Fix OpenSSL 3 MD5 encryption in FIPS mode

MD4 cipher requires OpenSSL3's "legacy" provider, while MD5 fetched from
the "default" one. Both ciphers are unavailable in FIPS mode, however
MD5 is tolerated for RADIUS requests on local host.

The OpenSSL3 library context was missing the "default" provider, causing
MD5 encryption to fail in FIPS mode.

Resolves: rhbz#2068458

Signed-off-by: Julien Rische <jrische@redhat.com>
This commit is contained in:
Julien Rische 2022-05-09 18:56:18 +02:00
parent d78e3940d1
commit 6ea8af6747
3 changed files with 41 additions and 27 deletions

View File

@ -1,7 +1,7 @@
From 790f485cf57e4de65351c29c41666db6370ef367 Mon Sep 17 00:00:00 2001
From: Julien Rische <jrische@redhat.com>
Date: Thu, 5 May 2022 17:15:12 +0200
Subject: [PATCH] Allow krad TCP connection to localhost with FIPS
Subject: [PATCH] Allow krad UDP/TCP localhost connection with FIPS
libkrad allows to establish connections only to UNIX socket in FIPS
mode, because MD5 digest is not considered safe enough to be used for

View File

@ -1,4 +1,4 @@
From a7318c3cd6e1f58adb80493c05b59e6c180cd584 Mon Sep 17 00:00:00 2001
From 4f8cba1780bc167c52de2a791cad6a1817508bbe Mon Sep 17 00:00:00 2001
From: Julien Rische <jrische@redhat.com>
Date: Wed, 23 Feb 2022 17:34:33 +0100
Subject: [PATCH] [downstream] FIPS with PRNG and RADIUS and MD4
@ -28,24 +28,26 @@ global context.
Remove EVP_MD_CTX_FLAG_NON_FIPS_ALLOW flag since does not have any
effect anymore.
post9 load both default and legacy provider into library context
Last-updated: krb5-1.19
---
doc/admin/conf_files/krb5_conf.rst | 6 ++
src/lib/crypto/krb/prng.c | 11 ++-
.../crypto/openssl/enc_provider/camellia.c | 6 ++
src/lib/crypto/openssl/enc_provider/rc4.c | 13 +++-
.../crypto/openssl/hash_provider/hash_evp.c | 85 ++++++++++++++++++-
src/lib/crypto/openssl/enc_provider/rc4.c | 13 ++-
.../crypto/openssl/hash_provider/hash_evp.c | 93 ++++++++++++++++++-
src/lib/crypto/openssl/hmac.c | 6 +-
src/lib/krad/attr.c | 46 ++++++++---
src/lib/krad/attr.c | 46 ++++++---
src/lib/krad/attrset.c | 5 +-
src/lib/krad/internal.h | 28 ++++++-
src/lib/krad/packet.c | 22 +++---
src/lib/krad/remote.c | 10 ++-
src/lib/krad/internal.h | 28 +++++-
src/lib/krad/packet.c | 22 +++--
src/lib/krad/remote.c | 10 +-
src/lib/krad/t_attr.c | 3 +-
src/lib/krad/t_attrset.c | 4 +-
src/plugins/preauth/spake/spake_client.c | 6 ++
src/plugins/preauth/spake/spake_kdc.c | 6 ++
15 files changed, 218 insertions(+), 35 deletions(-)
15 files changed, 230 insertions(+), 35 deletions(-)
diff --git a/doc/admin/conf_files/krb5_conf.rst b/doc/admin/conf_files/krb5_conf.rst
index 675175955..adba8238d 100644
@ -158,10 +160,10 @@ index bc87c6f42..9bf407899 100644
* The cipher state here is a saved pointer to a struct arcfour_state
* object, rather than a flat byte array as in most enc providers. The
diff --git a/src/lib/crypto/openssl/hash_provider/hash_evp.c b/src/lib/crypto/openssl/hash_provider/hash_evp.c
index 1e0fb8fc3..4b8e1a6b2 100644
index 1e0fb8fc3..57bca3fec 100644
--- a/src/lib/crypto/openssl/hash_provider/hash_evp.c
+++ b/src/lib/crypto/openssl/hash_provider/hash_evp.c
@@ -32,6 +32,50 @@
@@ -32,6 +32,46 @@
#include "crypto_int.h"
#include <openssl/evp.h>
@ -170,8 +172,8 @@ index 1e0fb8fc3..4b8e1a6b2 100644
+
+typedef struct ossl_lib_md_context {
+ OSSL_LIB_CTX *libctx;
+ OSSL_PROVIDER *default_provider;
+ OSSL_PROVIDER *legacy_provider;
+ EVP_MD *md;
+} ossl_md_context_t;
+
+static thread_local ossl_md_context_t *ossl_md_ctx = NULL;
@ -183,15 +185,11 @@ index 1e0fb8fc3..4b8e1a6b2 100644
+ if (!ctx->libctx)
+ return KRB5_CRYPTO_INTERNAL;
+
+ /*
+ * Load both legacy and default provider as both may be needed.
+ * If they fail keep going and an error will be raised when we try to
+ * fetch the cipher later.
+ */
+ /* Load both legacy and default provider as both may be needed. */
+ ctx->default_provider = OSSL_PROVIDER_load(ctx->libctx, "default");
+ ctx->legacy_provider = OSSL_PROVIDER_load(ctx->libctx, "legacy");
+
+ ctx->md = EVP_MD_fetch(ctx->libctx, algo, NULL);
+ if (!ctx->md)
+ if (!(ctx->default_provider && ctx->legacy_provider))
+ return KRB5_CRYPTO_INTERNAL;
+
+ return 0;
@ -200,19 +198,19 @@ index 1e0fb8fc3..4b8e1a6b2 100644
+static void
+deinit_ossl_ctx(ossl_md_context_t *ctx)
+{
+ if (ctx->md)
+ EVP_MD_free(ctx->md);
+
+ if (ctx->legacy_provider)
+ OSSL_PROVIDER_unload(ctx->legacy_provider);
+
+ if (ctx->default_provider)
+ OSSL_PROVIDER_unload(ctx->default_provider);
+
+ if (ctx->libctx)
+ OSSL_LIB_CTX_free(ctx->libctx);
+}
static krb5_error_code
hash_evp(const EVP_MD *type, const krb5_crypto_iov *data, size_t num_data,
@@ -61,16 +104,53 @@ hash_evp(const EVP_MD *type, const krb5_crypto_iov *data, size_t num_data,
@@ -61,16 +101,65 @@ hash_evp(const EVP_MD *type, const krb5_crypto_iov *data, size_t num_data,
return ok ? 0 : KRB5_CRYPTO_INTERNAL;
}
@ -221,11 +219,14 @@ index 1e0fb8fc3..4b8e1a6b2 100644
+ krb5_data *output)
+{
+ krb5_error_code err;
+ EVP_MD *md = NULL;
+
+ if (!ossl_md_ctx) {
+ ossl_md_ctx = malloc(sizeof(ossl_md_context_t));
+ if (!ossl_md_ctx)
+ return ENOMEM;
+ if (!ossl_md_ctx) {
+ err = ENOMEM;
+ goto end;
+ }
+
+ err = init_ossl_md_ctx(ossl_md_ctx, algo);
+ if (err) {
@ -236,9 +237,18 @@ index 1e0fb8fc3..4b8e1a6b2 100644
+ }
+ }
+
+ err = hash_evp(ossl_md_ctx->md, data, num_data, output);
+ md = EVP_MD_fetch(ossl_md_ctx->libctx, algo, NULL);
+ if (!md) {
+ err = KRB5_CRYPTO_INTERNAL;
+ goto end;
+ }
+
+ err = hash_evp(md, data, num_data, output);
+
+end:
+ if (md)
+ EVP_MD_free(md);
+
+ return err;
+}
+
@ -684,3 +694,6 @@ index 88c964ce1..c7df0392f 100644
vt = (krb5_kdcpreauth_vtable)vtable;
vt->name = "spake";
vt->pa_type_list = pa_types;
--
2.35.1

View File

@ -94,7 +94,7 @@ Patch29: Use-SHA256-instead-of-SHA1-for-PKINIT-CMS-digest.patch
Patch30: downstream-Use-newly-enforced-dejagnu-path-naming-convention.patch
Patch31: Try-harder-to-avoid-password-change-replay-errors.patch
Patch32: Add-configure-variable-for-default-PKCS-11-module.patch
Patch33: downstream-Allow-krad-TCP-connection-to-localhost-with-FIPS.patch
Patch33: downstream-Allow-krad-UDP-TCP-localhost-connection-with-FIPS.patch
License: MIT
URL: https://web.mit.edu/kerberos/www/
@ -653,6 +653,7 @@ exit 0
%changelog
* Thu May 12 2022 Julien Rische <jrische@redhat.com> - 1.19.1-20
- Fix OpenSSL 3 MD5 encyption in FIPS mode
- Allow libkrad UDP/TCP connection to localhost in FIPS mode
- Resolves: rhbz#2068458