From 57f6d8f4a4453a2e49c51bac9ab54b800ff8829d Mon Sep 17 00:00:00 2001 From: Dmitry Belyavskiy Date: Fri, 19 May 2023 17:47:59 +0200 Subject: [PATCH] Use OAEP padding and aes-128-cbc by default in cms command in FIPS mode Resolves: rhbz#2160797 --- 0121-FIPS-cms-defaults.patch | 65 ++++++++++++++++++++++++++++++++++++ openssl.spec | 8 ++++- 2 files changed, 72 insertions(+), 1 deletion(-) create mode 100644 0121-FIPS-cms-defaults.patch diff --git a/0121-FIPS-cms-defaults.patch b/0121-FIPS-cms-defaults.patch new file mode 100644 index 0000000..7598512 --- /dev/null +++ b/0121-FIPS-cms-defaults.patch @@ -0,0 +1,65 @@ +diff -up openssl-3.0.7/apps/cms.c.fips_cms openssl-3.0.7/apps/cms.c +--- openssl-3.0.7/apps/cms.c.fips_cms 2023-05-18 14:03:56.360555106 +0200 ++++ openssl-3.0.7/apps/cms.c 2023-05-18 14:13:33.765183185 +0200 +@@ -20,6 +20,7 @@ + #include + #include + #include ++#include + + static int save_certs(char *signerfile, STACK_OF(X509) *signers); + static int cms_cb(int ok, X509_STORE_CTX *ctx); +@@ -810,12 +811,16 @@ int cms_main(int argc, char **argv) + + if (operation == SMIME_ENCRYPT) { + if (!cipher) { ++ if (FIPS_mode()) { ++ cipher = (EVP_CIPHER *)EVP_aes_128_cbc(); ++ } else { + #ifndef OPENSSL_NO_DES +- cipher = (EVP_CIPHER *)EVP_des_ede3_cbc(); ++ cipher = (EVP_CIPHER *)EVP_des_ede3_cbc(); + #else +- BIO_printf(bio_err, "No cipher selected\n"); +- goto end; ++ BIO_printf(bio_err, "No cipher selected\n"); ++ goto end; + #endif ++ } + } + + if (secret_key && !secret_keyid) { +diff -up openssl-3.0.7/crypto/cms/cms_env.c.fips_cms openssl-3.0.7/crypto/cms/cms_env.c +--- openssl-3.0.7/crypto/cms/cms_env.c.fips_cms 2023-05-22 10:06:50.276528155 +0200 ++++ openssl-3.0.7/crypto/cms/cms_env.c 2023-05-22 10:08:58.406073945 +0200 +@@ -14,6 +14,7 @@ + #include + #include + #include ++#include + #include "internal/sizes.h" + #include "crypto/asn1.h" + #include "crypto/evp.h" +@@ -321,6 +321,10 @@ static int cms_RecipientInfo_ktri_init(C + return 0; + if (EVP_PKEY_encrypt_init(ktri->pctx) <= 0) + return 0; ++ if (FIPS_mode()) { ++ if (EVP_PKEY_CTX_ctrl_str(ktri->pctx, "rsa_padding_mode", "oaep") <= 0) ++ return 0; ++ } + } else if (!ossl_cms_env_asn1_ctrl(ri, 0)) + return 0; + return 1; +@@ -484,6 +489,11 @@ static int cms_RecipientInfo_ktri_encryp + + if (EVP_PKEY_encrypt_init(pctx) <= 0) + goto err; ++ ++ if (FIPS_mode()) { ++ if (EVP_PKEY_CTX_ctrl_str(pctx, "rsa_padding_mode", "oaep") <= 0) ++ goto err; ++ } + } + + if (EVP_PKEY_encrypt(pctx, NULL, &eklen, ec->key, ec->keylen) <= 0) diff --git a/openssl.spec b/openssl.spec index 1cf36f2..115e467 100644 --- a/openssl.spec +++ b/openssl.spec @@ -29,7 +29,7 @@ print(string.sub(hash, 0, 16)) Summary: Utilities from the general purpose cryptography library with TLS implementation Name: openssl Version: 3.0.7 -Release: 17%{?dist} +Release: 18%{?dist} Epoch: 1 # We have to remove certain patented algorithms from the openssl source # tarball with the hobble-openssl script which is included below. @@ -192,6 +192,8 @@ Patch118: 0118-CVE-2023-1255.patch #https://github.com/openssl/openssl/pull/13817 #https://bugzilla.redhat.com/show_bug.cgi?id=2153471 Patch120: 0120-RSA-PKCS15-implicit-rejection.patch +# https://bugzilla.redhat.com/show_bug.cgi?id=2160797 +Patch121: 0121-FIPS-cms-defaults.patch License: ASL 2.0 URL: http://www.openssl.org/ @@ -515,6 +517,10 @@ install -m644 %{SOURCE9} \ %ldconfig_scriptlets libs %changelog +* Thu May 18 2023 Dmitry Belyavskiy - 1:3.0.7-18 +- Use OAEP padding and aes-128-cbc by default in cms command in FIPS mode + Resolves: rhbz#2160797 + * Tue May 09 2023 Dmitry Belyavskiy - 1:3.0.7-17 - Enforce using EMS in FIPS mode - better alerts Related: rhbz#2157951