FIPS RSA CRT tests must use correct parameters
Resolves: rhbz#2144006
This commit is contained in:
parent
474a112b98
commit
fb8fee4b43
41
0087-FIPS-RSA-selftest-params.patch
Normal file
41
0087-FIPS-RSA-selftest-params.patch
Normal file
@ -0,0 +1,41 @@
|
|||||||
|
From 34e3cbf99f2113ca01b460cf37b56460262979af Mon Sep 17 00:00:00 2001
|
||||||
|
From: slontis <shane.lontis@oracle.com>
|
||||||
|
Date: Wed, 26 Oct 2022 11:10:50 +1000
|
||||||
|
Subject: [PATCH] Use RSA CRT parameters in FIPS self tests.
|
||||||
|
|
||||||
|
Fixes #19488
|
||||||
|
|
||||||
|
Use the correct OSSL_PKEY_PARAM_RSA CRT names fior the self tests.
|
||||||
|
The invalid names cause CRT parameters to be silently ignored.
|
||||||
|
|
||||||
|
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
||||||
|
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
||||||
|
Reviewed-by: Tomas Mraz <tomas@openssl.org>
|
||||||
|
(Merged from https://github.com/openssl/openssl/pull/19501)
|
||||||
|
|
||||||
|
(cherry picked from commit c7424fe68c65aa2187a8e4028d7dea742b95d81a)
|
||||||
|
(cherry picked from commit 4215d649e92bc4c42997ec4a1e65beba1055bbe1)
|
||||||
|
---
|
||||||
|
providers/fips/self_test_data.inc | 10 +++++-----
|
||||||
|
|
||||||
|
diff --git a/providers/fips/self_test_data.inc b/providers/fips/self_test_data.inc
|
||||||
|
index 5f057d5679f1..8ae8cd6f4a5a 100644
|
||||||
|
--- a/providers/fips/self_test_data.inc
|
||||||
|
+++ b/providers/fips/self_test_data.inc
|
||||||
|
@@ -1270,11 +1270,11 @@ static const ST_KAT_PARAM rsa_crt_key[] = {
|
||||||
|
ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_N, rsa_n),
|
||||||
|
ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_E, rsa_e),
|
||||||
|
ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_D, rsa_d),
|
||||||
|
- ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_FACTOR, rsa_p),
|
||||||
|
- ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_FACTOR, rsa_q),
|
||||||
|
- ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_EXPONENT, rsa_dp),
|
||||||
|
- ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_EXPONENT, rsa_dq),
|
||||||
|
- ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_COEFFICIENT, rsa_qInv),
|
||||||
|
+ ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_FACTOR1, rsa_p),
|
||||||
|
+ ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_FACTOR2, rsa_q),
|
||||||
|
+ ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_EXPONENT1, rsa_dp),
|
||||||
|
+ ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_EXPONENT2, rsa_dq),
|
||||||
|
+ ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_COEFFICIENT1, rsa_qInv),
|
||||||
|
ST_KAT_PARAM_END()
|
||||||
|
};
|
||||||
|
|
@ -168,6 +168,8 @@ Patch79: 0079-CVE-2022-3602.patch
|
|||||||
Patch85: 0085-FIPS-RSA-disable-shake.patch
|
Patch85: 0085-FIPS-RSA-disable-shake.patch
|
||||||
#https://github.com/openssl/openssl/pull/17546
|
#https://github.com/openssl/openssl/pull/17546
|
||||||
Patch86: 0086-avoid-bio-memleak.patch
|
Patch86: 0086-avoid-bio-memleak.patch
|
||||||
|
#https://github.com/openssl/openssl/pull/19501
|
||||||
|
Patch87: 0087-FIPS-RSA-selftest-params.patch
|
||||||
|
|
||||||
License: ASL 2.0
|
License: ASL 2.0
|
||||||
URL: http://www.openssl.org/
|
URL: http://www.openssl.org/
|
||||||
@ -503,6 +505,8 @@ install -m644 %{SOURCE9} \
|
|||||||
Resolves: rhbz#2144010
|
Resolves: rhbz#2144010
|
||||||
- Avoid memory leaks in TLS
|
- Avoid memory leaks in TLS
|
||||||
Resolves: rhbz#2144008
|
Resolves: rhbz#2144008
|
||||||
|
- FIPS RSA CRT tests must use correct parameters
|
||||||
|
Resolves: rhbz#2144006
|
||||||
|
|
||||||
* Tue Nov 01 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.1-43
|
* Tue Nov 01 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.1-43
|
||||||
- CVE-2022-3602: X.509 Email Address Buffer Overflow
|
- CVE-2022-3602: X.509 Email Address Buffer Overflow
|
||||||
|
Loading…
Reference in New Issue
Block a user