KATS self-tests should run before HMAC verifcation

Related: rhbz#2041994
2022-01-19 13:40:57 +01:00 · 2022-01-19 13:40:57 +01:00 · 9df33eabbe
commit 9df33eabbe
parent f5421022ee
2 changed files with 47 additions and 1 deletions
--- a/0047-FIPS-early-KATS.patch
+++ b/0047-FIPS-early-KATS.patch
@ -0,0 +1,39 @@
+diff -up openssl-3.0.1/providers/fips/self_test.c.earlykats openssl-3.0.1/providers/fips/self_test.c
+--- openssl-3.0.1/providers/fips/self_test.c.earlykats	2022-01-19 13:10:00.635830783 +0100
+++ openssl-3.0.1/providers/fips/self_test.c	2022-01-19 13:11:43.309342656 +0100
+@@ -362,6 +362,16 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS
+     if (ev == NULL)
+         goto end;
+ 
+    /*
+     * Run the KAT's before HMAC verification according to FIPS-140-3 requirements
+     */
+    if (kats_already_passed == 0) {
+        if (!SELF_TEST_kats(ev, st->libctx)) {
+            ERR_raise(ERR_LIB_PROV, PROV_R_SELF_TEST_KAT_FAILURE);
+            goto end;
+        }
+    }
+
+     module_checksum = fips_hmac_container;
+     checksum_len = sizeof(fips_hmac_container);
+ 
+@@ -411,18 +421,6 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS
+             kats_already_passed = 1;
+         }
+     }
+-
+-    /*
+-     * Only runs the KAT's during installation OR on_demand().
+-     * NOTE: If the installation option 'self_test_onload' is chosen then this
+-     * path will always be run, since kats_already_passed will always be 0.
+-     */
+-    if (on_demand_test || kats_already_passed == 0) {
+-        if (!SELF_TEST_kats(ev, st->libctx)) {
+-            ERR_raise(ERR_LIB_PROV, PROV_R_SELF_TEST_KAT_FAILURE);
+-            goto end;
+-        }
+-    }
+     ok = 1;
+ end:
+     OSSL_SELF_TEST_free(ev);
--- a/openssl.spec
+++ b/openssl.spec
@ -15,7 +15,7 @@
 Summary: Utilities from the general purpose cryptography library with TLS implementation
 Name: openssl
 Version: 3.0.1
-Release: 2%{?dist}
+Release: 3%{?dist}
 Epoch: 1
 # We have to remove certain patented algorithms from the openssl source
 # tarball with the hobble-openssl script which is included below.
@ -69,6 +69,8 @@ Patch35: 0035-speed-skip-unavailable-dgst.patch
 Patch45: 0045-FIPS-services-minimize.patch
 # Enable SHA1 HMAC in FIPS mode
 Patch46: 0046-FIPS-permitsha1-hmac.patch
+# Execute KATS before HMAC verification
+Patch47: 0047-FIPS-early-KATS.patch

 License: ASL 2.0
 URL: http://www.openssl.org/
@ -396,6 +398,11 @@ install -m644 %{SOURCE9} \
 %ldconfig_scriptlets libs

 %changelog
+* Fri Jan 21 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.1-3
+- KATS tests should be executed before HMAC verification
+- Restoring fips=yes for SHA1
+- Related: rhbz#2026445, rhbz#2041994
+
 * Thu Jan 20 2022 Sahana Prasad <sahana@redhat.com> - 1:3.0.1-2
 - Add enable-buildtest-c++ to the configure options.
 - Related: rhbz#1990814