From e364a858262c8f563954544cc81e66f1b3b8db8c Mon Sep 17 00:00:00 2001 From: rpm-build Date: Thu, 19 Oct 2023 13:12:40 +0200 Subject: [PATCH 16/46] 0033-FIPS-embed-hmac.patch Patch-name: 0033-FIPS-embed-hmac.patch Patch-id: 33 Patch-status: | # # Embed HMAC into the fips.so From-dist-git-commit: 5c67b5adc311af297f425c09e3e1ac7ca8483911 --- providers/fips/self_test.c | 70 ++++++++++++++++++++++++--- test/fipsmodule.cnf | 2 + test/recipes/00-prep_fipsmodule_cnf.t | 2 +- test/recipes/01-test_fipsmodule_cnf.t | 2 +- test/recipes/03-test_fipsinstall.t | 2 +- test/recipes/30-test_defltfips.t | 2 +- test/recipes/80-test_ssl_new.t | 2 +- test/recipes/90-test_sslapi.t | 2 +- 8 files changed, 71 insertions(+), 13 deletions(-) create mode 100644 test/fipsmodule.cnf diff --git a/providers/fips/self_test.c b/providers/fips/self_test.c index b8dc9817b2..e3a629018a 100644 --- a/providers/fips/self_test.c +++ b/providers/fips/self_test.c @@ -230,11 +230,27 @@ err: return ok; } +#define HMAC_LEN 32 +/* + * The __attribute__ ensures we've created the .rodata1 section + * static ensures it's zero filled +*/ +static const unsigned char __attribute__ ((section (".rodata1"))) fips_hmac_container[HMAC_LEN] = {0}; + /* * Calculate the HMAC SHA256 of data read using a BIO and read_cb, and verify * the result matches the expected value. * Return 1 if verified, or 0 if it fails. */ +#ifndef __USE_GNU +#define __USE_GNU +#include +#undef __USE_GNU +#else +#include +#endif +#include + static int verify_integrity(OSSL_CORE_BIO *bio, OSSL_FUNC_BIO_read_ex_fn read_ex_cb, unsigned char *expected, size_t expected_len, OSSL_LIB_CTX *libctx, OSSL_SELF_TEST *ev, @@ -247,12 +263,23 @@ static int verify_integrity(OSSL_CORE_BIO *bio, OSSL_FUNC_BIO_read_ex_fn read_ex EVP_MAC *mac = NULL; EVP_MAC_CTX *ctx = NULL; OSSL_PARAM params[2], *p = params; + Dl_info info; + void *extra_info = NULL; + struct link_map *lm = NULL; + unsigned long paddr; + unsigned long off = 0; if (!integrity_self_test(ev, libctx)) goto err; OSSL_SELF_TEST_onbegin(ev, event_type, OSSL_SELF_TEST_DESC_INTEGRITY_HMAC); + if (!dladdr1 ((const void *)fips_hmac_container, + &info, &extra_info, RTLD_DL_LINKMAP)) + goto err; + lm = extra_info; + paddr = (unsigned long)fips_hmac_container - lm->l_addr; + mac = EVP_MAC_fetch(libctx, MAC_NAME, NULL); if (mac == NULL) goto err; @@ -266,13 +293,42 @@ static int verify_integrity(OSSL_CORE_BIO *bio, OSSL_FUNC_BIO_read_ex_fn read_ex if (!EVP_MAC_init(ctx, fixed_key, sizeof(fixed_key), params)) goto err; - while (1) { - status = read_ex_cb(bio, buf, sizeof(buf), &bytes_read); + while ((off + INTEGRITY_BUF_SIZE) <= paddr) { + status = read_ex_cb(bio, buf, INTEGRITY_BUF_SIZE, &bytes_read); + if (status != 1) + break; + if (!EVP_MAC_update(ctx, buf, bytes_read)) + goto err; + off += bytes_read; + } + + if (off + INTEGRITY_BUF_SIZE > paddr) { + int delta = paddr - off; + status = read_ex_cb(bio, buf, delta, &bytes_read); + if (status != 1) + goto err; + if (!EVP_MAC_update(ctx, buf, bytes_read)) + goto err; + off += bytes_read; + + status = read_ex_cb(bio, buf, HMAC_LEN, &bytes_read); + memset(buf, 0, HMAC_LEN); + if (status != 1) + goto err; + if (!EVP_MAC_update(ctx, buf, bytes_read)) + goto err; + off += bytes_read; + } + + while (bytes_read > 0) { + status = read_ex_cb(bio, buf, INTEGRITY_BUF_SIZE, &bytes_read); if (status != 1) break; if (!EVP_MAC_update(ctx, buf, bytes_read)) goto err; + off += bytes_read; } + if (!EVP_MAC_final(ctx, out, &out_len, sizeof(out))) goto err; @@ -282,6 +338,7 @@ static int verify_integrity(OSSL_CORE_BIO *bio, OSSL_FUNC_BIO_read_ex_fn read_ex goto err; ret = 1; err: + OPENSSL_cleanse(out, sizeof(out)); OSSL_SELF_TEST_onend(ev, ret); EVP_MAC_CTX_free(ctx); EVP_MAC_free(mac); @@ -335,8 +392,7 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS *st, int on_demand_test) return 0; } - if (st == NULL - || st->module_checksum_data == NULL) { + if (st == NULL) { ERR_raise(ERR_LIB_PROV, PROV_R_MISSING_CONFIG_DATA); goto end; } @@ -345,8 +401,9 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS *st, int on_demand_test) if (ev == NULL) goto end; - module_checksum = OPENSSL_hexstr2buf(st->module_checksum_data, - &checksum_len); + module_checksum = fips_hmac_container; + checksum_len = sizeof(fips_hmac_container); + if (module_checksum == NULL) { ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_CONFIG_DATA); goto end; @@ -420,7 +477,6 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS *st, int on_demand_test) end: EVP_RAND_free(testrand); OSSL_SELF_TEST_free(ev); - OPENSSL_free(module_checksum); OPENSSL_free(indicator_checksum); if (st != NULL) { diff --git a/test/fipsmodule.cnf b/test/fipsmodule.cnf new file mode 100644 index 0000000000..f05d0dedbe --- /dev/null +++ b/test/fipsmodule.cnf @@ -0,0 +1,2 @@ +[fips_sect] +activate = 1 diff --git a/test/recipes/00-prep_fipsmodule_cnf.t b/test/recipes/00-prep_fipsmodule_cnf.t index 4e3a6d85e8..e8255ba974 100644 --- a/test/recipes/00-prep_fipsmodule_cnf.t +++ b/test/recipes/00-prep_fipsmodule_cnf.t @@ -20,7 +20,7 @@ use lib srctop_dir('Configurations'); use lib bldtop_dir('.'); use platform; -my $no_check = disabled("fips"); +my $no_check = 1; plan skip_all => "FIPS module config file only supported in a fips build" if $no_check; diff --git a/test/recipes/01-test_fipsmodule_cnf.t b/test/recipes/01-test_fipsmodule_cnf.t index ce594817d5..00cebacff8 100644 --- a/test/recipes/01-test_fipsmodule_cnf.t +++ b/test/recipes/01-test_fipsmodule_cnf.t @@ -23,7 +23,7 @@ use lib srctop_dir('Configurations'); use lib bldtop_dir('.'); use platform; -my $no_check = disabled("fips"); +my $no_check = 1; plan skip_all => "Test only supported in a fips build" if $no_check; plan tests => 1; diff --git a/test/recipes/03-test_fipsinstall.t b/test/recipes/03-test_fipsinstall.t index b8b136d110..8242f4ebc3 100644 --- a/test/recipes/03-test_fipsinstall.t +++ b/test/recipes/03-test_fipsinstall.t @@ -22,7 +22,7 @@ use lib srctop_dir('Configurations'); use lib bldtop_dir('.'); use platform; -plan skip_all => "Test only supported in a fips build" if disabled("fips"); +plan skip_all => "Test only supported in a fips build" if 1; # Compatible options for pedantic FIPS compliance my @pedantic_okay = diff --git a/test/recipes/30-test_defltfips.t b/test/recipes/30-test_defltfips.t index c8f145405b..56a2ec5dc4 100644 --- a/test/recipes/30-test_defltfips.t +++ b/test/recipes/30-test_defltfips.t @@ -24,7 +24,7 @@ use lib bldtop_dir('.'); plan skip_all => "Configuration loading is turned off" if disabled("autoload-config"); -my $no_fips = disabled('fips') || ($ENV{NO_FIPS} // 0); +my $no_fips = 1; #disabled('fips') || ($ENV{NO_FIPS} // 0); plan tests => ($no_fips ? 1 : 5); diff --git a/test/recipes/80-test_ssl_new.t b/test/recipes/80-test_ssl_new.t index 0c6d6402d9..e45f9cb560 100644 --- a/test/recipes/80-test_ssl_new.t +++ b/test/recipes/80-test_ssl_new.t @@ -27,7 +27,7 @@ setup("test_ssl_new"); use lib srctop_dir('Configurations'); use lib bldtop_dir('.'); -my $no_fips = disabled('fips') || ($ENV{NO_FIPS} // 0); +my $no_fips = 1; #disabled('fips') || ($ENV{NO_FIPS} // 0); $ENV{TEST_CERTS_DIR} = srctop_dir("test", "certs"); diff --git a/test/recipes/90-test_sslapi.t b/test/recipes/90-test_sslapi.t index 9e9e32b51e..1a1a7159b5 100644 --- a/test/recipes/90-test_sslapi.t +++ b/test/recipes/90-test_sslapi.t @@ -17,7 +17,7 @@ setup("test_sslapi"); use lib srctop_dir('Configurations'); use lib bldtop_dir('.'); -my $no_fips = disabled('fips') || ($ENV{NO_FIPS} // 0); +my $no_fips = 1; #disabled('fips') || ($ENV{NO_FIPS} // 0); my $fipsmodcfg_filename = "fipsmodule.cnf"; my $fipsmodcfg = bldtop_file("test", $fipsmodcfg_filename); -- 2.41.0 diff -up openssl-3.2.0/providers/fips/self_test.c.fix-self-test openssl-3.2.0/providers/fips/self_test.c --- openssl-3.2.0/providers/fips/self_test.c.fix-self-test 2024-02-01 17:36:27.970983419 +0100 +++ openssl-3.2.0/providers/fips/self_test.c 2024-02-01 17:39:19.788685051 +0100 @@ -242,6 +242,7 @@ static const unsigned char __attribute__ * the result matches the expected value. * Return 1 if verified, or 0 if it fails. */ + #ifndef __USE_GNU #define __USE_GNU #include @@ -251,6 +252,111 @@ static const unsigned char __attribute__ #endif #include +static int verify_integrity_rodata(OSSL_CORE_BIO *bio, + OSSL_FUNC_BIO_read_ex_fn read_ex_cb, + unsigned char *expected, size_t expected_len, + OSSL_LIB_CTX *libctx, OSSL_SELF_TEST *ev, + const char *event_type) +{ + int ret = 0, status; + unsigned char out[MAX_MD_SIZE]; + unsigned char buf[INTEGRITY_BUF_SIZE]; + size_t bytes_read = 0, out_len = 0; + EVP_MAC *mac = NULL; + EVP_MAC_CTX *ctx = NULL; + OSSL_PARAM params[2], *p = params; + Dl_info info; + void *extra_info = NULL; + struct link_map *lm = NULL; + unsigned long paddr; + unsigned long off = 0; + + if (expected_len != HMAC_LEN) + goto err; + + if (!integrity_self_test(ev, libctx)) + goto err; + + OSSL_SELF_TEST_onbegin(ev, event_type, OSSL_SELF_TEST_DESC_INTEGRITY_HMAC); + + if (!dladdr1 ((const void *)fips_hmac_container, + &info, &extra_info, RTLD_DL_LINKMAP)) + goto err; + lm = extra_info; + paddr = (unsigned long)fips_hmac_container - lm->l_addr; + + mac = EVP_MAC_fetch(libctx, MAC_NAME, NULL); + if (mac == NULL) + goto err; + ctx = EVP_MAC_CTX_new(mac); + if (ctx == NULL) + goto err; + + *p++ = OSSL_PARAM_construct_utf8_string("digest", DIGEST_NAME, 0); + *p = OSSL_PARAM_construct_end(); + + if (!EVP_MAC_init(ctx, fixed_key, sizeof(fixed_key), params)) + goto err; + + while ((off + INTEGRITY_BUF_SIZE) <= paddr) { + status = read_ex_cb(bio, buf, INTEGRITY_BUF_SIZE, &bytes_read); + if (status != 1) + break; + if (!EVP_MAC_update(ctx, buf, bytes_read)) + goto err; + off += bytes_read; + } + + if (off < paddr) { + int delta = paddr - off; + status = read_ex_cb(bio, buf, delta, &bytes_read); + if (status != 1) + goto err; + if (!EVP_MAC_update(ctx, buf, bytes_read)) + goto err; + off += bytes_read; + } + + /* read away the buffer */ + status = read_ex_cb(bio, buf, HMAC_LEN, &bytes_read); + if (status != 1) + goto err; + + /* check that it is the expect bytes, no point in continuing otherwise */ + if (memcmp(expected, buf, HMAC_LEN) != 0) + goto err; + + /* replace in-file HMAC buffer with the original zeros */ + memset(buf, 0, HMAC_LEN); + if (!EVP_MAC_update(ctx, buf, HMAC_LEN)) + goto err; + off += HMAC_LEN; + + while (bytes_read > 0) { + status = read_ex_cb(bio, buf, INTEGRITY_BUF_SIZE, &bytes_read); + if (status != 1) + break; + if (!EVP_MAC_update(ctx, buf, bytes_read)) + goto err; + off += bytes_read; + } + + if (!EVP_MAC_final(ctx, out, &out_len, sizeof(out))) + goto err; + + OSSL_SELF_TEST_oncorrupt_byte(ev, out); + if (expected_len != out_len + || memcmp(expected, out, out_len) != 0) + goto err; + ret = 1; +err: + OPENSSL_cleanse(out, MAX_MD_SIZE); + OSSL_SELF_TEST_onend(ev, ret); + EVP_MAC_CTX_free(ctx); + EVP_MAC_free(mac); + return ret; +} + static int verify_integrity(OSSL_CORE_BIO *bio, OSSL_FUNC_BIO_read_ex_fn read_ex_cb, unsigned char *expected, size_t expected_len, OSSL_LIB_CTX *libctx, OSSL_SELF_TEST *ev, diff -up openssl-3.2.0/providers/fips/self_test.c.fix-self-test openssl-3.2.0/providers/fips/self_test.c --- openssl-3.2.0/providers/fips/self_test.c.fix-self-test 2024-02-01 17:40:54.926627242 +0100 +++ openssl-3.2.0/providers/fips/self_test.c 2024-02-01 17:45:58.939636676 +0100 @@ -527,14 +527,27 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS bio_module = (*st->bio_new_file_cb)(st->module_filename, "rb"); /* Always check the integrity of the fips module */ - if (bio_module == NULL - || !verify_integrity(bio_module, st->bio_read_ex_cb, - module_checksum, checksum_len, st->libctx, - ev, OSSL_SELF_TEST_TYPE_MODULE_INTEGRITY)) { + if (bio_module == NULL) { ERR_raise(ERR_LIB_PROV, PROV_R_MODULE_INTEGRITY_FAILURE); goto end; } - + if (st->module_checksum_data == NULL) { + if (!verify_integrity_rodata(bio_module, st->bio_read_ex_cb, + module_checksum, checksum_len, + st->libctx, ev, + OSSL_SELF_TEST_TYPE_MODULE_INTEGRITY)) { + ERR_raise(ERR_LIB_PROV, PROV_R_MODULE_INTEGRITY_FAILURE); + goto end; + } + } else { + if (!verify_integrity(bio_module, st->bio_read_ex_cb, + module_checksum, checksum_len, + st->libctx, ev, + OSSL_SELF_TEST_TYPE_MODULE_INTEGRITY)) { + ERR_raise(ERR_LIB_PROV, PROV_R_MODULE_INTEGRITY_FAILURE); + goto end; + } + } /* This will be NULL during installation - so the self test KATS will run */ if (st->indicator_data != NULL) { /* diff -up openssl-3.2.0/providers/fips/self_test.c.fips-self openssl-3.2.0/providers/fips/self_test.c --- openssl-3.2.0/providers/fips/self_test.c.fips-self 2024-02-06 12:20:56.963719115 +0100 +++ openssl-3.2.0/providers/fips/self_test.c 2024-02-06 12:22:23.705604045 +0100 @@ -517,8 +517,13 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS if (ev == NULL) goto end; - module_checksum = fips_hmac_container; - checksum_len = sizeof(fips_hmac_container); + if (st->module_checksum_data == NULL) { + module_checksum = fips_hmac_container; + checksum_len = sizeof(fips_hmac_container); + } else { + module_checksum = OPENSSL_hexstr2buf(st->module_checksum_data, + &checksum_len); + } if (module_checksum == NULL) { ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_CONFIG_DATA); diff -up openssl-3.2.1/providers/fips/self_test.c.0033-patch-new openssl-3.2.1/providers/fips/self_test.c --- openssl-3.2.1/providers/fips/self_test.c.0033-patch-new 2024-06-04 14:42:03.748284524 +0200 +++ openssl-3.2.1/providers/fips/self_test.c 2024-06-04 14:47:19.589758324 +0200 @@ -369,23 +369,12 @@ static int verify_integrity(OSSL_CORE_BI EVP_MAC *mac = NULL; EVP_MAC_CTX *ctx = NULL; OSSL_PARAM params[2], *p = params; - Dl_info info; - void *extra_info = NULL; - struct link_map *lm = NULL; - unsigned long paddr; - unsigned long off = 0; if (!integrity_self_test(ev, libctx)) goto err; OSSL_SELF_TEST_onbegin(ev, event_type, OSSL_SELF_TEST_DESC_INTEGRITY_HMAC); - if (!dladdr1 ((const void *)fips_hmac_container, - &info, &extra_info, RTLD_DL_LINKMAP)) - goto err; - lm = extra_info; - paddr = (unsigned long)fips_hmac_container - lm->l_addr; - mac = EVP_MAC_fetch(libctx, MAC_NAME, NULL); if (mac == NULL) goto err; @@ -399,40 +388,12 @@ static int verify_integrity(OSSL_CORE_BI if (!EVP_MAC_init(ctx, fixed_key, sizeof(fixed_key), params)) goto err; - while ((off + INTEGRITY_BUF_SIZE) <= paddr) { - status = read_ex_cb(bio, buf, INTEGRITY_BUF_SIZE, &bytes_read); - if (status != 1) - break; - if (!EVP_MAC_update(ctx, buf, bytes_read)) - goto err; - off += bytes_read; - } - - if (off + INTEGRITY_BUF_SIZE > paddr) { - int delta = paddr - off; - status = read_ex_cb(bio, buf, delta, &bytes_read); - if (status != 1) - goto err; - if (!EVP_MAC_update(ctx, buf, bytes_read)) - goto err; - off += bytes_read; - - status = read_ex_cb(bio, buf, HMAC_LEN, &bytes_read); - memset(buf, 0, HMAC_LEN); - if (status != 1) - goto err; - if (!EVP_MAC_update(ctx, buf, bytes_read)) - goto err; - off += bytes_read; - } - - while (bytes_read > 0) { - status = read_ex_cb(bio, buf, INTEGRITY_BUF_SIZE, &bytes_read); + while (1) { + status = read_ex_cb(bio, buf, sizeof(buf), &bytes_read); if (status != 1) break; if (!EVP_MAC_update(ctx, buf, bytes_read)) goto err; - off += bytes_read; } if (!EVP_MAC_final(ctx, out, &out_len, sizeof(out)))