|
|
static int fips_mode = 0;
|
|
static int fips_started = 0;
|
|
+static int fips_post = 0;
|
|
|
|
static int fips_is_owning_thread(void);
|
|
static int fips_set_owning_thread(void);
|
|
@@ -158,6 +160,11 @@ void fips_set_selftest_fail(void)
|
|
fips_selftest_fail = 1;
|
|
}
|
|
|
|
+int fips_in_post(void)
|
|
+{
|
|
+ return fips_post;
|
|
+}
|
|
+
|
|
/* we implement what libfipscheck does ourselves */
|
|
|
|
static int
|
|
@@ -445,6 +452,8 @@ int FIPS_module_mode_set(int onoff)
|
|
}
|
|
# endif
|
|
|
|
+ fips_post = 1;
|
|
+
|
|
if (!FIPS_selftest()) {
|
|
fips_selftest_fail = 1;
|
|
ret = 0;
|
|
@@ -459,7 +468,12 @@ int FIPS_module_mode_set(int onoff)
|
|
goto end;
|
|
}
|
|
|
|
+ fips_post = 0;
|
|
+
|
|
fips_set_mode(onoff);
|
|
+ /* force RNG reseed with entropy from getrandom() on next call */
|
|
+ rand_force_reseed();
|
|
+
|
|
ret = 1;
|
|
goto end;
|
|
}
|
|
diff -up openssl-1.1.1i/crypto/rand/drbg_lib.c.fips-post-rand openssl-1.1.1i/crypto/rand/drbg_lib.c
|
|
--- openssl-1.1.1i/crypto/rand/drbg_lib.c.fips-post-rand 2020-12-08 14:20:59.000000000 +0100
|
|
+++ openssl-1.1.1i/crypto/rand/drbg_lib.c 2020-12-09 10:26:41.652106475 +0100
|
|
@@ -1005,6 +1005,20 @@ size_t rand_drbg_seedlen(RAND_DRBG *drbg
|
|
return min_entropy > min_entropylen ? min_entropy : min_entropylen;
|
|
}
|
|
|
|
+void rand_force_reseed(void)
|
|
+{
|
|
+ RAND_DRBG *drbg;
|
|
+
|
|
+ drbg = RAND_DRBG_get0_master();
|
|
+ drbg->fork_id = 0;
|
|
+
|
|
+ drbg = RAND_DRBG_get0_private();
|
|
+ drbg->fork_id = 0;
|
|
+
|
|
+ drbg = RAND_DRBG_get0_public();
|
|
+ drbg->fork_id = 0;
|
|
+}
|
|
+
|
|
/* Implements the default OpenSSL RAND_add() method */
|
|
static int drbg_add(const void *buf, int num, double randomness)
|
|
{
|
|
diff -up openssl-1.1.1i/crypto/rand/rand_unix.c.fips-post-rand openssl-1.1.1i/crypto/rand/rand_unix.c
|
|
--- openssl-1.1.1i/crypto/rand/rand_unix.c.fips-post-rand 2020-12-08 14:20:59.000000000 +0100
|
|
+++ openssl-1.1.1i/crypto/rand/rand_unix.c 2020-12-09 10:36:59.531221903 +0100
|
|
@@ -17,10 +17,12 @@
|
|
#include <openssl/crypto.h>
|
|
#include "rand_local.h"
|
|
#include "crypto/rand.h"
|
|
+#include "crypto/fips.h"
|
|
#include <stdio.h>
|
|
#include "internal/dso.h"
|
|
#ifdef __linux
|
|
# include <sys/syscall.h>
|
|
+# include <sys/random.h>
|
|
# ifdef DEVRANDOM_WAIT
|
|
# include <sys/shm.h>
|
|
# include <sys/utsname.h>
|
|
@@ -344,7 +346,7 @@ static ssize_t sysctl_random(char *buf,
|
|
* syscall_random(): Try to get random data using a system call
|
|
* returns the number of bytes returned in buf, or < 0 on error.
|
|
*/
|
|
-static ssize_t syscall_random(void *buf, size_t buflen)
|
|
+static ssize_t syscall_random(void *buf, size_t buflen, int nonblock)
|
|
{
|
|
/*
|
|
* Note: 'buflen' equals the size of the buffer which is used by the
|
|
@@ -369,6 +371,7 @@ static ssize_t syscall_random(void *buf,
|
|
* Note: Sometimes getentropy() can be provided but not implemented
|
|
* internally. So we need to check errno for ENOSYS
|
|
*/
|
|
+# if 0
|
|
# if defined(__GNUC__) && __GNUC__>=2 && defined(__ELF__) && !defined(__hpux)
|
|
extern int getentropy(void *buffer, size_t length) __attribute__((weak));
|
|
|
|
@@ -394,10 +397,10 @@ static ssize_t syscall_random(void *buf,
|
|
if (p_getentropy.p != NULL)
|
|
return p_getentropy.f(buf, buflen) == 0 ? (ssize_t)buflen : -1;
|
|
# endif
|
|
-
|
|
+# endif
|
|
/* Linux supports this since version 3.17 */
|
|
-# if defined(__linux) && defined(__NR_getrandom)
|
|
- return syscall(__NR_getrandom, buf, buflen, 0);
|
|
+# if defined(__linux) && defined(SYS_getrandom)
|
|
+ return syscall(SYS_getrandom, buf, buflen, nonblock?GRND_NONBLOCK:0);
|
|
# elif (defined(__FreeBSD__) || defined(__NetBSD__)) && defined(KERN_ARND)
|
|
return sysctl_random(buf, buflen);
|
|
# else
|
|
@@ -633,6 +636,9 @@ size_t rand_pool_acquire_entropy(RAND_PO
|
|
size_t entropy_available;
|
|
|
|
# if defined(OPENSSL_RAND_SEED_GETRANDOM)
|
|
+ int in_post;
|
|
+
|
|
+ for (in_post = fips_in_post(); in_post >= 0; --in_post) {
|
|
{
|
|
size_t bytes_needed;
|
|
unsigned char *buffer;
|
|
@@ -643,7 +649,7 @@ size_t rand_pool_acquire_entropy(RAND_PO
|
|
bytes_needed = rand_pool_bytes_needed(pool, 1 /*entropy_factor*/);
|
|
while (bytes_needed != 0 && attempts-- > 0) {
|
|
buffer = rand_pool_add_begin(pool, bytes_needed);
|
|
- bytes = syscall_random(buffer, bytes_needed);
|
|
+ bytes = syscall_random(buffer, bytes_needed, in_post);
|
|
if (bytes > 0) {
|
|
rand_pool_add_end(pool, bytes, 8 * bytes);
|
|
bytes_needed -= bytes;
|
|
@@ -678,8 +684,10 @@ size_t rand_pool_acquire_entropy(RAND_PO
|
|
int attempts = 3;
|
|
const int fd = get_random_device(i);
|
|
|
|
- if (fd == -1)
|
|
+ if (fd == -1) {
|
|
+ OPENSSL_showfatal("Random device %s cannot be opened.\n", random_device_paths[i]);
|
|
continue;
|
|
+ }
|
|
|
|
while (bytes_needed != 0 && attempts-- > 0) {
|
|
buffer = rand_pool_add_begin(pool, bytes_needed);
|
|
@@ -742,7 +750,9 @@ size_t rand_pool_acquire_entropy(RAND_PO
|
|
return entropy_available;
|
|
}
|
|
# endif
|
|
-
|
|
+# ifdef OPENSSL_RAND_SEED_GETRANDOM
|
|
+ }
|
|
+# endif
|
|
return rand_pool_entropy_available(pool);
|
|
# endif
|
|
}
|
|
diff -up openssl-1.1.1i/include/crypto/fips.h.fips-post-rand openssl-1.1.1i/include/crypto/fips.h
|
|
--- openssl-1.1.1i/include/crypto/fips.h.fips-post-rand 2020-12-09 10:26:41.639106369 +0100
|
|
+++ openssl-1.1.1i/include/crypto/fips.h 2020-12-09 10:26:41.657106516 +0100
|
|
@@ -77,6 +77,8 @@ int FIPS_selftest_hmac(void);
|
|
int FIPS_selftest_drbg(void);
|
|
int FIPS_selftest_cmac(void);
|
|
|
|
+int fips_in_post(void);
|
|
+
|
|
int fips_pkey_signature_test(EVP_PKEY *pkey,
|
|
const unsigned char *tbs, int tbslen,
|
|
const unsigned char *kat,
|
|
diff -up openssl-1.1.1i/include/crypto/rand.h.fips-post-rand openssl-1.1.1i/include/crypto/rand.h
|
|
--- openssl-1.1.1i/include/crypto/rand.h.fips-post-rand 2020-12-08 14:20:59.000000000 +0100
|
|
+++ openssl-1.1.1i/include/crypto/rand.h 2020-12-09 10:26:41.657106516 +0100
|
|
@@ -24,6 +24,7 @@
|
|
typedef struct rand_pool_st RAND_POOL;
|
|
|
|
void rand_cleanup_int(void);
|
|
+void rand_force_reseed(void);
|
|
void rand_drbg_cleanup_int(void);
|
|
void drbg_delete_thread_state(void);
|
|
|