Use OAEP padding and aes-128-cbc by default in cms command in FIPS mode

Resolves: rhbz#2160797
This commit is contained in:
Dmitry Belyavskiy 2023-05-19 17:47:59 +02:00
parent 032dc0839c
commit 57f6d8f4a4
2 changed files with 72 additions and 1 deletions

View File

@ -0,0 +1,65 @@
diff -up openssl-3.0.7/apps/cms.c.fips_cms openssl-3.0.7/apps/cms.c
--- openssl-3.0.7/apps/cms.c.fips_cms 2023-05-18 14:03:56.360555106 +0200
+++ openssl-3.0.7/apps/cms.c 2023-05-18 14:13:33.765183185 +0200
@@ -20,6 +20,7 @@
#include <openssl/x509_vfy.h>
#include <openssl/x509v3.h>
#include <openssl/cms.h>
+#include <openssl/fips.h>
static int save_certs(char *signerfile, STACK_OF(X509) *signers);
static int cms_cb(int ok, X509_STORE_CTX *ctx);
@@ -810,12 +811,16 @@ int cms_main(int argc, char **argv)
if (operation == SMIME_ENCRYPT) {
if (!cipher) {
+ if (FIPS_mode()) {
+ cipher = (EVP_CIPHER *)EVP_aes_128_cbc();
+ } else {
#ifndef OPENSSL_NO_DES
- cipher = (EVP_CIPHER *)EVP_des_ede3_cbc();
+ cipher = (EVP_CIPHER *)EVP_des_ede3_cbc();
#else
- BIO_printf(bio_err, "No cipher selected\n");
- goto end;
+ BIO_printf(bio_err, "No cipher selected\n");
+ goto end;
#endif
+ }
}
if (secret_key && !secret_keyid) {
diff -up openssl-3.0.7/crypto/cms/cms_env.c.fips_cms openssl-3.0.7/crypto/cms/cms_env.c
--- openssl-3.0.7/crypto/cms/cms_env.c.fips_cms 2023-05-22 10:06:50.276528155 +0200
+++ openssl-3.0.7/crypto/cms/cms_env.c 2023-05-22 10:08:58.406073945 +0200
@@ -14,6 +14,7 @@
#include <openssl/err.h>
#include <openssl/cms.h>
#include <openssl/evp.h>
+#include <openssl/fips.h>
#include "internal/sizes.h"
#include "crypto/asn1.h"
#include "crypto/evp.h"
@@ -321,6 +321,10 @@ static int cms_RecipientInfo_ktri_init(C
return 0;
if (EVP_PKEY_encrypt_init(ktri->pctx) <= 0)
return 0;
+ if (FIPS_mode()) {
+ if (EVP_PKEY_CTX_ctrl_str(ktri->pctx, "rsa_padding_mode", "oaep") <= 0)
+ return 0;
+ }
} else if (!ossl_cms_env_asn1_ctrl(ri, 0))
return 0;
return 1;
@@ -484,6 +489,11 @@ static int cms_RecipientInfo_ktri_encryp
if (EVP_PKEY_encrypt_init(pctx) <= 0)
goto err;
+
+ if (FIPS_mode()) {
+ if (EVP_PKEY_CTX_ctrl_str(pctx, "rsa_padding_mode", "oaep") <= 0)
+ goto err;
+ }
}
if (EVP_PKEY_encrypt(pctx, NULL, &eklen, ec->key, ec->keylen) <= 0)

View File

@ -29,7 +29,7 @@ print(string.sub(hash, 0, 16))
Summary: Utilities from the general purpose cryptography library with TLS implementation
Name: openssl
Version: 3.0.7
Release: 17%{?dist}
Release: 18%{?dist}
Epoch: 1
# We have to remove certain patented algorithms from the openssl source
# tarball with the hobble-openssl script which is included below.
@ -192,6 +192,8 @@ Patch118: 0118-CVE-2023-1255.patch
#https://github.com/openssl/openssl/pull/13817
#https://bugzilla.redhat.com/show_bug.cgi?id=2153471
Patch120: 0120-RSA-PKCS15-implicit-rejection.patch
# https://bugzilla.redhat.com/show_bug.cgi?id=2160797
Patch121: 0121-FIPS-cms-defaults.patch
License: ASL 2.0
URL: http://www.openssl.org/
@ -515,6 +517,10 @@ install -m644 %{SOURCE9} \
%ldconfig_scriptlets libs
%changelog
* Thu May 18 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.7-18
- Use OAEP padding and aes-128-cbc by default in cms command in FIPS mode
Resolves: rhbz#2160797
* Tue May 09 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.7-17
- Enforce using EMS in FIPS mode - better alerts
Related: rhbz#2157951