Change explicit FIPS indicator for RSA decryption to unapproved

Resolves: rhbz#2179379
Signed-off-by: Clemens Lang <cllang@redhat.com>

0113-asymciphers-kem-Add-explicit-FIPS-indicator.patch

@@ -21,9 +21,9 @@ Signed-off-by: Clemens Lang <cllang@redhat.com>
 ---
  include/openssl/core_names.h                  |  2 ++
  include/openssl/evp.h                         |  4 +++
- .../implementations/asymciphers/rsa_enc.c     | 31 +++++++++++++++++++
- providers/implementations/kem/rsa_kem.c       | 30 +++++++++++++++++-
- 4 files changed, 66 insertions(+), 1 deletion(-)
+ .../implementations/asymciphers/rsa_enc.c     | 24 +++++++++++++++
+ providers/implementations/kem/rsa_kem.c       | 30 ++++++++++++++++++-
+ 4 files changed, 59 insertions(+), 1 deletion(-)
 
 diff --git a/include/openssl/core_names.h b/include/openssl/core_names.h
 index 832502a034..e15d208421 100644
@@ -61,10 +61,10 @@ index ec2ba46fbd..3803b03422 100644
                                 const char *properties);
  int EVP_KEYMGMT_up_ref(EVP_KEYMGMT *keymgmt);
 diff --git a/providers/implementations/asymciphers/rsa_enc.c b/providers/implementations/asymciphers/rsa_enc.c
-index 568452ec56..0a9adb4056 100644
+index 568452ec56..2e7ea632d7 100644
 --- a/providers/implementations/asymciphers/rsa_enc.c
 +++ b/providers/implementations/asymciphers/rsa_enc.c
-@@ -399,6 +399,34 @@ static int rsa_get_ctx_params(void *vprsactx, OSSL_PARAM *params)
+@@ -399,6 +399,27 @@ static int rsa_get_ctx_params(void *vprsactx, OSSL_PARAM *params)
      if (p != NULL && !OSSL_PARAM_set_uint(p, prsactx->alt_version))
          return 0;
  
@@ -73,23 +73,16 @@ index 568452ec56..0a9adb4056 100644
 +    if (p != NULL) {
 +        int fips_indicator = EVP_PKEY_REDHAT_FIPS_INDICATOR_APPROVED;
 +
-+        if (prsactx->operation == EVP_PKEY_OP_ENCRYPT) {
 +        /* NIST SP 800-56Br2 section 6.4.2.1 requires either explicit key
-+             * confirmation (section 6.4.2.3.2), or assurance from a trusted
-+             * third party (section 6.4.2.3.1) for the KTS-OAEP key transport
-+             * scheme, but explicit key confirmation is not implemented here
-+             * and cannot be implemented without protocol changes, and the FIPS
-+             * provider does not implement trusted third party validation,
-+             * since it relies on its callers to do that. We must thus mark
-+             * RSA-OAEP as unapproved until we have received clarification from
-+             * NIST on how library modules such as OpenSSL should implement TTP
-+             * validation.
-+             *
-+             * This does not affect decryption, because it is approved as
-+             * a component according to the FIPS 140-3 IG, section 2.4.G.
-+             */
++         * confirmation (section 6.4.2.3.2), or assurance from a trusted third
++         * party (section 6.4.2.3.1) for the KTS-OAEP key transport scheme, but
++         * explicit key confirmation is not implemented here and cannot be
++         * implemented without protocol changes, and the FIPS provider does not
++         * implement trusted third party validation, since it relies on its
++         * callers to do that. We must thus mark RSA-OAEP as unapproved until
++         * we have received clarification from NIST on how library modules such
++         * as OpenSSL should implement TTP validation. */
 +        fips_indicator = EVP_PKEY_REDHAT_FIPS_INDICATOR_NOT_APPROVED;
-+        }
 +
 +        if (!OSSL_PARAM_set_int(p, fips_indicator))
 +            return 0;

openssl.spec

@@ -29,7 +29,7 @@ print(string.sub(hash, 0, 16))
 Summary: Utilities from the general purpose cryptography library with TLS implementation
 Name: openssl
 Version: 3.0.7
-Release: 11%{?dist}
+Release: 12%{?dist}
 Epoch: 1
 # We have to remove certain patented algorithms from the openssl source
 # tarball with the hobble-openssl script which is included below.
@@ -507,6 +507,10 @@ install -m644 %{SOURCE9} \
 %ldconfig_scriptlets libs
 
 %changelog
+* Fri Mar 24 2023 Clemens Lang <cllang@redhat.com> - 1:3.0.7-12
+- Change explicit FIPS indicator for RSA decryption to unapproved
+  Resolves: rhbz#2179379
+
 * Mon Mar 20 2023 Clemens Lang <cllang@redhat.com> - 1:3.0.7-11
 - Add missing reference to patchfile to add explicit FIPS indicator to RSA
   encryption and RSASVE and fix the gettable parameter list for the RSA