FIPS RSA CRT tests must use correct parameters
Resolves: rhbz#2144006
This commit is contained in:
Dmitry Belyavskiy
Clemens Lang
parent
474a112b98
commit
fb8fee4b43
41
0087-FIPS-RSA-selftest-params.patch
Normal file
41
0087-FIPS-RSA-selftest-params.patch
Normal file
@ -0,0 +1,41 @@
|
||||
From 34e3cbf99f2113ca01b460cf37b56460262979af Mon Sep 17 00:00:00 2001
|
||||
From: slontis <shane.lontis@oracle.com>
|
||||
Date: Wed, 26 Oct 2022 11:10:50 +1000
|
||||
Subject: [PATCH] Use RSA CRT parameters in FIPS self tests.
|
||||
|
||||
Fixes #19488
|
||||
|
||||
Use the correct OSSL_PKEY_PARAM_RSA CRT names fior the self tests.
|
||||
The invalid names cause CRT parameters to be silently ignored.
|
||||
|
||||
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
||||
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
||||
Reviewed-by: Tomas Mraz <tomas@openssl.org>
|
||||
(Merged from https://github.com/openssl/openssl/pull/19501)
|
||||
|
||||
(cherry picked from commit c7424fe68c65aa2187a8e4028d7dea742b95d81a)
|
||||
(cherry picked from commit 4215d649e92bc4c42997ec4a1e65beba1055bbe1)
|
||||
---
|
||||
providers/fips/self_test_data.inc | 10 +++++-----
|
||||
|
||||
diff --git a/providers/fips/self_test_data.inc b/providers/fips/self_test_data.inc
|
||||
index 5f057d5679f1..8ae8cd6f4a5a 100644
|
||||
--- a/providers/fips/self_test_data.inc
|
||||
+++ b/providers/fips/self_test_data.inc
|
||||
@@ -1270,11 +1270,11 @@ static const ST_KAT_PARAM rsa_crt_key[] = {
|
||||
ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_N, rsa_n),
|
||||
ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_E, rsa_e),
|
||||
ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_D, rsa_d),
|
||||
- ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_FACTOR, rsa_p),
|
||||
- ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_FACTOR, rsa_q),
|
||||
- ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_EXPONENT, rsa_dp),
|
||||
- ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_EXPONENT, rsa_dq),
|
||||
- ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_COEFFICIENT, rsa_qInv),
|
||||
+ ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_FACTOR1, rsa_p),
|
||||
+ ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_FACTOR2, rsa_q),
|
||||
+ ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_EXPONENT1, rsa_dp),
|
||||
+ ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_EXPONENT2, rsa_dq),
|
||||
+ ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_COEFFICIENT1, rsa_qInv),
|
||||
ST_KAT_PARAM_END()
|
||||
};
|
||||
|
||||
@ -168,6 +168,8 @@ Patch79: 0079-CVE-2022-3602.patch
|
||||
Patch85: 0085-FIPS-RSA-disable-shake.patch
|
||||
#https://github.com/openssl/openssl/pull/17546
|
||||
Patch86: 0086-avoid-bio-memleak.patch
|
||||
#https://github.com/openssl/openssl/pull/19501
|
||||
Patch87: 0087-FIPS-RSA-selftest-params.patch
|
||||
|
||||
License: ASL 2.0
|
||||
URL: http://www.openssl.org/
|
||||
@ -503,6 +505,8 @@ install -m644 %{SOURCE9} \
|
||||
Resolves: rhbz#2144010
|
||||
- Avoid memory leaks in TLS
|
||||
Resolves: rhbz#2144008
|
||||
- FIPS RSA CRT tests must use correct parameters
|
||||
Resolves: rhbz#2144006
|
||||
|
||||
* Tue Nov 01 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.1-43
|
||||
- CVE-2022-3602: X.509 Email Address Buffer Overflow
|
||||
|
||||
Loading…
Reference in New Issue
Block a user