27847ae318
- fix CVE-2009-3555 - note that the fix is bypassed if SSL_OP_ALL is used so the compatibility with unfixed clients is not broken. The protocol extension is also not final.
266 lines
7.4 KiB
Diff
266 lines
7.4 KiB
Diff
diff -up openssl-1.0.0-beta3/crypto/engine/eng_all.c.fipsmode openssl-1.0.0-beta3/crypto/engine/eng_all.c
|
|
--- openssl-1.0.0-beta3/crypto/engine/eng_all.c.fipsmode 2009-07-01 16:55:58.000000000 +0200
|
|
+++ openssl-1.0.0-beta3/crypto/engine/eng_all.c 2009-08-11 17:37:16.000000000 +0200
|
|
@@ -58,9 +58,23 @@
|
|
|
|
#include "cryptlib.h"
|
|
#include "eng_int.h"
|
|
+#ifdef OPENSSL_FIPS
|
|
+#include <openssl/fips.h>
|
|
+#endif
|
|
|
|
void ENGINE_load_builtin_engines(void)
|
|
{
|
|
+#ifdef OPENSSL_FIPS
|
|
+ OPENSSL_init_library();
|
|
+ if (FIPS_mode()) {
|
|
+ /* We allow loading dynamic engine as a third party
|
|
+ engine might be FIPS validated.
|
|
+ User is disallowed to load non-validated engines
|
|
+ by security policy. */
|
|
+ ENGINE_load_dynamic();
|
|
+ return;
|
|
+ }
|
|
+#endif
|
|
#if 0
|
|
/* There's no longer any need for an "openssl" ENGINE unless, one day,
|
|
* it is the *only* way for standard builtin implementations to be be
|
|
diff -up openssl-1.0.0-beta3/crypto/evp/c_allc.c.fipsmode openssl-1.0.0-beta3/crypto/evp/c_allc.c
|
|
--- openssl-1.0.0-beta3/crypto/evp/c_allc.c.fipsmode 2007-04-24 01:48:28.000000000 +0200
|
|
+++ openssl-1.0.0-beta3/crypto/evp/c_allc.c 2009-08-11 17:42:34.000000000 +0200
|
|
@@ -65,6 +65,11 @@
|
|
void OpenSSL_add_all_ciphers(void)
|
|
{
|
|
|
|
+#ifdef OPENSSL_FIPS
|
|
+ OPENSSL_init_library();
|
|
+ if(!FIPS_mode())
|
|
+ {
|
|
+#endif
|
|
#ifndef OPENSSL_NO_DES
|
|
EVP_add_cipher(EVP_des_cfb());
|
|
EVP_add_cipher(EVP_des_cfb1());
|
|
@@ -219,4 +224,61 @@ void OpenSSL_add_all_ciphers(void)
|
|
EVP_add_cipher_alias(SN_camellia_256_cbc,"CAMELLIA256");
|
|
EVP_add_cipher_alias(SN_camellia_256_cbc,"camellia256");
|
|
#endif
|
|
+#ifdef OPENSSL_FIPS
|
|
+ }
|
|
+ else
|
|
+ {
|
|
+#ifndef OPENSSL_NO_DES
|
|
+ EVP_add_cipher(EVP_des_ede_cfb());
|
|
+ EVP_add_cipher(EVP_des_ede3_cfb());
|
|
+
|
|
+ EVP_add_cipher(EVP_des_ede_ofb());
|
|
+ EVP_add_cipher(EVP_des_ede3_ofb());
|
|
+
|
|
+ EVP_add_cipher(EVP_des_ede_cbc());
|
|
+ EVP_add_cipher(EVP_des_ede3_cbc());
|
|
+ EVP_add_cipher_alias(SN_des_ede3_cbc,"DES3");
|
|
+ EVP_add_cipher_alias(SN_des_ede3_cbc,"des3");
|
|
+
|
|
+ EVP_add_cipher(EVP_des_ede());
|
|
+ EVP_add_cipher(EVP_des_ede3());
|
|
+#endif
|
|
+
|
|
+#ifndef OPENSSL_NO_AES
|
|
+ EVP_add_cipher(EVP_aes_128_ecb());
|
|
+ EVP_add_cipher(EVP_aes_128_cbc());
|
|
+ EVP_add_cipher(EVP_aes_128_cfb());
|
|
+ EVP_add_cipher(EVP_aes_128_cfb1());
|
|
+ EVP_add_cipher(EVP_aes_128_cfb8());
|
|
+ EVP_add_cipher(EVP_aes_128_ofb());
|
|
+#if 0
|
|
+ EVP_add_cipher(EVP_aes_128_ctr());
|
|
+#endif
|
|
+ EVP_add_cipher_alias(SN_aes_128_cbc,"AES128");
|
|
+ EVP_add_cipher_alias(SN_aes_128_cbc,"aes128");
|
|
+ EVP_add_cipher(EVP_aes_192_ecb());
|
|
+ EVP_add_cipher(EVP_aes_192_cbc());
|
|
+ EVP_add_cipher(EVP_aes_192_cfb());
|
|
+ EVP_add_cipher(EVP_aes_192_cfb1());
|
|
+ EVP_add_cipher(EVP_aes_192_cfb8());
|
|
+ EVP_add_cipher(EVP_aes_192_ofb());
|
|
+#if 0
|
|
+ EVP_add_cipher(EVP_aes_192_ctr());
|
|
+#endif
|
|
+ EVP_add_cipher_alias(SN_aes_192_cbc,"AES192");
|
|
+ EVP_add_cipher_alias(SN_aes_192_cbc,"aes192");
|
|
+ EVP_add_cipher(EVP_aes_256_ecb());
|
|
+ EVP_add_cipher(EVP_aes_256_cbc());
|
|
+ EVP_add_cipher(EVP_aes_256_cfb());
|
|
+ EVP_add_cipher(EVP_aes_256_cfb1());
|
|
+ EVP_add_cipher(EVP_aes_256_cfb8());
|
|
+ EVP_add_cipher(EVP_aes_256_ofb());
|
|
+#if 0
|
|
+ EVP_add_cipher(EVP_aes_256_ctr());
|
|
+#endif
|
|
+ EVP_add_cipher_alias(SN_aes_256_cbc,"AES256");
|
|
+ EVP_add_cipher_alias(SN_aes_256_cbc,"aes256");
|
|
+#endif
|
|
+ }
|
|
+#endif
|
|
}
|
|
diff -up openssl-1.0.0-beta3/crypto/evp/c_alld.c.fipsmode openssl-1.0.0-beta3/crypto/evp/c_alld.c
|
|
--- openssl-1.0.0-beta3/crypto/evp/c_alld.c.fipsmode 2009-07-08 10:50:53.000000000 +0200
|
|
+++ openssl-1.0.0-beta3/crypto/evp/c_alld.c 2009-08-11 17:54:08.000000000 +0200
|
|
@@ -64,6 +64,11 @@
|
|
|
|
void OpenSSL_add_all_digests(void)
|
|
{
|
|
+#ifdef OPENSSL_FIPS
|
|
+ OPENSSL_init_library();
|
|
+ if (!FIPS_mode())
|
|
+ {
|
|
+#endif
|
|
#ifndef OPENSSL_NO_MD4
|
|
EVP_add_digest(EVP_md4());
|
|
#endif
|
|
@@ -110,5 +115,33 @@ void OpenSSL_add_all_digests(void)
|
|
#endif
|
|
#ifndef OPENSSL_NO_WHIRLPOOL
|
|
EVP_add_digest(EVP_whirlpool());
|
|
+#endif
|
|
+#ifdef OPENSSL_FIPS
|
|
+ }
|
|
+ else
|
|
+ {
|
|
+#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
|
|
+ EVP_add_digest(EVP_sha1());
|
|
+ EVP_add_digest_alias(SN_sha1,"ssl3-sha1");
|
|
+ EVP_add_digest_alias(SN_sha1WithRSAEncryption,SN_sha1WithRSA);
|
|
+#ifndef OPENSSL_NO_DSA
|
|
+ EVP_add_digest(EVP_dss1());
|
|
+ EVP_add_digest_alias(SN_dsaWithSHA1,SN_dsaWithSHA1_2);
|
|
+ EVP_add_digest_alias(SN_dsaWithSHA1,"DSS1");
|
|
+ EVP_add_digest_alias(SN_dsaWithSHA1,"dss1");
|
|
+#endif
|
|
+#ifndef OPENSSL_NO_ECDSA
|
|
+ EVP_add_digest(EVP_ecdsa());
|
|
+#endif
|
|
+#endif
|
|
+#ifndef OPENSSL_NO_SHA256
|
|
+ EVP_add_digest(EVP_sha224());
|
|
+ EVP_add_digest(EVP_sha256());
|
|
+#endif
|
|
+#ifndef OPENSSL_NO_SHA512
|
|
+ EVP_add_digest(EVP_sha384());
|
|
+ EVP_add_digest(EVP_sha512());
|
|
+#endif
|
|
+ }
|
|
#endif
|
|
}
|
|
diff -up openssl-1.0.0-beta3/crypto/o_init.c.fipsmode openssl-1.0.0-beta3/crypto/o_init.c
|
|
--- openssl-1.0.0-beta3/crypto/o_init.c.fipsmode 2009-08-11 17:28:25.000000000 +0200
|
|
+++ openssl-1.0.0-beta3/crypto/o_init.c 2009-08-11 17:39:06.000000000 +0200
|
|
@@ -59,6 +59,43 @@
|
|
#include <e_os.h>
|
|
#include <openssl/err.h>
|
|
|
|
+#ifdef OPENSSL_FIPS
|
|
+#include <sys/types.h>
|
|
+#include <sys/stat.h>
|
|
+#include <fcntl.h>
|
|
+#include <unistd.h>
|
|
+#include <errno.h>
|
|
+#include <stdlib.h>
|
|
+#include <openssl/fips.h>
|
|
+
|
|
+#define FIPS_MODE_SWITCH_FILE "/proc/sys/crypto/fips_enabled"
|
|
+
|
|
+static void init_fips_mode(void)
|
|
+ {
|
|
+ char buf[2] = "0";
|
|
+ int fd;
|
|
+
|
|
+ if (getenv("OPENSSL_FORCE_FIPS_MODE") != NULL)
|
|
+ {
|
|
+ buf[0] = '1';
|
|
+ }
|
|
+ else if ((fd = open(FIPS_MODE_SWITCH_FILE, O_RDONLY)) >= 0)
|
|
+ {
|
|
+ while (read(fd, buf, sizeof(buf)) < 0 && errno == EINTR);
|
|
+ close(fd);
|
|
+ }
|
|
+ /* Failure reading the fips mode switch file means just not
|
|
+ * switching into FIPS mode. We would break too many things
|
|
+ * otherwise.
|
|
+ */
|
|
+
|
|
+ if (buf[0] == '1')
|
|
+ {
|
|
+ FIPS_mode_set(1);
|
|
+ }
|
|
+ }
|
|
+#endif
|
|
+
|
|
/* Perform any essential OpenSSL initialization operations.
|
|
* Currently only sets FIPS callbacks
|
|
*/
|
|
@@ -72,6 +109,7 @@ void OPENSSL_init_library(void)
|
|
#ifdef CRYPTO_MDEBUG
|
|
CRYPTO_malloc_debug_init();
|
|
#endif
|
|
+ init_fips_mode();
|
|
done = 1;
|
|
}
|
|
#endif
|
|
diff -up openssl-1.0.0-beta3/ssl/ssl_algs.c.fipsmode openssl-1.0.0-beta3/ssl/ssl_algs.c
|
|
--- openssl-1.0.0-beta3/ssl/ssl_algs.c.fipsmode 2009-07-08 10:50:53.000000000 +0200
|
|
+++ openssl-1.0.0-beta3/ssl/ssl_algs.c 2009-08-11 18:01:13.000000000 +0200
|
|
@@ -64,6 +64,12 @@
|
|
int SSL_library_init(void)
|
|
{
|
|
|
|
+#ifdef OPENSSL_FIPS
|
|
+ OPENSSL_init_library();
|
|
+ if (!FIPS_mode())
|
|
+ {
|
|
+#endif
|
|
+
|
|
#ifndef OPENSSL_NO_DES
|
|
EVP_add_cipher(EVP_des_cbc());
|
|
EVP_add_cipher(EVP_des_ede3_cbc());
|
|
@@ -115,6 +121,40 @@ int SSL_library_init(void)
|
|
EVP_add_digest(EVP_sha());
|
|
EVP_add_digest(EVP_dss());
|
|
#endif
|
|
+#ifdef OPENSSL_FIPS
|
|
+ }
|
|
+ else
|
|
+ {
|
|
+#ifndef OPENSSL_NO_DES
|
|
+ EVP_add_cipher(EVP_des_ede3_cbc());
|
|
+#endif
|
|
+#ifndef OPENSSL_NO_AES
|
|
+ EVP_add_cipher(EVP_aes_128_cbc());
|
|
+ EVP_add_cipher(EVP_aes_192_cbc());
|
|
+ EVP_add_cipher(EVP_aes_256_cbc());
|
|
+#endif
|
|
+#ifndef OPENSSL_NO_MD5
|
|
+ /* needed even in the FIPS mode for TLS MAC */
|
|
+ EVP_add_digest(EVP_md5());
|
|
+ EVP_add_digest_alias(SN_md5,"ssl2-md5");
|
|
+ EVP_add_digest_alias(SN_md5,"ssl3-md5");
|
|
+#endif
|
|
+#ifndef OPENSSL_NO_SHA
|
|
+ EVP_add_digest(EVP_sha1()); /* RSA with sha1 */
|
|
+ EVP_add_digest_alias(SN_sha1,"ssl3-sha1");
|
|
+ EVP_add_digest_alias(SN_sha1WithRSAEncryption,SN_sha1WithRSA);
|
|
+#endif
|
|
+#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_DSA)
|
|
+ EVP_add_digest(EVP_dss1()); /* DSA with sha1 */
|
|
+ EVP_add_digest_alias(SN_dsaWithSHA1,SN_dsaWithSHA1_2);
|
|
+ EVP_add_digest_alias(SN_dsaWithSHA1,"DSS1");
|
|
+ EVP_add_digest_alias(SN_dsaWithSHA1,"dss1");
|
|
+#endif
|
|
+#ifndef OPENSSL_NO_ECDSA
|
|
+ EVP_add_digest(EVP_ecdsa());
|
|
+#endif
|
|
+ }
|
|
+#endif
|
|
#ifndef OPENSSL_NO_COMP
|
|
/* This will initialise the built-in compression algorithms.
|
|
The value returned is a STACK_OF(SSL_COMP), but that can
|