drop weak ciphers from the default TLS ciphersuite list
- add back some symbols that were dropped with update to 1.0.1 branch - more FIPS validation requirement changes
This commit is contained in:
parent
ad237d19e6
commit
dc728e2d8b
46
openssl-1.0.1e-compat-symbols.patch
Normal file
46
openssl-1.0.1e-compat-symbols.patch
Normal file
@ -0,0 +1,46 @@
|
|||||||
|
diff -up openssl-1.0.1e/crypto/dsa/dsa_key.c.compat openssl-1.0.1e/crypto/dsa/dsa_key.c
|
||||||
|
--- openssl-1.0.1e/crypto/dsa/dsa_key.c.compat 2013-11-26 14:36:35.000000000 +0100
|
||||||
|
+++ openssl-1.0.1e/crypto/dsa/dsa_key.c 2013-12-11 16:34:58.638549687 +0100
|
||||||
|
@@ -68,6 +68,11 @@
|
||||||
|
#include <openssl/fips.h>
|
||||||
|
#include <openssl/evp.h>
|
||||||
|
|
||||||
|
+/* just a compatibility symbol - no-op */
|
||||||
|
+void FIPS_corrupt_dsa_keygen(void)
|
||||||
|
+ {
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
static int fips_check_dsa(DSA *dsa)
|
||||||
|
{
|
||||||
|
EVP_PKEY *pk;
|
||||||
|
diff -up openssl-1.0.1e/crypto/engine/eng_all.c.compat openssl-1.0.1e/crypto/engine/eng_all.c
|
||||||
|
--- openssl-1.0.1e/crypto/engine/eng_all.c.compat 2013-11-26 14:36:35.000000000 +0100
|
||||||
|
+++ openssl-1.0.1e/crypto/engine/eng_all.c 2013-12-11 16:32:13.512820424 +0100
|
||||||
|
@@ -62,6 +62,11 @@
|
||||||
|
#include <openssl/fips.h>
|
||||||
|
#endif
|
||||||
|
|
||||||
|
+/* just backwards compatibility symbol - no-op */
|
||||||
|
+void ENGINE_load_aesni (void)
|
||||||
|
+{
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
void ENGINE_load_builtin_engines(void)
|
||||||
|
{
|
||||||
|
/* Some ENGINEs need this */
|
||||||
|
diff -up openssl-1.0.1e/crypto/fips/fips.c.compat openssl-1.0.1e/crypto/fips/fips.c
|
||||||
|
--- openssl-1.0.1e/crypto/fips/fips.c.compat 2013-11-26 14:36:35.000000000 +0100
|
||||||
|
+++ openssl-1.0.1e/crypto/fips/fips.c 2013-12-11 16:38:52.524831858 +0100
|
||||||
|
@@ -111,6 +111,12 @@ int FIPS_module_mode(void)
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
|
+/* just a compat symbol - return NULL */
|
||||||
|
+const void *FIPS_rand_check(void)
|
||||||
|
+ {
|
||||||
|
+ return NULL;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
int FIPS_selftest_failed(void)
|
||||||
|
{
|
||||||
|
int ret = 0;
|
@ -1,6 +1,131 @@
|
|||||||
|
diff -up openssl-1.0.1e/crypto/bn/bn.h.fips-reqs openssl-1.0.1e/crypto/bn/bn.h
|
||||||
|
--- openssl-1.0.1e/crypto/bn/bn.h.fips-reqs 2013-11-26 14:36:35.000000000 +0100
|
||||||
|
+++ openssl-1.0.1e/crypto/bn/bn.h 2013-12-13 11:58:58.623821669 +0100
|
||||||
|
@@ -386,9 +386,11 @@ int BN_GENCB_call(BN_GENCB *cb, int a, i
|
||||||
|
* of Applied Cryptography [Menezes, van Oorschot, Vanstone; CRC Press 1996];
|
||||||
|
* original paper: Damgaard, Landrock, Pomerance: Average case error estimates
|
||||||
|
* for the strong probable prime test. -- Math. Comp. 61 (1993) 177-194) */
|
||||||
|
-#define BN_prime_checks_for_size(b) ((b) >= 1300 ? 2 : \
|
||||||
|
- (b) >= 850 ? 3 : \
|
||||||
|
- (b) >= 650 ? 4 : \
|
||||||
|
+/* FIPS 186-4 specifies error rate given the security strength of the
|
||||||
|
+ * resulting RSA key bit size. So the error rate is 2^-112 or 2^-128 for
|
||||||
|
+ * 1024 and 1536 bit keys.
|
||||||
|
+ */
|
||||||
|
+#define BN_prime_checks_for_size(b) ((b) >= 1300 ? 4 : \
|
||||||
|
(b) >= 550 ? 5 : \
|
||||||
|
(b) >= 450 ? 6 : \
|
||||||
|
(b) >= 400 ? 7 : \
|
||||||
|
diff -up openssl-1.0.1e/crypto/dh/dh_gen.c.fips-reqs openssl-1.0.1e/crypto/dh/dh_gen.c
|
||||||
|
--- openssl-1.0.1e/crypto/dh/dh_gen.c.fips-reqs 2013-11-26 14:36:35.000000000 +0100
|
||||||
|
+++ openssl-1.0.1e/crypto/dh/dh_gen.c 2013-12-11 16:50:54.181130000 +0100
|
||||||
|
@@ -125,7 +125,7 @@ static int dh_builtin_genparams(DH *ret,
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
- if (FIPS_mode() && (prime_len < OPENSSL_DH_FIPS_MIN_MODULUS_BITS))
|
||||||
|
+ if (FIPS_mode() && (prime_len < OPENSSL_DH_FIPS_MIN_MODULUS_BITS_GEN))
|
||||||
|
{
|
||||||
|
DHerr(DH_F_DH_BUILTIN_GENPARAMS, DH_R_KEY_SIZE_TOO_SMALL);
|
||||||
|
goto err;
|
||||||
|
diff -up openssl-1.0.1e/crypto/dh/dh.h.fips-reqs openssl-1.0.1e/crypto/dh/dh.h
|
||||||
|
--- openssl-1.0.1e/crypto/dh/dh.h.fips-reqs 2013-11-26 14:36:35.000000000 +0100
|
||||||
|
+++ openssl-1.0.1e/crypto/dh/dh.h 2013-12-11 16:51:18.345675737 +0100
|
||||||
|
@@ -78,6 +78,7 @@
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#define OPENSSL_DH_FIPS_MIN_MODULUS_BITS 1024
|
||||||
|
+#define OPENSSL_DH_FIPS_MIN_MODULUS_BITS_GEN 2048
|
||||||
|
|
||||||
|
#define DH_FLAG_CACHE_MONT_P 0x01
|
||||||
|
#define DH_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DH
|
||||||
|
diff -up openssl-1.0.1e/crypto/dh/dh_check.c.fips-reqs openssl-1.0.1e/crypto/dh/dh_check.c
|
||||||
|
--- openssl-1.0.1e/crypto/dh/dh_check.c.fips-reqs 2013-02-11 16:26:04.000000000 +0100
|
||||||
|
+++ openssl-1.0.1e/crypto/dh/dh_check.c 2013-12-11 18:02:26.759075219 +0100
|
||||||
|
@@ -134,7 +134,33 @@ int DH_check_pub_key(const DH *dh, const
|
||||||
|
BN_sub_word(q,1);
|
||||||
|
if (BN_cmp(pub_key,q)>=0)
|
||||||
|
*ret|=DH_CHECK_PUBKEY_TOO_LARGE;
|
||||||
|
+#ifdef OPENSSL_FIPS
|
||||||
|
+ if (FIPS_mode())
|
||||||
|
+ {
|
||||||
|
+ BN_CTX *ctx = NULL;
|
||||||
|
|
||||||
|
+ ctx = BN_CTX_new();
|
||||||
|
+ if (ctx == NULL)
|
||||||
|
+ goto err;
|
||||||
|
+
|
||||||
|
+ if (BN_mod_exp_mont(q, pub_key, dh->q, dh->p, ctx, NULL) <= 0)
|
||||||
|
+ {
|
||||||
|
+ BN_CTX_free(ctx);
|
||||||
|
+ goto err;
|
||||||
|
+ }
|
||||||
|
+ if (!BN_is_one(q))
|
||||||
|
+ {
|
||||||
|
+ /* it would be more correct to add new return flag
|
||||||
|
+ * for this test, but we do not want to do it
|
||||||
|
+ * so just error out
|
||||||
|
+ */
|
||||||
|
+ BN_CTX_free(ctx);
|
||||||
|
+ goto err;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ BN_CTX_free(ctx);
|
||||||
|
+ }
|
||||||
|
+#endif
|
||||||
|
ok = 1;
|
||||||
|
err:
|
||||||
|
if (q != NULL) BN_free(q);
|
||||||
|
diff -up openssl-1.0.1e/crypto/dsa/dsa_gen.c.fips-reqs openssl-1.0.1e/crypto/dsa/dsa_gen.c
|
||||||
|
--- openssl-1.0.1e/crypto/dsa/dsa_gen.c.fips-reqs 2013-11-26 14:36:35.000000000 +0100
|
||||||
|
+++ openssl-1.0.1e/crypto/dsa/dsa_gen.c 2013-12-11 16:47:25.882425812 +0100
|
||||||
|
@@ -159,7 +159,6 @@ int dsa_builtin_paramgen(DSA *ret, size_
|
||||||
|
}
|
||||||
|
|
||||||
|
if (FIPS_module_mode() &&
|
||||||
|
- (bits != 1024 || qbits != 160) &&
|
||||||
|
(bits != 2048 || qbits != 224) &&
|
||||||
|
(bits != 2048 || qbits != 256) &&
|
||||||
|
(bits != 3072 || qbits != 256))
|
||||||
|
diff -up openssl-1.0.1e/crypto/dsa/dsa.h.fips-reqs openssl-1.0.1e/crypto/dsa/dsa.h
|
||||||
|
--- openssl-1.0.1e/crypto/dsa/dsa.h.fips-reqs 2013-11-26 14:36:35.000000000 +0100
|
||||||
|
+++ openssl-1.0.1e/crypto/dsa/dsa.h 2013-12-13 11:53:04.637827187 +0100
|
||||||
|
@@ -89,6 +89,7 @@
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#define OPENSSL_DSA_FIPS_MIN_MODULUS_BITS 1024
|
||||||
|
+#define OPENSSL_DSA_FIPS_MIN_MODULUS_BITS_GEN 2048
|
||||||
|
|
||||||
|
#define DSA_FLAG_CACHE_MONT_P 0x01
|
||||||
|
#define DSA_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DSA
|
||||||
|
@@ -254,9 +255,9 @@ int DSAparams_print_fp(FILE *fp, const D
|
||||||
|
int DSA_print_fp(FILE *bp, const DSA *x, int off);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
-#define DSS_prime_checks 50
|
||||||
|
-/* Primality test according to FIPS PUB 186[-1], Appendix 2.1:
|
||||||
|
- * 50 rounds of Rabin-Miller */
|
||||||
|
+#define DSS_prime_checks 64
|
||||||
|
+/* Primality test according to FIPS PUB 186[-4], Appendix 2.1:
|
||||||
|
+ * 64 rounds of Rabin-Miller */
|
||||||
|
#define DSA_is_prime(n, callback, cb_arg) \
|
||||||
|
BN_is_prime(n, DSS_prime_checks, callback, NULL, cb_arg)
|
||||||
|
|
||||||
|
diff -up openssl-1.0.1e/crypto/dsa/dsa_key.c.fips-reqs openssl-1.0.1e/crypto/dsa/dsa_key.c
|
||||||
|
--- openssl-1.0.1e/crypto/dsa/dsa_key.c.fips-reqs 2013-12-11 16:34:58.000000000 +0100
|
||||||
|
+++ openssl-1.0.1e/crypto/dsa/dsa_key.c 2013-12-11 16:47:57.815146894 +0100
|
||||||
|
@@ -127,7 +127,7 @@ static int dsa_builtin_keygen(DSA *dsa)
|
||||||
|
|
||||||
|
#ifdef OPENSSL_FIPS
|
||||||
|
if (FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW)
|
||||||
|
- && (BN_num_bits(dsa->p) < OPENSSL_DSA_FIPS_MIN_MODULUS_BITS))
|
||||||
|
+ && (BN_num_bits(dsa->p) < OPENSSL_DSA_FIPS_MIN_MODULUS_BITS_GEN))
|
||||||
|
{
|
||||||
|
DSAerr(DSA_F_DSA_BUILTIN_KEYGEN, DSA_R_KEY_SIZE_TOO_SMALL);
|
||||||
|
goto err;
|
||||||
diff -up openssl-1.0.1e/crypto/fips/fips_drbg_rand.c.fips-reqs openssl-1.0.1e/crypto/fips/fips_drbg_rand.c
|
diff -up openssl-1.0.1e/crypto/fips/fips_drbg_rand.c.fips-reqs openssl-1.0.1e/crypto/fips/fips_drbg_rand.c
|
||||||
--- openssl-1.0.1e/crypto/fips/fips_drbg_rand.c.fips-reqs 2013-11-15 16:54:49.000000000 +0100
|
--- openssl-1.0.1e/crypto/fips/fips_drbg_rand.c.fips-reqs 2013-11-26 14:36:35.551708593 +0100
|
||||||
+++ openssl-1.0.1e/crypto/fips/fips_drbg_rand.c 2013-11-19 14:48:38.935251819 +0100
|
+++ openssl-1.0.1e/crypto/fips/fips_drbg_rand.c 2013-11-26 14:36:35.601709689 +0100
|
||||||
@@ -77,7 +77,8 @@ static int fips_drbg_bytes(unsigned char
|
@@ -77,7 +77,8 @@ static int fips_drbg_bytes(unsigned char
|
||||||
int rv = 0;
|
int rv = 0;
|
||||||
unsigned char *adin = NULL;
|
unsigned char *adin = NULL;
|
||||||
@ -50,8 +175,8 @@ diff -up openssl-1.0.1e/crypto/fips/fips_drbg_rand.c.fips-reqs openssl-1.0.1e/cr
|
|||||||
}
|
}
|
||||||
|
|
||||||
diff -up openssl-1.0.1e/crypto/fips/fips_rsa_selftest.c.fips-reqs openssl-1.0.1e/crypto/fips/fips_rsa_selftest.c
|
diff -up openssl-1.0.1e/crypto/fips/fips_rsa_selftest.c.fips-reqs openssl-1.0.1e/crypto/fips/fips_rsa_selftest.c
|
||||||
--- openssl-1.0.1e/crypto/fips/fips_rsa_selftest.c.fips-reqs 2013-11-15 16:54:49.390224209 +0100
|
--- openssl-1.0.1e/crypto/fips/fips_rsa_selftest.c.fips-reqs 2013-11-26 14:36:35.555708680 +0100
|
||||||
+++ openssl-1.0.1e/crypto/fips/fips_rsa_selftest.c 2013-11-15 16:54:49.427225021 +0100
|
+++ openssl-1.0.1e/crypto/fips/fips_rsa_selftest.c 2013-11-26 14:36:35.601709689 +0100
|
||||||
@@ -340,6 +340,42 @@ static const unsigned char kat_RSA_X931_
|
@@ -340,6 +340,42 @@ static const unsigned char kat_RSA_X931_
|
||||||
0x60, 0x83, 0x18, 0x88, 0xA3, 0xF5, 0x59, 0xC3
|
0x60, 0x83, 0x18, 0x88, 0xA3, 0xF5, 0x59, 0xC3
|
||||||
};
|
};
|
||||||
@ -123,7 +248,7 @@ diff -up openssl-1.0.1e/crypto/fips/fips_rsa_selftest.c.fips-reqs openssl-1.0.1e
|
|||||||
}
|
}
|
||||||
diff -up openssl-1.0.1e/crypto/modes/gcm128.c.fips-reqs openssl-1.0.1e/crypto/modes/gcm128.c
|
diff -up openssl-1.0.1e/crypto/modes/gcm128.c.fips-reqs openssl-1.0.1e/crypto/modes/gcm128.c
|
||||||
--- openssl-1.0.1e/crypto/modes/gcm128.c.fips-reqs 2013-02-11 16:26:04.000000000 +0100
|
--- openssl-1.0.1e/crypto/modes/gcm128.c.fips-reqs 2013-02-11 16:26:04.000000000 +0100
|
||||||
+++ openssl-1.0.1e/crypto/modes/gcm128.c 2013-11-15 16:54:49.427225021 +0100
|
+++ openssl-1.0.1e/crypto/modes/gcm128.c 2013-11-26 14:36:35.601709689 +0100
|
||||||
@@ -898,6 +898,10 @@ int CRYPTO_gcm128_encrypt(GCM128_CONTEXT
|
@@ -898,6 +898,10 @@ int CRYPTO_gcm128_encrypt(GCM128_CONTEXT
|
||||||
# endif
|
# endif
|
||||||
#endif
|
#endif
|
||||||
@ -147,8 +272,8 @@ diff -up openssl-1.0.1e/crypto/modes/gcm128.c.fips-reqs openssl-1.0.1e/crypto/mo
|
|||||||
if (mlen>((U64(1)<<36)-32) || (sizeof(len)==8 && mlen<len))
|
if (mlen>((U64(1)<<36)-32) || (sizeof(len)==8 && mlen<len))
|
||||||
return -1;
|
return -1;
|
||||||
diff -up openssl-1.0.1e/crypto/modes/modes_lcl.h.fips-reqs openssl-1.0.1e/crypto/modes/modes_lcl.h
|
diff -up openssl-1.0.1e/crypto/modes/modes_lcl.h.fips-reqs openssl-1.0.1e/crypto/modes/modes_lcl.h
|
||||||
--- openssl-1.0.1e/crypto/modes/modes_lcl.h.fips-reqs 2013-11-15 16:54:48.995215544 +0100
|
--- openssl-1.0.1e/crypto/modes/modes_lcl.h.fips-reqs 2013-11-26 14:36:35.089698458 +0100
|
||||||
+++ openssl-1.0.1e/crypto/modes/modes_lcl.h 2013-11-15 16:54:49.427225021 +0100
|
+++ openssl-1.0.1e/crypto/modes/modes_lcl.h 2013-11-26 14:36:35.601709689 +0100
|
||||||
@@ -115,6 +115,7 @@ struct gcm128_context {
|
@@ -115,6 +115,7 @@ struct gcm128_context {
|
||||||
unsigned int mres, ares;
|
unsigned int mres, ares;
|
||||||
block128_f block;
|
block128_f block;
|
||||||
@ -158,8 +283,8 @@ diff -up openssl-1.0.1e/crypto/modes/modes_lcl.h.fips-reqs openssl-1.0.1e/crypto
|
|||||||
|
|
||||||
struct xts128_context {
|
struct xts128_context {
|
||||||
diff -up openssl-1.0.1e/crypto/rand/md_rand.c.fips-reqs openssl-1.0.1e/crypto/rand/md_rand.c
|
diff -up openssl-1.0.1e/crypto/rand/md_rand.c.fips-reqs openssl-1.0.1e/crypto/rand/md_rand.c
|
||||||
--- openssl-1.0.1e/crypto/rand/md_rand.c.fips-reqs 2013-11-15 16:54:49.000000000 +0100
|
--- openssl-1.0.1e/crypto/rand/md_rand.c.fips-reqs 2013-11-26 14:36:35.557708724 +0100
|
||||||
+++ openssl-1.0.1e/crypto/rand/md_rand.c 2013-11-19 14:43:00.592829775 +0100
|
+++ openssl-1.0.1e/crypto/rand/md_rand.c 2013-11-26 14:36:35.602709711 +0100
|
||||||
@@ -143,12 +143,6 @@ static long md_count[2]={0,0};
|
@@ -143,12 +143,6 @@ static long md_count[2]={0,0};
|
||||||
static double entropy=0;
|
static double entropy=0;
|
||||||
static int initialized=0;
|
static int initialized=0;
|
||||||
@ -333,8 +458,8 @@ diff -up openssl-1.0.1e/crypto/rand/md_rand.c.fips-reqs openssl-1.0.1e/crypto/ra
|
|||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
diff -up openssl-1.0.1e/crypto/rand/rand.h.fips-reqs openssl-1.0.1e/crypto/rand/rand.h
|
diff -up openssl-1.0.1e/crypto/rand/rand.h.fips-reqs openssl-1.0.1e/crypto/rand/rand.h
|
||||||
--- openssl-1.0.1e/crypto/rand/rand.h.fips-reqs 2013-11-19 14:32:25.182891113 +0100
|
--- openssl-1.0.1e/crypto/rand/rand.h.fips-reqs 2013-11-26 14:36:35.558708746 +0100
|
||||||
+++ openssl-1.0.1e/crypto/rand/rand.h 2013-11-19 14:32:03.546416472 +0100
|
+++ openssl-1.0.1e/crypto/rand/rand.h 2013-11-26 14:36:35.602709711 +0100
|
||||||
@@ -124,6 +124,8 @@ void RAND_set_fips_drbg_type(int type, i
|
@@ -124,6 +124,8 @@ void RAND_set_fips_drbg_type(int type, i
|
||||||
int RAND_init_fips(void);
|
int RAND_init_fips(void);
|
||||||
#endif
|
#endif
|
||||||
@ -345,8 +470,8 @@ diff -up openssl-1.0.1e/crypto/rand/rand.h.fips-reqs openssl-1.0.1e/crypto/rand/
|
|||||||
/* The following lines are auto generated by the script mkerr.pl. Any changes
|
/* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||||
* made after this point may be overwritten when the script is next run.
|
* made after this point may be overwritten when the script is next run.
|
||||||
diff -up openssl-1.0.1e/crypto/rand/rand_lcl.h.fips-reqs openssl-1.0.1e/crypto/rand/rand_lcl.h
|
diff -up openssl-1.0.1e/crypto/rand/rand_lcl.h.fips-reqs openssl-1.0.1e/crypto/rand/rand_lcl.h
|
||||||
--- openssl-1.0.1e/crypto/rand/rand_lcl.h.fips-reqs 2013-11-15 16:54:49.122218330 +0100
|
--- openssl-1.0.1e/crypto/rand/rand_lcl.h.fips-reqs 2013-11-26 14:36:35.239701748 +0100
|
||||||
+++ openssl-1.0.1e/crypto/rand/rand_lcl.h 2013-11-15 16:54:49.427225021 +0100
|
+++ openssl-1.0.1e/crypto/rand/rand_lcl.h 2013-11-26 14:36:35.602709711 +0100
|
||||||
@@ -112,7 +112,7 @@
|
@@ -112,7 +112,7 @@
|
||||||
#ifndef HEADER_RAND_LCL_H
|
#ifndef HEADER_RAND_LCL_H
|
||||||
#define HEADER_RAND_LCL_H
|
#define HEADER_RAND_LCL_H
|
||||||
@ -358,7 +483,7 @@ diff -up openssl-1.0.1e/crypto/rand/rand_lcl.h.fips-reqs openssl-1.0.1e/crypto/r
|
|||||||
#if !defined(USE_MD5_RAND) && !defined(USE_SHA1_RAND) && !defined(USE_MDC2_RAND) && !defined(USE_MD2_RAND)
|
#if !defined(USE_MD5_RAND) && !defined(USE_SHA1_RAND) && !defined(USE_MDC2_RAND) && !defined(USE_MD2_RAND)
|
||||||
diff -up openssl-1.0.1e/crypto/rand/rand_lib.c.fips-reqs openssl-1.0.1e/crypto/rand/rand_lib.c
|
diff -up openssl-1.0.1e/crypto/rand/rand_lib.c.fips-reqs openssl-1.0.1e/crypto/rand/rand_lib.c
|
||||||
--- openssl-1.0.1e/crypto/rand/rand_lib.c.fips-reqs 2013-02-11 16:26:04.000000000 +0100
|
--- openssl-1.0.1e/crypto/rand/rand_lib.c.fips-reqs 2013-02-11 16:26:04.000000000 +0100
|
||||||
+++ openssl-1.0.1e/crypto/rand/rand_lib.c 2013-11-19 14:44:22.422624833 +0100
|
+++ openssl-1.0.1e/crypto/rand/rand_lib.c 2013-11-26 14:36:35.602709711 +0100
|
||||||
@@ -181,6 +181,41 @@ int RAND_status(void)
|
@@ -181,6 +181,41 @@ int RAND_status(void)
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -416,3 +541,58 @@ diff -up openssl-1.0.1e/crypto/rand/rand_lib.c.fips-reqs openssl-1.0.1e/crypto/r
|
|||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
diff -up openssl-1.0.1e/crypto/rsa/rsa_gen.c.fips-reqs openssl-1.0.1e/crypto/rsa/rsa_gen.c
|
||||||
|
--- openssl-1.0.1e/crypto/rsa/rsa_gen.c.fips-reqs 2013-11-26 14:36:35.000000000 +0100
|
||||||
|
+++ openssl-1.0.1e/crypto/rsa/rsa_gen.c 2013-12-11 16:45:18.661552527 +0100
|
||||||
|
@@ -182,7 +182,7 @@ static int rsa_builtin_keygen(RSA *rsa,
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
- if (bits < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS)
|
||||||
|
+ if (bits < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS_GEN)
|
||||||
|
{
|
||||||
|
FIPSerr(FIPS_F_RSA_BUILTIN_KEYGEN,FIPS_R_KEY_TOO_SHORT);
|
||||||
|
return 0;
|
||||||
|
diff -up openssl-1.0.1e/crypto/rsa/rsa.h.fips-reqs openssl-1.0.1e/crypto/rsa/rsa.h
|
||||||
|
--- openssl-1.0.1e/crypto/rsa/rsa.h.fips-reqs 2013-11-26 14:36:35.000000000 +0100
|
||||||
|
+++ openssl-1.0.1e/crypto/rsa/rsa.h 2013-12-11 16:45:05.937265150 +0100
|
||||||
|
@@ -166,6 +166,8 @@ struct rsa_st
|
||||||
|
|
||||||
|
#define OPENSSL_RSA_FIPS_MIN_MODULUS_BITS 1024
|
||||||
|
|
||||||
|
+#define OPENSSL_RSA_FIPS_MIN_MODULUS_BITS_GEN 2048
|
||||||
|
+
|
||||||
|
#ifndef OPENSSL_RSA_SMALL_MODULUS_BITS
|
||||||
|
# define OPENSSL_RSA_SMALL_MODULUS_BITS 3072
|
||||||
|
#endif
|
||||||
|
diff -up openssl-1.0.1e/ssl/t1_enc.c.fips-reqs openssl-1.0.1e/ssl/t1_enc.c
|
||||||
|
--- openssl-1.0.1e/ssl/t1_enc.c.fips-reqs 2013-02-11 16:26:04.000000000 +0100
|
||||||
|
+++ openssl-1.0.1e/ssl/t1_enc.c 2013-11-26 14:36:35.603709733 +0100
|
||||||
|
@@ -291,6 +291,27 @@ static int tls1_PRF(long digest_mask,
|
||||||
|
err:
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
+
|
||||||
|
+int private_tls1_PRF(long digest_mask,
|
||||||
|
+ const void *seed1, int seed1_len,
|
||||||
|
+ const void *seed2, int seed2_len,
|
||||||
|
+ const void *seed3, int seed3_len,
|
||||||
|
+ const void *seed4, int seed4_len,
|
||||||
|
+ const void *seed5, int seed5_len,
|
||||||
|
+ const unsigned char *sec, int slen,
|
||||||
|
+ unsigned char *out1,
|
||||||
|
+ unsigned char *out2, int olen)
|
||||||
|
+ {
|
||||||
|
+ return tls1_PRF(digest_mask,
|
||||||
|
+ seed1, seed1_len,
|
||||||
|
+ seed2, seed2_len,
|
||||||
|
+ seed3, seed3_len,
|
||||||
|
+ seed4, seed4_len,
|
||||||
|
+ seed5, seed5_len,
|
||||||
|
+ sec, slen,
|
||||||
|
+ out1, out2, olen);
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
static int tls1_generate_key_block(SSL *s, unsigned char *km,
|
||||||
|
unsigned char *tmp, int num)
|
||||||
|
{
|
||||||
|
12
openssl-1.0.1e-weak-ciphers.patch
Normal file
12
openssl-1.0.1e-weak-ciphers.patch
Normal file
@ -0,0 +1,12 @@
|
|||||||
|
diff -up openssl-1.0.1e/ssl/ssl.h.weak-ciphers openssl-1.0.1e/ssl/ssl.h
|
||||||
|
--- openssl-1.0.1e/ssl/ssl.h.weak-ciphers 2013-12-18 15:50:40.881620314 +0100
|
||||||
|
+++ openssl-1.0.1e/ssl/ssl.h 2013-12-18 14:25:25.596566704 +0100
|
||||||
|
@@ -331,7 +331,7 @@ extern "C" {
|
||||||
|
/* The following cipher list is used by default.
|
||||||
|
* It also is substituted when an application-defined cipher list string
|
||||||
|
* starts with 'DEFAULT'. */
|
||||||
|
-#define SSL_DEFAULT_CIPHER_LIST "ALL:!aNULL:!eNULL:!SSLv2"
|
||||||
|
+#define SSL_DEFAULT_CIPHER_LIST "ALL:!aNULL:!eNULL:!SSLv2:!EXPORT:!RC2:!DES"
|
||||||
|
/* As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always
|
||||||
|
* starts with a reasonable order, and all we have to do for DEFAULT is
|
||||||
|
* throwing out anonymous and unencrypted ciphersuites!
|
15
openssl.spec
15
openssl.spec
@ -21,7 +21,7 @@
|
|||||||
Summary: Utilities from the general purpose cryptography library with TLS implementation
|
Summary: Utilities from the general purpose cryptography library with TLS implementation
|
||||||
Name: openssl
|
Name: openssl
|
||||||
Version: 1.0.1e
|
Version: 1.0.1e
|
||||||
Release: 34%{?dist}
|
Release: 35%{?dist}
|
||||||
Epoch: 1
|
Epoch: 1
|
||||||
# We have to remove certain patented algorithms from the openssl source
|
# We have to remove certain patented algorithms from the openssl source
|
||||||
# tarball with the hobble-openssl script which is included below.
|
# tarball with the hobble-openssl script which is included below.
|
||||||
@ -75,7 +75,9 @@ Patch71: openssl-1.0.1e-manfix.patch
|
|||||||
Patch72: openssl-1.0.1e-fips-ctor.patch
|
Patch72: openssl-1.0.1e-fips-ctor.patch
|
||||||
Patch73: openssl-1.0.1e-ecc-suiteb.patch
|
Patch73: openssl-1.0.1e-ecc-suiteb.patch
|
||||||
Patch74: openssl-1.0.1e-no-md5-verify.patch
|
Patch74: openssl-1.0.1e-no-md5-verify.patch
|
||||||
Patch75: openssl-1.0.1e-new-fips-reqs.patch
|
Patch75: openssl-1.0.1e-compat-symbols.patch
|
||||||
|
Patch76: openssl-1.0.1e-new-fips-reqs.patch
|
||||||
|
Patch77: openssl-1.0.1e-weak-ciphers.patch
|
||||||
# Backported fixes including security fixes
|
# Backported fixes including security fixes
|
||||||
Patch81: openssl-1.0.1-beta2-padlock64.patch
|
Patch81: openssl-1.0.1-beta2-padlock64.patch
|
||||||
Patch82: openssl-1.0.1e-backports.patch
|
Patch82: openssl-1.0.1e-backports.patch
|
||||||
@ -191,7 +193,9 @@ cp %{SOURCE12} %{SOURCE13} crypto/ec/
|
|||||||
%patch72 -p1 -b .fips-ctor
|
%patch72 -p1 -b .fips-ctor
|
||||||
%patch73 -p1 -b .suiteb
|
%patch73 -p1 -b .suiteb
|
||||||
%patch74 -p1 -b .no-md5-verify
|
%patch74 -p1 -b .no-md5-verify
|
||||||
%patch75 -p1 -b .fips-reqs
|
%patch75 -p1 -b .compat
|
||||||
|
%patch76 -p1 -b .fips-reqs
|
||||||
|
%patch77 -p1 -b .weak-ciphers
|
||||||
|
|
||||||
%patch81 -p1 -b .padlock64
|
%patch81 -p1 -b .padlock64
|
||||||
%patch82 -p1 -b .backports
|
%patch82 -p1 -b .backports
|
||||||
@ -462,6 +466,11 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/fipscanister.*
|
|||||||
%postun libs -p /sbin/ldconfig
|
%postun libs -p /sbin/ldconfig
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Wed Dec 18 2013 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-35
|
||||||
|
- drop weak ciphers from the default TLS ciphersuite list
|
||||||
|
- add back some symbols that were dropped with update to 1.0.1 branch
|
||||||
|
- more FIPS validation requirement changes
|
||||||
|
|
||||||
* Tue Nov 19 2013 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-34
|
* Tue Nov 19 2013 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-34
|
||||||
- fix locking and reseeding problems with FIPS drbg
|
- fix locking and reseeding problems with FIPS drbg
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user