Commit Graph

171 Commits

Author SHA1 Message Date
Clemens Lang
bc7dfd9722 Fix RSA PSS padding with SHA-1 disabled
Invocations of EVP_PKEY_CTX_set_rsa_padding(RSA_PKCS1_PSS_PADDING)
before setting an allowed digest with EVP_PKEY_CTX_set_signature_md()
would fail with SHA-1 use in signatures disabled, because OpenSSL's
internal default for the digest was SHA-1.

This isn't documented in any of the manpages, hence we expect users to
always call both EVP_PKEY_CTX_set_rsa_padding() and
EVP_PKEY_CTX_set_signature_md(). We do not want set_rsa_padding() to
fail if users set a non-SHA-1 signature algorithm after setting the
padding mode, though, so change the internal default to SHA-256 if SHA-1
is disabled.

Resolves: rhbz#2062640
2022-03-10 13:29:29 +01:00
Clemens Lang
3c66c99bd5 Allow SHA1 in seclevel 2 if rh-allow-sha1-signatures = yes
We want legacy policy to be able to talk to older RHEL that only
supports SHA1 signature algorithms, so allow SHA1 signatures even in
seclevel 2 if rh-allow-sha1-signatures is set to yes.

Resolves: rhbz#2060510
Signed-off-by: Clemens Lang <cllang@redhat.com>
2022-03-04 10:19:04 +01:00
Clemens Lang
ede38fcb54 Prevent use of SHA1 with ECDSA
providers/implementations/signature/{ec,}dsa_sig.c accept a NID_undef
digest, so to prevent SHA1 from working with ECDSA and DSA, we must
return a negative value in securitycheck.c.

Resolves: rhbz#2031742
2022-02-25 14:45:22 +01:00
Dmitry Belyavskiy
ea9f0a5726 OpenSSL will generate keys with prime192v1 curve if it is provided using explicit parameters
Resolves: rhbz#1977867
2022-02-25 12:37:01 +01:00
Peter Robinson
849a9965ee Support KBKDF (NIST SP800-108) with an R value of 8bits Resolves: rhbz#2027261
Signed-off-by: Peter Robinson <pbrobinson@redhat.com>
2022-02-24 10:14:16 +00:00
Clemens Lang
53f53fedec Allow SHA1 usage in MGF1 for RSASSA-PSS signatures
Resolves: rhbz#2031742
Signed-off-by: Clemens Lang <cllang@redhat.com>
2022-02-23 17:53:55 +01:00
Dmitry Belyavskiy
b33dfd3fc3 Spec bump
Resolves: rhbz#2031742
2022-02-23 11:47:25 +01:00
Clemens Lang
5a9ab1160e Allow SHA1 usage in HMAC in TLS
The EVP_DigestSign API is used in TLS to compute a SHA1 HMAC, which is
OK from our point of view, but was blocked so far. Modify
0049-Selectively-disallow-SHA1-signatures.patch to check the EVP_PKEY
type for HMAC (and TLS1-PRF and HKDF), and allow SHA1 for these cases.

Note that TLS1.1 signs a MD5-SHA1 hash with a private key, which does
not work with rh-allow-sha1-signatures = no, so the minimum TLS version
will be TLS 1.2.

Resolves: rhbz#2031742
Signed-off-by: Clemens Lang <cllang@redhat.com>
2022-02-22 19:40:20 +01:00
Dmitry Belyavskiy
53b85f538c OpenSSL will generate keys with prime192v1 curve if it is provided using explicit parameters
Resolves: rhbz#1977867
2022-02-22 16:32:34 +01:00
Dmitry Belyavskiy
d79f404164 Allows non-fips KDF for PKCS#12
Related: rhbz#2049265
2022-02-22 16:30:16 +01:00
Clemens Lang
78fb78d307 Disable SHA1 signature creation and verification by default
Set rh-allow-sha1-signatures = yes to re-enable

Resolves: rhbz#2031742
Signed-off-by: Clemens Lang <cllang@redhat.com>
2022-02-22 12:25:35 +01:00
Sahana Prasad
0a5c81da78 s_server: correctly handle 2^14 byte long records
Resolves: rhbz#2042011

Signed-off-by: Sahana Prasad <sahana@redhat.com>
2022-02-03 15:37:48 +01:00
Dmitry Belyavskiy
922b5301ea Adjust FIPS provider version
FIPS provider version is now autofilled from release and date
Related: rhbz#2026445
2022-02-01 16:02:01 +01:00
Dmitry Belyavskiy
8c3b745547 On the s390x, zeroize all the copies of TLS premaster secret
Related: rhbz#2040448
2022-01-26 16:50:19 +01:00
Dmitry Belyavskiy
92e721fa5d Rebuild
Related: rhbz#2026445
2022-01-21 14:40:57 +01:00
Dmitry Belyavskiy
691c22b61c Remove volatile attribute from HMAC to make annocheck happy
Related: rhbz#1985362
2022-01-21 13:48:28 +01:00
Dmitry Belyavskiy
d237e7f301 Restoring fips=yes to SHA-1
Related: rhbz#2026445
2022-01-21 13:48:28 +01:00
Dmitry Belyavskiy
9df33eabbe KATS self-tests should run before HMAC verifcation
Related: rhbz#2041994
2022-01-21 13:48:28 +01:00
Sahana Prasad
f5421022ee Adds enable-buildtest-c++ to the configure options.
Related: rhbz#1990814

Signed-off-by: Sahana Prasad <sahana@redhat.com>
2022-01-20 16:37:50 +01:00
Sahana Prasad
78a467efcc Rebase to upstream version 3.0.1
Fixes CVE-2021-4044 Invalid handling of X509_verify_cert() internal errors in libssl
Resolves: rhbz#2038910, rhbz#2035148

Signed-off-by: Sahana Prasad <sahana@redhat.com>
2022-01-18 18:30:10 +01:00
Dmitry Belyavskiy
e63c4b68b2 Update spec file, remove fipsmodule.cnf
Related: rhbz#2026445
2022-01-17 14:18:22 +01:00
Dmitry Belyavskiy
6cdaa527d8 Explicitly permit SHA1 HMAC
Related: rhbz#2026445
2022-01-17 13:19:40 +01:00
Dmitry Belyavskiy
cc37486d86 Minimize the list of services allowed for FIPS
Related: rhbz#2026445
2022-01-17 13:19:29 +01:00
Dmitry Belyavskiy
225b6d37b9 openssl speed should run in FIPS mode
Related: rhbz#1977318
2021-12-21 16:16:07 +01:00
Dmitry Belyavskiy
13dc3794cb Make rpminspect happy 2021-12-10 14:19:15 +01:00
Dmitry Belyavskiy
4c1c00d6af Updated spec, some cleanup done
Related: rhbz#1985362
2021-11-24 13:44:25 +01:00
Dmitry Belyavskiy
9422ae52de Always activate default provider via config
Related: rhbz#1985362
2021-11-23 16:52:23 +01:00
Dmitry Belyavskiy
210c37e906 Disable fipsinstall application
Related: rhbz#1985362
2021-11-23 15:02:48 +01:00
Dmitry Belyavskiy
3ff0db7558 Embed correct HMAC into fips provider
We have stripped production version and unstripped version for tests.
Related: rhbz#1985362
2021-11-23 15:02:14 +01:00
Dmitry Belyavskiy
5c4e10ac26 FIPS provider auto activation
When FIPS flag is on, we load fips provider and set properties to fips.
FIPS checksum is embedded in FIPS provider itself
Related: rhbz#1985362
2021-11-23 15:01:33 +01:00
Dmitry Belyavskiy
694c426faf Fix memory leak in s_client
Related: rhbz#1996092
2021-10-07 19:08:23 +02:00
Dmitry Belyavskiy
b76c2316a3 KTLS and FIPS may interfere, so tests need to be tuned
Resolves: rhbz#1961643
2021-09-22 17:15:22 +02:00
Dmitry Belyavskiy
3edf474b5d Avoid double-free on error seeding the RNG.
Resolves: rhbz#1952844
2021-09-20 17:13:26 +02:00
Sahana Prasad
34d46544a5 Rebase to upstream version 3.0.0
Related: rhbz#1990814

Signed-off-by: Sahana Prasad <sahana@redhat.com>
2021-09-09 13:07:02 +02:00
Sahana Prasad
07de966235 - Removes the dual-abi build as it not required anymore. The mass rebuild
was completed and all packages are rebuilt against Beta version.
Resolves: rhbz#1984097

Signed-off-by: Sahana Prasad <sahana@redhat.com>
2021-08-25 17:02:52 +02:00
Dmitry Belyavskiy
ddd1eb3708 Correctly processing CMS reading from /dev/stdin
Resolves: rhbz#1986315
2021-08-23 10:45:49 +02:00
Sahana Prasad
49de59749c Add instruction for loading legacy provider in openssl.cnf
Resolves: rhbz#1975836

Signed-off-by: Sahana Prasad <sahana@redhat.com>
2021-08-16 14:16:12 +02:00
Sahana Prasad
03899fca38 Adds support for IDEA encryption.
Resolves: rhbz#1990602

Signed-off-by: Sahana Prasad <sahana@redhat.com>
2021-08-16 11:44:00 +02:00
Sahana Prasad
0c6f4a599c - Fixes core dump in openssl req -modulus
- Fixes 'openssl req' to not ask for password when non-encrypted private key
  is used
- cms: Do not try to check binary format on stdin and -rctform fix
- Resolves: rhbz#1988137, rhbz#1988468, rhbz#1988137

Signed-off-by: Sahana Prasad <sahana@redhat.com>
2021-08-10 16:54:16 +02:00
Mohan Boddu
2862adca42 Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
Signed-off-by: Mohan Boddu <mboddu@redhat.com>
2021-08-09 22:44:21 +00:00
Dmitry Belyavskiy
ecb6630fd3 When signature_algorithm extension is omitted, use more relevant alerts
Resolves: rhbz#1965017
2021-08-04 15:55:01 +02:00
Sahana Prasad
c5d8025ca8 Remove tier 0 functional test from gating.yaml.
These tests are removed from dist-git and are executed
as tier1 or higher tests already.
Signed-off-by: Sahana Prasad <sahana@redhat.com>
2021-08-04 10:37:11 +02:00
Sahana Prasad
fe7445d93d Rebase to upstream version beta2
Related: rhbz#1903209

Signed-off-by: Sahana Prasad <sahana@redhat.com>
2021-08-03 15:11:22 +02:00
Sahana Prasad
0b6afca185 - Prevents creation of duplicate cert entries in PKCS #12 files
Resolves: rhbz#1978670

Signed-off-by: Sahana Prasad <sahana@redhat.com>
2021-07-22 15:38:17 +02:00
Aleksandra Fedorova
b7c6b85c95 Add RHEL gating configuration 2021-07-22 07:14:14 +00:00
Sahana Prasad
e3d0ba4f1e NVR Bump to Update to OpenSSL 3.0 Beta1 version
Related: rhbz#1903209

Signed-off-by: Sahana Prasad <sahana@redhat.com>
2021-07-21 14:37:35 +02:00
Sahana Prasad
529b968a17 Update patch dual-abi.patch to add the #define macros in implementation
files instead of public header files

Related: rhbz#1903209
Signed-off-by: Sahana Prasad <sahana@redhat.com>
2021-07-19 14:00:13 +02:00
Sahana Prasad
a3158ae4f7 Removes unused patch dual-abi.patch
Related: rhbz#1903209

Signed-off-by: Sahana Prasad <sahana@redhat.com>
2021-07-14 14:20:07 +02:00
Sahana Prasad
d4e97b3110 Update to Beta1 version
Includes a patch to support dual-ABI, as Beta1 brekas ABI with alpha16

Related: rhbz#1903209

Signed-off-by: Sahana Prasad <sahana@redhat.com>
2021-07-14 13:31:08 +02:00
Sahana Prasad
90bf702df6 - Fixes override of openssl_conf in openssl.cnf
- Use AI_ADDRCONFIG only when explicit host name is given
- Temporarily remove fipsmodule.cnf for arch i686
- Fixes segmentation fault in BN_lebin2bn

Resolves: rhbz#1975847, rhbz#1976845, rhbz#1973477, rhbz#1975855

Signed-off-by: Sahana Prasad <sahana@redhat.com>
2021-07-06 22:35:53 +02:00