The first patch caused a QUIC test to fail, so backport the entire
series, which looks reasonable and adds good additional safeguards and
checks.
(cherry picked from commit f3cb03b52a)
Resolves: RHEL-45657
Signed-off-by: Clemens Lang <cllang@redhat.com>
ISO 19790 AS10.09 says the module shall not perform any cryptographic
operations or output data in an error state, but OpenSSL does not have
checks for the module state in EVP_DigestUpdate() and
EVP_EncryptUpdate().
Upstream and their certification lab says these checks aren't needed,
our lab disagrees. We asked for clarification from CMVP. While we are
waiting for that, add a change that will allow us to submit. We will
drop this patch one we found a solution together with upstream.
See #22506 for the discussion upstream.
Resolves: RHEL-17104
Switch explicit FIPS indicator for RSA-OAEP to approved following
clarification with CMVP. Additionally, backport a check required by
SP800-56Br2 6.4.1.2.1 (3.c).
Resolves: RHEL-14083
For DH parameter and key pair generation/verification, the DSA
procedures specified in FIPS 186-4 are used. With the release of FIPS
186-5 and the removal of DSA, the approved status of these groups is in
peril. Once the transition for DSA ends (this transition will be 1 year
long and start once CMVP has published the guidance), no more
submissions claiming DSA will be allowed. Hence, FIPS 186-type
parameters will also be automatically non-approved.
Previously, we had addressed this by completely disabling the DHX key
type in the OpenSSL FIPS provider, but the default encoding for DHX-type
keys is X9.42 DH, which is used, for example, by kerberos.
Re-enable DHX-type keys in the FIPS provider, but disable import and
validation of any DH parameters that are not well-known groups, and
remove DH parameter generation completely.
Adjust tests to use well-known groups or larger DH groups where this
change would now cause failures, and skip tests that are expected to
fail due to this change.
Signed-off-by: Clemens Lang <cllang@redhat.com>
Resolves: rhbz#2169757
- Remove the hobbling script as it is redundant. It is now allowed to ship
the sources of patented EC curves, however it is still made unavailable to use
by compiling with the 'no-ec2m' Configure option. The additional forbidden
curves such as P-160, P-192, wap-tls curves are manually removed by updating
0011-Remove-EC-curves.patch.
- Enable Brainpool curves.
- Apply the changes to ec_curve.c and ectest.c as a new patch
0010-Add-changes-to-ectest-and-eccurve.patch instead of replacing them.
- Modify 0011-Remove-EC-curves.patch to allow Brainpool curves.
- Modify 0011-Remove-EC-curves.patch to allow code under macro OPENSSL_NO_EC2M.
Resolves: rhbz#2130618, rhbz#2188180
Signed-off-by: Sahana Prasad <sahana@redhat.com>
Add the patchfile that was committed but not referenced in the spec
file. Fix the patch to apply on openssl 3.0.7 and fix the gettable FIPS
indicator parameter for the RSA asymmetric cipher implementation.
Resolves: rhbz#2179379
Signed-off-by: Clemens Lang <cllang@redhat.com>