Resolves: RHEL-61266

Allow RSA-OAEP in Fips mode Add the algorithm to fips_algorythms and add additional checks.
2024-10-24 10:09:14 +02:00 · 2024-10-24 10:09:14 +02:00 · 8d9004b85a
commit 8d9004b85a
parent ed5ad1f04e
3 changed files with 27 additions and 1 deletions
--- a/fips_algorithms.h
+++ b/fips_algorithms.h
@ -20,6 +20,7 @@ typedef enum {
    SFTKFIPSChkHash,  /* make sure the base hash of KDF functions is FIPS */
    SFTKFIPSChkHashTls,  /* make sure the base hash of TLS KDF functions is FIPS */
    SFTKFIPSChkHashSp800,  /* make sure the base hash of SP-800-108 KDF functions is FIPS */
+    SFTKFIPSRSAOAEP, /* make sure that both hashes use the same FIPS compliant algorithm */
 } SFTKFIPSSpecialClass;

 /* set according to your security policy */
@ -79,6 +80,7 @@ SFTKFIPSAlgorithmList sftk_fips_mechs[] = {
 #define AES_FB_KEY 128, 256
 #define AES_FB_STEP 64
    { CKM_RSA_PKCS_KEY_PAIR_GEN, { RSA_FB_KEY, CKF_KPG }, RSA_FB_STEP, SFTKFIPSNone },
+    { CKM_RSA_PKCS_OAEP, { RSA_FB_KEY, CKF_ENC }, RSA_FB_STEP, SFTKFIPSRSAOAEP },

    /* -------------- RSA Multipart Signing Operations -------------------- */
    { CKM_SHA224_RSA_PKCS, { RSA_FB_KEY, CKF_SGN }, RSA_FB_STEP, SFTKFIPSNone },
--- a/nss-3.101-allow-fips-rsa-oaep.patch
+++ b/nss-3.101-allow-fips-rsa-oaep.patch
@ -0,0 +1,20 @@
+diff -up ./lib/softoken/pkcs11u.c.fipsrsaoaep ./lib/softoken/pkcs11u.c
+--- ./lib/softoken/pkcs11u.c.fipsrsaoaep	2024-10-24 09:27:17.971673855 +0200
+++ ./lib/softoken/pkcs11u.c	2024-10-24 09:23:35.006352872 +0200
+@@ -2565,6 +2565,16 @@ sftk_handleSpecial(SFTKSlot *slot, CK_ME
+                 }
+             }
+             return sftk_checkKeyLength(targetKeyLength, 112, 512, 1);
+        case SFTKFIPSRSAOAEP:;
+            CK_RSA_PKCS_OAEP_PARAMS *rsaoaep = (CK_RSA_PKCS_OAEP_PARAMS *)
+                                                mech->pParameter;
+
+            HASH_HashType hash_msg = sftk_GetHashTypeFromMechanism(rsaoaep->hashAlg);
+            HASH_HashType hash_pad = sftk_GetHashTypeFromMechanism(rsaoaep->mgf);
+            /* message hash and mask generation function must be the same */
+            if (hash_pad != hash_msg) return PR_FALSE;
+
+            return sftk_checkFIPSHash(rsaoaep->hashAlg, PR_FALSE, PR_FALSE);
+         default:
+             break;
+     }
--- a/nss.spec
+++ b/nss.spec
@ -63,7 +63,7 @@ print(string.sub(hash, 0, 16))
 Summary:          Network Security Services
 Name:             nss
 Version:          %{nss_version}
-Release:          9%{?dist}
+Release:          10%{?dist}
 License:          MPLv2.0
 URL:              http://www.mozilla.org/projects/security/pki/nss/
 Requires:         nspr >= %{nspr_version}%{nspr_release}
@ -203,6 +203,7 @@ Patch85:          nss-3.101-fix-cms-abi-break.patch
 Patch86:          nss-3.101-long-pwd-fix.patch
 Patch87:          nss-3.101-fix-shlibsign-fips.patch
 Patch88:          nss-3.101-fips-check-ec25519-size.patch
+Patch89:          nss-3.101-allow-fips-rsa-oaep.patch

 #revert patches
 Patch300:         nss-3.101-default-libpkix.patch
@ -1001,6 +1002,9 @@ update-crypto-policies --no-reload &> /dev/null || :


 %changelog
+* Mon Nov 11 2024 Frantisek Krenzelok <krenzelok.frantisek@gmail.com> - 3.101.0-10
+- Allow RSA-OAEP in FIPS mode
+
 * Mon Nov 11 2024 Frantisek Krenzelok <krenzelok.frantisek@gmail.com> - 3.101.0-9
 - Add SEC_OID_CURVE25519 to FIPS checks.
 - This will mark algorithm using it as FIPS unapproved.