Dmitry Belyavskiy
1b2d08b2c2
Adaptation of upstream patches disabling explicit EC parameters in FIPS mode
...
Resolves: rhbz#2058663
2022-05-06 17:41:32 +02:00
Dmitry Belyavskiy
4dc19fe033
Reworked patch forbidding explicit EC parameters
...
Resolves: rhbz#2066412
2022-05-06 16:51:28 +02:00
Clemens Lang
1447e64bc3
Include hash in FIPS module version
...
Include a hash of specfile, patches, and sources in the FIPS module
version. This should allow us to uniquely identify a build that we do,
so that we can be sure which specific binary is being submitted for
validation and was certified.
The previous solution used $(date +%Y%m%d), which had some risks related
to build server timezone and build date differences on different
architectures.
Resolves: rhbz#2070550
Signed-off-by: Clemens Lang <cllang@redhat.com>
2022-05-06 13:16:36 +02:00
Dmitry Belyavskiy
ad863e9fc8
OpenSSL FIPS module should not build in non-approved algorithms
...
Resolves: rhbz#2081378
2022-05-05 17:34:49 +02:00
Dmitry Belyavskiy
6ba0e5efa3
When FIPS provider is in use, we forbid only some padding modes - spec
...
Resolves: rhbz#2053289
2022-05-02 18:33:35 +02:00
Dmitry Belyavskiy
067b6b249b
When FIPS provider is in use, we forbid only some padding modes
...
Resolves: rhbz#2053289
2022-05-02 17:42:54 +02:00
Dmitry Belyavskiy
02c75e5a65
We dont'want totally forbid RSA encryption.
...
Related: rhbz#2053289
2022-05-02 15:54:28 +02:00
Clemens Lang
9afaa3d1f4
Fix regression in evp_pkey_name2type caused by tr_TR locale fix
...
Resolves: rhbz#2071631
Signed-off-by: Clemens Lang <cllang@redhat.com>
2022-04-28 13:39:35 +02:00
Dmitry Belyavskiy
a711ac2e4f
Fix openssl curl error with LANG=tr_TR.utf8
...
Resolves: rhbz#2071631
2022-04-21 15:16:46 +02:00
Dmitry Belyavskiy
c0744a0cbf
Temporary manual test
2022-04-21 13:20:27 +02:00
Dmitry Belyavskiy
7a1c7b28bc
FIPS provider doesn't block RSA encryption for key transport
...
Resolves: rhbz#2053289
2022-03-29 13:32:47 +02:00
Clemens Lang
93ff3f8fe5
Fix occasional internal error in TLS when DHE is used
...
Resolves: rhbz#2004915
Signed-off-by: Clemens Lang <cllang@redhat.com>
2022-03-22 13:04:16 +01:00
Clemens Lang
153f593fa6
Fix SHA1 certs in LEGACY without openssl lib ctxt
...
Resolves: rhbz#2065400
Signed-off-by: Clemens Lang <cllang@redhat.com>
2022-03-18 13:36:55 +01:00
Clemens Lang
4eb630f7d5
Fix TLS connections with SHA1 signatures if rh-allow-sha1-signatures = yes
...
Resolves: rhbz#2065400
Signed-off-by: Clemens Lang <cllang@redhat.com>
2022-03-18 09:27:51 +01:00
Dmitry Belyavskiy
03697fff80
CVE-2022-0778 fix
...
Resolves: rhbz#2062315
2022-03-16 15:03:25 +01:00
Clemens Lang
bc7dfd9722
Fix RSA PSS padding with SHA-1 disabled
...
Invocations of EVP_PKEY_CTX_set_rsa_padding(RSA_PKCS1_PSS_PADDING)
before setting an allowed digest with EVP_PKEY_CTX_set_signature_md()
would fail with SHA-1 use in signatures disabled, because OpenSSL's
internal default for the digest was SHA-1.
This isn't documented in any of the manpages, hence we expect users to
always call both EVP_PKEY_CTX_set_rsa_padding() and
EVP_PKEY_CTX_set_signature_md(). We do not want set_rsa_padding() to
fail if users set a non-SHA-1 signature algorithm after setting the
padding mode, though, so change the internal default to SHA-256 if SHA-1
is disabled.
Resolves: rhbz#2062640
2022-03-10 13:29:29 +01:00
Clemens Lang
3c66c99bd5
Allow SHA1 in seclevel 2 if rh-allow-sha1-signatures = yes
...
We want legacy policy to be able to talk to older RHEL that only
supports SHA1 signature algorithms, so allow SHA1 signatures even in
seclevel 2 if rh-allow-sha1-signatures is set to yes.
Resolves: rhbz#2060510
Signed-off-by: Clemens Lang <cllang@redhat.com>
2022-03-04 10:19:04 +01:00
Clemens Lang
ede38fcb54
Prevent use of SHA1 with ECDSA
...
providers/implementations/signature/{ec,}dsa_sig.c accept a NID_undef
digest, so to prevent SHA1 from working with ECDSA and DSA, we must
return a negative value in securitycheck.c.
Resolves: rhbz#2031742
2022-02-25 14:45:22 +01:00
Dmitry Belyavskiy
ea9f0a5726
OpenSSL will generate keys with prime192v1 curve if it is provided using explicit parameters
...
Resolves: rhbz#1977867
2022-02-25 12:37:01 +01:00
Peter Robinson
849a9965ee
Support KBKDF (NIST SP800-108) with an R value of 8bits Resolves: rhbz#2027261
...
Signed-off-by: Peter Robinson <pbrobinson@redhat.com>
2022-02-24 10:14:16 +00:00
Clemens Lang
53f53fedec
Allow SHA1 usage in MGF1 for RSASSA-PSS signatures
...
Resolves: rhbz#2031742
Signed-off-by: Clemens Lang <cllang@redhat.com>
2022-02-23 17:53:55 +01:00
Dmitry Belyavskiy
b33dfd3fc3
Spec bump
...
Resolves: rhbz#2031742
2022-02-23 11:47:25 +01:00
Clemens Lang
5a9ab1160e
Allow SHA1 usage in HMAC in TLS
...
The EVP_DigestSign API is used in TLS to compute a SHA1 HMAC, which is
OK from our point of view, but was blocked so far. Modify
0049-Selectively-disallow-SHA1-signatures.patch to check the EVP_PKEY
type for HMAC (and TLS1-PRF and HKDF), and allow SHA1 for these cases.
Note that TLS1.1 signs a MD5-SHA1 hash with a private key, which does
not work with rh-allow-sha1-signatures = no, so the minimum TLS version
will be TLS 1.2.
Resolves: rhbz#2031742
Signed-off-by: Clemens Lang <cllang@redhat.com>
2022-02-22 19:40:20 +01:00
Dmitry Belyavskiy
53b85f538c
OpenSSL will generate keys with prime192v1 curve if it is provided using explicit parameters
...
Resolves: rhbz#1977867
2022-02-22 16:32:34 +01:00
Dmitry Belyavskiy
d79f404164
Allows non-fips KDF for PKCS#12
...
Related: rhbz#2049265
2022-02-22 16:30:16 +01:00
Clemens Lang
78fb78d307
Disable SHA1 signature creation and verification by default
...
Set rh-allow-sha1-signatures = yes to re-enable
Resolves: rhbz#2031742
Signed-off-by: Clemens Lang <cllang@redhat.com>
2022-02-22 12:25:35 +01:00
Sahana Prasad
0a5c81da78
s_server: correctly handle 2^14 byte long records
...
Resolves: rhbz#2042011
Signed-off-by: Sahana Prasad <sahana@redhat.com>
2022-02-03 15:37:48 +01:00
Dmitry Belyavskiy
922b5301ea
Adjust FIPS provider version
...
FIPS provider version is now autofilled from release and date
Related: rhbz#2026445
2022-02-01 16:02:01 +01:00
Dmitry Belyavskiy
8c3b745547
On the s390x, zeroize all the copies of TLS premaster secret
...
Related: rhbz#2040448
2022-01-26 16:50:19 +01:00
Dmitry Belyavskiy
92e721fa5d
Rebuild
...
Related: rhbz#2026445
2022-01-21 14:40:57 +01:00
Dmitry Belyavskiy
691c22b61c
Remove volatile attribute from HMAC to make annocheck happy
...
Related: rhbz#1985362
2022-01-21 13:48:28 +01:00
Dmitry Belyavskiy
d237e7f301
Restoring fips=yes to SHA-1
...
Related: rhbz#2026445
2022-01-21 13:48:28 +01:00
Dmitry Belyavskiy
9df33eabbe
KATS self-tests should run before HMAC verifcation
...
Related: rhbz#2041994
2022-01-21 13:48:28 +01:00
Sahana Prasad
f5421022ee
Adds enable-buildtest-c++ to the configure options.
...
Related: rhbz#1990814
Signed-off-by: Sahana Prasad <sahana@redhat.com>
2022-01-20 16:37:50 +01:00
Sahana Prasad
78a467efcc
Rebase to upstream version 3.0.1
...
Fixes CVE-2021-4044 Invalid handling of X509_verify_cert() internal errors in libssl
Resolves: rhbz#2038910, rhbz#2035148
Signed-off-by: Sahana Prasad <sahana@redhat.com>
2022-01-18 18:30:10 +01:00
Dmitry Belyavskiy
e63c4b68b2
Update spec file, remove fipsmodule.cnf
...
Related: rhbz#2026445
2022-01-17 14:18:22 +01:00
Dmitry Belyavskiy
6cdaa527d8
Explicitly permit SHA1 HMAC
...
Related: rhbz#2026445
2022-01-17 13:19:40 +01:00
Dmitry Belyavskiy
cc37486d86
Minimize the list of services allowed for FIPS
...
Related: rhbz#2026445
2022-01-17 13:19:29 +01:00
Dmitry Belyavskiy
225b6d37b9
openssl speed should run in FIPS mode
...
Related: rhbz#1977318
2021-12-21 16:16:07 +01:00
Dmitry Belyavskiy
13dc3794cb
Make rpminspect happy
2021-12-10 14:19:15 +01:00
Dmitry Belyavskiy
4c1c00d6af
Updated spec, some cleanup done
...
Related: rhbz#1985362
2021-11-24 13:44:25 +01:00
Dmitry Belyavskiy
9422ae52de
Always activate default provider via config
...
Related: rhbz#1985362
2021-11-23 16:52:23 +01:00
Dmitry Belyavskiy
210c37e906
Disable fipsinstall application
...
Related: rhbz#1985362
2021-11-23 15:02:48 +01:00
Dmitry Belyavskiy
3ff0db7558
Embed correct HMAC into fips provider
...
We have stripped production version and unstripped version for tests.
Related: rhbz#1985362
2021-11-23 15:02:14 +01:00
Dmitry Belyavskiy
5c4e10ac26
FIPS provider auto activation
...
When FIPS flag is on, we load fips provider and set properties to fips.
FIPS checksum is embedded in FIPS provider itself
Related: rhbz#1985362
2021-11-23 15:01:33 +01:00
Dmitry Belyavskiy
694c426faf
Fix memory leak in s_client
...
Related: rhbz#1996092
2021-10-07 19:08:23 +02:00
Dmitry Belyavskiy
b76c2316a3
KTLS and FIPS may interfere, so tests need to be tuned
...
Resolves: rhbz#1961643
2021-09-22 17:15:22 +02:00
Dmitry Belyavskiy
3edf474b5d
Avoid double-free on error seeding the RNG.
...
Resolves: rhbz#1952844
2021-09-20 17:13:26 +02:00
Sahana Prasad
34d46544a5
Rebase to upstream version 3.0.0
...
Related: rhbz#1990814
Signed-off-by: Sahana Prasad <sahana@redhat.com>
2021-09-09 13:07:02 +02:00
Sahana Prasad
07de966235
- Removes the dual-abi build as it not required anymore. The mass rebuild
...
was completed and all packages are rebuilt against Beta version.
Resolves: rhbz#1984097
Signed-off-by: Sahana Prasad <sahana@redhat.com>
2021-08-25 17:02:52 +02:00