use 1024 bit DH parameters in s_server as 512 bit is not allowed

in FIPS mode and it is quite weak anyway
This commit is contained in:
Tomas Mraz 2012-11-15 21:11:36 +01:00
parent 79971bf194
commit b7eb6f4a5f
2 changed files with 68 additions and 1 deletions

View File

@ -0,0 +1,61 @@
diff -up openssl-1.0.1c/apps/s_server.c.dh1024 openssl-1.0.1c/apps/s_server.c
--- openssl-1.0.1c/apps/s_server.c.dh1024 2012-11-14 20:27:50.000000000 +0100
+++ openssl-1.0.1c/apps/s_server.c 2012-11-15 20:56:15.247774465 +0100
@@ -222,27 +222,31 @@ static void s_server_init(void);
#endif
#ifndef OPENSSL_NO_DH
-static unsigned char dh512_p[]={
- 0xDA,0x58,0x3C,0x16,0xD9,0x85,0x22,0x89,0xD0,0xE4,0xAF,0x75,
- 0x6F,0x4C,0xCA,0x92,0xDD,0x4B,0xE5,0x33,0xB8,0x04,0xFB,0x0F,
- 0xED,0x94,0xEF,0x9C,0x8A,0x44,0x03,0xED,0x57,0x46,0x50,0xD3,
- 0x69,0x99,0xDB,0x29,0xD7,0x76,0x27,0x6B,0xA2,0xD3,0xD4,0x12,
- 0xE2,0x18,0xF4,0xDD,0x1E,0x08,0x4C,0xF6,0xD8,0x00,0x3E,0x7C,
- 0x47,0x74,0xE8,0x33,
- };
-static unsigned char dh512_g[]={
- 0x02,
- };
-
-static DH *get_dh512(void)
+static DH *get_dh1024()
{
- DH *dh=NULL;
+ static unsigned char dh1024_p[]={
+ 0x99,0x58,0xFA,0x90,0x53,0x2F,0xE0,0x61,0x83,0x9D,0x54,0x63,
+ 0xBD,0x35,0x5A,0x31,0xF3,0xC6,0x79,0xE5,0xA0,0x0F,0x66,0x79,
+ 0x3C,0xA0,0x7F,0xE8,0xA2,0x5F,0xDF,0x11,0x08,0xA3,0xF0,0x3C,
+ 0xC3,0x3C,0x5D,0x50,0x2C,0xD5,0xD6,0x58,0x12,0xDB,0xC1,0xEF,
+ 0xB4,0x47,0x4A,0x5A,0x39,0x8A,0x4E,0xEB,0x44,0xE2,0x07,0xFB,
+ 0x3D,0xA3,0xC7,0x6E,0x52,0xF3,0x2B,0x7B,0x10,0xA5,0x98,0xE3,
+ 0x38,0x2A,0xE2,0x7F,0xA4,0x8F,0x26,0x87,0x9B,0x66,0x7A,0xED,
+ 0x2D,0x4C,0xE7,0x33,0x77,0x47,0x94,0x43,0xB6,0xAA,0x97,0x23,
+ 0x8A,0xFC,0xA5,0xA6,0x64,0x09,0xC0,0x27,0xC0,0xEF,0xCB,0x05,
+ 0x90,0x9D,0xD5,0x75,0xBA,0x00,0xE0,0xFB,0xA8,0x81,0x52,0xA4,
+ 0xB2,0x83,0x22,0x5B,0xCB,0xD7,0x16,0x93,
+ };
+ static unsigned char dh1024_g[]={
+ 0x02,
+ };
+ DH *dh;
if ((dh=DH_new()) == NULL) return(NULL);
- dh->p=BN_bin2bn(dh512_p,sizeof(dh512_p),NULL);
- dh->g=BN_bin2bn(dh512_g,sizeof(dh512_g),NULL);
+ dh->p=BN_bin2bn(dh1024_p,sizeof(dh1024_p),NULL);
+ dh->g=BN_bin2bn(dh1024_g,sizeof(dh1024_g),NULL);
if ((dh->p == NULL) || (dh->g == NULL))
- return(NULL);
+ { DH_free(dh); return(NULL); }
return(dh);
}
#endif
@@ -1657,7 +1661,7 @@ bad:
else
{
BIO_printf(bio_s_out,"Using default temp DH parameters\n");
- dh=get_dh512();
+ dh=get_dh1024();
}
(void)BIO_flush(bio_s_out);

View File

@ -22,7 +22,7 @@ Summary: Utilities from the general purpose cryptography library with TLS implem
Name: openssl
Version: 1.0.1c
# Do not forget to bump SHLIB_VERSION on version upgrades
Release: 7%{?dist}
Release: 8%{?dist}
Epoch: 1
# We have to remove certain patented algorithms from the openssl source
# tarball with the hobble-openssl script which is included below.
@ -67,6 +67,7 @@ Patch65: openssl-1.0.0e-chil-fixes.patch
Patch66: openssl-1.0.1-pkgconfig-krb5.patch
Patch67: openssl-1.0.0-fips-pkcs8.patch
Patch68: openssl-1.0.1c-secure-getenv.patch
Patch69: openssl-1.0.1c-dh-1024.patch
# Backported fixes including security fixes
Patch81: openssl-1.0.1-beta2-padlock64.patch
Patch82: openssl-1.0.1c-backports.patch
@ -171,6 +172,7 @@ from other formats to the formats used by the OpenSSL toolkit.
%patch66 -p1 -b .krb5
%patch67 -p1 -b .pkcs8
%patch68 -p1 -b .secure-getenv
%patch69 -p1 -b .dh1024
%patch81 -p1 -b .padlock64
%patch82 -p1 -b .backports
@ -429,6 +431,10 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/fipscanister.*
%postun libs -p /sbin/ldconfig
%changelog
* Thu Nov 15 2012 Tomas Mraz <tmraz@redhat.com> 1.0.1c-8
- use 1024 bit DH parameters in s_server as 512 bit is not allowed
in FIPS mode and it is quite weak anyway
* Mon Sep 10 2012 Tomas Mraz <tmraz@redhat.com> 1.0.1c-7
- add missing initialization of str in aes_ccm_init_key (#853963)
- add important patches from upstream CVS