From 836560b322770ee91c04b6fe7088cc0abbe34f81 Mon Sep 17 00:00:00 2001 From: Tomas Mraz Date: Fri, 2 Dec 2016 17:32:17 +0100 Subject: [PATCH] FIPS mode fixes for TLS --- openssl-1.1.0-fips.patch | 50 ++++++++++++++++++++++++++++++++++++++++ openssl.spec | 5 +++- 2 files changed, 54 insertions(+), 1 deletion(-) diff --git a/openssl-1.1.0-fips.patch b/openssl-1.1.0-fips.patch index c7009ed..0a24b0d 100644 --- a/openssl-1.1.0-fips.patch +++ b/openssl-1.1.0-fips.patch @@ -12018,6 +12018,28 @@ diff -up openssl-1.1.0c/include/openssl/rsa.h.fips openssl-1.1.0c/include/openss # define RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 148 # define RSA_R_PADDING_CHECK_FAILED 114 # define RSA_R_PKCS_DECODING_ERROR 159 +diff -up openssl-1.1.0c/ssl/ssl_ciph.c.fips openssl-1.1.0c/ssl/ssl_ciph.c +--- openssl-1.1.0c/ssl/ssl_ciph.c.fips 2016-11-30 15:31:14.000000000 +0100 ++++ openssl-1.1.0c/ssl/ssl_ciph.c 2016-12-02 16:01:58.250067386 +0100 +@@ -404,7 +404,8 @@ void ssl_load_ciphers(void) + } + } + /* Make sure we can access MD5 and SHA1 */ +- OPENSSL_assert(ssl_digest_methods[SSL_MD_MD5_IDX] != NULL); ++ if (!FIPS_mode()) ++ OPENSSL_assert(ssl_digest_methods[SSL_MD_MD5_IDX] != NULL); + OPENSSL_assert(ssl_digest_methods[SSL_MD_SHA1_IDX] != NULL); + + disabled_mkey_mask = 0; +@@ -687,7 +688,7 @@ static void ssl_cipher_collect_ciphers(c + /* drop those that use any of that is not available */ + if (c == NULL || !c->valid) + continue; +- if (FIPS_mode() && (c->algo_strength & SSL_FIPS)) ++ if (FIPS_mode() && !(c->algo_strength & SSL_FIPS)) + continue; + if ((c->algorithm_mkey & disabled_mkey) || + (c->algorithm_auth & disabled_auth) || diff -up openssl-1.1.0c/ssl/ssl_init.c.fips openssl-1.1.0c/ssl/ssl_init.c --- openssl-1.1.0c/ssl/ssl_init.c.fips 2016-11-10 15:03:46.000000000 +0100 +++ openssl-1.1.0c/ssl/ssl_init.c 2016-11-11 13:31:51.379604771 +0100 @@ -12064,6 +12086,34 @@ diff -up openssl-1.1.0c/ssl/ssl_init.c.fips openssl-1.1.0c/ssl/ssl_init.c #ifndef OPENSSL_NO_COMP # ifdef OPENSSL_INIT_DEBUG fprintf(stderr, "OPENSSL_INIT: ossl_init_ssl_base: " +diff -up openssl-1.1.0c/ssl/ssl_lib.c.fips openssl-1.1.0c/ssl/ssl_lib.c +--- openssl-1.1.0c/ssl/ssl_lib.c.fips 2016-11-30 15:31:14.000000000 +0100 ++++ openssl-1.1.0c/ssl/ssl_lib.c 2016-12-02 16:31:12.108604595 +0100 +@@ -2405,13 +2405,17 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *m + if (ret->param == NULL) + goto err; + +- if ((ret->md5 = EVP_get_digestbyname("ssl3-md5")) == NULL) { +- SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES); +- goto err2; +- } +- if ((ret->sha1 = EVP_get_digestbyname("ssl3-sha1")) == NULL) { +- SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES); +- goto err2; ++ if (!FIPS_mode()) { ++ if ((ret->md5 = EVP_get_digestbyname("ssl3-md5")) == NULL) { ++ SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES); ++ goto err2; ++ } ++ if ((ret->sha1 = EVP_get_digestbyname("ssl3-sha1")) == NULL) { ++ SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES); ++ goto err2; ++ } ++ } else { ++ ret->min_proto_version = TLS1_VERSION; + } + + if ((ret->client_CA = sk_X509_NAME_new_null()) == NULL) diff -up openssl-1.1.0c/test/dsatest.c.fips openssl-1.1.0c/test/dsatest.c --- openssl-1.1.0c/test/dsatest.c.fips 2016-11-10 15:03:47.000000000 +0100 +++ openssl-1.1.0c/test/dsatest.c 2016-11-11 13:31:51.380604793 +0100 diff --git a/openssl.spec b/openssl.spec index bb7d0ba..ec410fc 100644 --- a/openssl.spec +++ b/openssl.spec @@ -22,7 +22,7 @@ Summary: Utilities from the general purpose cryptography library with TLS implementation Name: openssl Version: 1.1.0c -Release: 3%{?dist} +Release: 4%{?dist} Epoch: 1 # We have to remove certain patented algorithms from the openssl source # tarball with the hobble-openssl script which is included below. @@ -430,6 +430,9 @@ export LD_LIBRARY_PATH %postun libs -p /sbin/ldconfig %changelog +* Fri Dec 2 2016 Tomáš Mráz 1.1.0c-4 +- FIPS mode fixes for TLS + * Wed Nov 30 2016 Tomáš Mráz 1.1.0c-3 - revert SSL_read() behavior change - patch from upstream (#1394677) - fix behavior on client certificate request in renegotiation (#1393579)