Fix the tests using SHA-1 Probabilistic Signature Scheme (PSS) parameters.

This commit was cherry-picked from Fedora rawhide branch commit <e7395a7d22>. Fedora OpenSSL 3.5 on rawhide stopped accepting SHA-1 PSS[1] parameters. This is different from the SHA-1 signatures which Fedora OpenSSL stopped accepting since Fedora 41.[2] This commit fixes the following test failures related to the SHA-1 PSS parameters with Fedora OpenSSL 3.5. Note these failures are the downstream Fedora OpenSSL RPM specific. ``` 184) Error: OpenSSL::TestPKeyRSA#test_sign_verify_options: OpenSSL::PKey::PKeyError: EVP_PKEY_CTX_ctrl_str(ctx, "rsa_mgf1_md", "SHA1"): digest not allowed (digest=SHA1) /builddir/build/BUILD/ruby-3.4.2-build/ruby-3.4.2/test/openssl/test_pkey_rsa.rb:113:in 'Hash#each' /builddir/build/BUILD/ruby-3.4.2-build/ruby-3.4.2/test/openssl/test_pkey_rsa.rb:113:in 'OpenSSL::PKey::PKey#sign' /builddir/build/BUILD/ruby-3.4.2-build/ruby-3.4.2/test/openssl/test_pkey_rsa.rb:113:in 'OpenSSL::TestPKeyRSA#test_sign_verify_options' 185) Error: OpenSSL::TestPKeyRSA#test_sign_verify_pss: OpenSSL::PKey::RSAError: digest not allowed (digest=SHA1) /builddir/build/BUILD/ruby-3.4.2-build/ruby-3.4.2/test/openssl/test_pkey_rsa.rb:191:in 'OpenSSL::PKey::RSA#sign_pss' /builddir/build/BUILD/ruby-3.4.2-build/ruby-3.4.2/test/openssl/test_pkey_rsa.rb:191:in 'OpenSSL::TestPKeyRSA#test_sign_verify_pss' Finished tests in 1152.595208s, 27.9812 tests/s, 5697.0278 assertions/s. 32251 tests, 6566367 assertions, 0 failures, 2 errors, 183 skips ``` According to a maintainer of the rpms/openssl, Dmitry Belyavskiy <dbelyavs@redhat.com>, the following patch is disabling SHA-1 PSS parameters. 5f41d6a8f5/f/0018-RH-Allow-disabling-of-SHA1-signatures.patch Related: RHEL-87342
2025-04-08 16:55:56 +02:00 · 2025-04-08 16:55:56 +02:00 · fd43690d47
commit fd43690d47
parent 7e3369a9b4
2 changed files with 130 additions and 0 deletions
--- a/ruby-3.4.2-openssl-Fix-SHA-1-PSS-tests.patch
+++ b/ruby-3.4.2-openssl-Fix-SHA-1-PSS-tests.patch
@ -0,0 +1,126 @@
 From 113727fa85749a9625838e378dcd4a749d40b0c5 Mon Sep 17 00:00:00 2001
 From: Jun Aruga <jaruga@redhat.com>
 Date: Tue, 8 Apr 2025 15:03:06 +0200
 Subject: [PATCH] Fix the tests using SHA-1 Probabilistic Signature Scheme
 (PSS) parameters.
 Fedora OpenSSL 3.5 on rawhide stopped accepting SHA-1 PSS[1] parameters.
 This is different from the SHA-1 signatures which Fedora OpenSSL stopped
 accepting since Fedora 41.[2]
 This commit fixes the following test failures related to the SHA-1 PSS
 parameters with Fedora OpenSSL 3.5.
 Note these failures are the downstream Fedora OpenSSL RPM specific. The tests
 pass without this commit with the upstream OpenSSL 3.5.
 ```
 $ rpm -q openssl-libs openssl-devel
 openssl-libs-3.5.0-2.fc43.x86_64
 openssl-devel-3.5.0-2.fc43.x86_64
 $ bundle exec rake test
 ...
 E
 ===============================================================================================
 Error: test_sign_verify_options(OpenSSL::TestPKeyRSA): OpenSSL::PKey::PKeyError: EVP_PKEY_CTX_ctrl_str(ctx, "rsa_mgf1_md", "SHA1"): digest not allowed (digest=SHA1)
 /mnt/git/ruby/openssl/test/openssl/test_pkey_rsa.rb:113:in 'Hash#each'
 /mnt/git/ruby/openssl/test/openssl/test_pkey_rsa.rb:113:in 'OpenSSL::PKey::PKey#sign'
 /mnt/git/ruby/openssl/test/openssl/test_pkey_rsa.rb:113:in 'OpenSSL::TestPKeyRSA#test_sign_verify_options'
     110:       "rsa_pss_saltlen" => 20,
     111:       "rsa_mgf1_md" => "SHA1"
     112:     }
  => 113:     sig_pss = key.sign("SHA256", data, pssopts)
     114:     assert_equal 256, sig_pss.bytesize
     115:     assert_equal true, key.verify("SHA256", sig_pss, data, pssopts)
     116:     assert_equal true, key.verify_pss("SHA256", sig_pss, data,
 ===============================================================================================
 E
 ===============================================================================================
 Error: test_sign_verify_pss(OpenSSL::TestPKeyRSA): OpenSSL::PKey::RSAError: digest not allowed (digest=SHA1)
 /mnt/git/ruby/openssl/test/openssl/test_pkey_rsa.rb:191:in 'OpenSSL::PKey::RSA#sign_pss'
 /mnt/git/ruby/openssl/test/openssl/test_pkey_rsa.rb:191:in 'OpenSSL::TestPKeyRSA#test_sign_verify_pss'
     188:     data = "Sign me!"
     189:     invalid_data = "Sign me?"
     190:
  => 191:     signature = key.sign_pss("SHA256", data, salt_length: 20, mgf1_hash: "SHA1")
     192:     assert_equal 256, signature.bytesize
     193:     assert_equal true,
     194:       key.verify_pss("SHA256", signature, data, salt_length: 20, mgf1_hash: "SHA1")
 ===============================================================================================
 ...
 577 tests, 4186 assertions, 0 failures, 2 errors, 0 pendings, 3 omissions, 0 notifications
 ```
 [1] https://en.wikipedia.org/wiki/Probabilistic_signature_scheme
 [2] https://fedoraproject.org/wiki/Changes/OpenSSLDistrustSHA1SigVer
 ---
 test/openssl/test_pkey_rsa.rb | 28 ++++++++++++++--------------
 1 file changed, 14 insertions(+), 14 deletions(-)
 diff --git a/test/openssl/test_pkey_rsa.rb b/test/openssl/test_pkey_rsa.rb
 index 61c55c60b2..9661cef419 100644
 --- a/test/openssl/test_pkey_rsa.rb
 +++ b/test/openssl/test_pkey_rsa.rb
@@ -99,13 +99,13 @@ def test_sign_verify_options
     pssopts = {
       "rsa_padding_mode" => "pss",
       "rsa_pss_saltlen" => 20,
 -      "rsa_mgf1_md" => "SHA1"
 +      "rsa_mgf1_md" => "SHA256"
     }
     sig_pss = key.sign("SHA256", data, pssopts)
     assert_equal 128, sig_pss.bytesize
     assert_equal true, key.verify("SHA256", sig_pss, data, pssopts)
     assert_equal true, key.verify_pss("SHA256", sig_pss, data,
 -                                      salt_length: 20, mgf1_hash: "SHA1")
 +                                      salt_length: 20, mgf1_hash: "SHA256")
     # Defaults to PKCS #1 v1.5 padding => verification failure
     assert_equal false, key.verify("SHA256", sig_pss, data)
@@ -179,31 +179,31 @@ def test_sign_verify_pss
     data = "Sign me!"
     invalid_data = "Sign me?"
 -    signature = key.sign_pss("SHA256", data, salt_length: 20, mgf1_hash: "SHA1")
 +    signature = key.sign_pss("SHA256", data, salt_length: 20, mgf1_hash: "SHA256")
     assert_equal 128, signature.bytesize
     assert_equal true,
 -      key.verify_pss("SHA256", signature, data, salt_length: 20, mgf1_hash: "SHA1")
 +      key.verify_pss("SHA256", signature, data, salt_length: 20, mgf1_hash: "SHA256")
     assert_equal true,
 -      key.verify_pss("SHA256", signature, data, salt_length: :auto, mgf1_hash: "SHA1")
 +      key.verify_pss("SHA256", signature, data, salt_length: :auto, mgf1_hash: "SHA256")
     assert_equal false,
 -      key.verify_pss("SHA256", signature, invalid_data, salt_length: 20, mgf1_hash: "SHA1")
 +      key.verify_pss("SHA256", signature, invalid_data, salt_length: 20, mgf1_hash: "SHA256")
 -    signature = key.sign_pss("SHA256", data, salt_length: :digest, mgf1_hash: "SHA1")
 +    signature = key.sign_pss("SHA256", data, salt_length: :digest, mgf1_hash: "SHA256")
     assert_equal true,
 -      key.verify_pss("SHA256", signature, data, salt_length: 32, mgf1_hash: "SHA1")
 +      key.verify_pss("SHA256", signature, data, salt_length: 32, mgf1_hash: "SHA256")
     assert_equal true,
 -      key.verify_pss("SHA256", signature, data, salt_length: :auto, mgf1_hash: "SHA1")
 +      key.verify_pss("SHA256", signature, data, salt_length: :auto, mgf1_hash: "SHA256")
     assert_equal false,
 -      key.verify_pss("SHA256", signature, data, salt_length: 20, mgf1_hash: "SHA1")
 +      key.verify_pss("SHA256", signature, data, salt_length: 20, mgf1_hash: "SHA256")
 -    signature = key.sign_pss("SHA256", data, salt_length: :max, mgf1_hash: "SHA1")
 +    signature = key.sign_pss("SHA256", data, salt_length: :max, mgf1_hash: "SHA256")
     assert_equal true,
 -      key.verify_pss("SHA256", signature, data, salt_length: 94, mgf1_hash: "SHA1")
 +      key.verify_pss("SHA256", signature, data, salt_length: 94, mgf1_hash: "SHA256")
     assert_equal true,
 -      key.verify_pss("SHA256", signature, data, salt_length: :auto, mgf1_hash: "SHA1")
 +      key.verify_pss("SHA256", signature, data, salt_length: :auto, mgf1_hash: "SHA256")
     assert_raise(OpenSSL::PKey::RSAError) {
 -      key.sign_pss("SHA256", data, salt_length: 95, mgf1_hash: "SHA1")
 +      key.sign_pss("SHA256", data, salt_length: 95, mgf1_hash: "SHA256")
     }
   end
 -- 
 2.48.1
--- a/ruby.spec
+++ b/ruby.spec
@ -293,6 +293,9 @@ Patch14: ruby-3.4.0-openssl-make-a-legacy-provider-test-optional.patch
 # https://github.com/ruby/openssl/pull/794
 # https://github.com/ruby/ruby/commit/ad742de79bcce53290005429868f63c51cbeb0f2
 Patch15: ruby-3.4.0-openssl-fix-test-provider-in-fips.patch
 # Fix the tests using SHA-1 Probabilistic Signature Scheme (PSS) parameters.
 # https://github.com/ruby/openssl/pull/879
 Patch16: ruby-3.4.2-openssl-Fix-SHA-1-PSS-tests.patch
 Requires: %{name}-libs%{?_isa} = %{version}-%{release}
 %{?with_rubypick:Suggests: rubypick}
@ -781,6 +784,7 @@ analysis result in RBS format, a standard type description format for Ruby
 %patch 13 -p1
 %patch 14 -p1
 %patch 15 -p1
 %patch 16 -p1
 # Provide an example of usage of the tapset:
 cp -a %{SOURCE3} .