rpms/sscg
7
0
Fork 0
Code Issues Pull Requests Releases Activity
af73352779
sscg/SOURCES/0003-Adjust-hash-defaults-based-on-system-security-level.patch

138 lines
4.1 KiB
Diff
Raw Normal View History

import sscg-2.3.3-6.el8
2019-08-02 02:38:14 +00:00
From 298015e8a7cf35cc0de581203b44826d2ae1d406 Mon Sep 17 00:00:00 2001
From: Stephen Gallagher <sgallagh@redhat.com>
Date: Wed, 28 Nov 2018 08:00:08 -0500
Subject: [PATCH 3/4] Adjust hash defaults based on system security level
Unlike the key-strength, this does not set a minimum level because
it's not a simple calculation. We will have to rely on libcrypto
rejecting any explicitly-set algorithms as a violation of policy.
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
---
include/sscg.h | 1 +
src/sscg.c | 40 +++++++++++++++++++++-------------------
2 files changed, 22 insertions(+), 19 deletions(-)
diff --git a/include/sscg.h b/include/sscg.h
index 3e97cfe49a5cd8fc734ecf43a94156e376227eb7..fc90b81a0060af28529f3be6922b1b1501559300 100644
--- a/include/sscg.h
+++ b/include/sscg.h
@@ -138,10 +138,11 @@ struct sscg_options
char **subject_alt_names;
/* Encryption requirements */
int key_strength;
int minimum_key_strength;
+ char *hash_alg;
const EVP_MD *hash_fn;
/* Output Files */
char *ca_file;
char *ca_key_file;
diff --git a/src/sscg.c b/src/sscg.c
index 85a42404aa94524b560755d506b893300a4414cd..58855f764480d24d6c0f57460b22a3a83281e37e 100644
--- a/src/sscg.c
+++ b/src/sscg.c
@@ -64,28 +64,38 @@ set_default_options (struct sscg_options *opts)
{
case 0:
case 1:
case 2:
/* Security level 2 and below permits lower key-strengths, but SSCG
- * will set a minimum of 2048 bits
+ * will set a minimum of 2048 bits and the sha256 hash algorithm.
*/
+ opts->hash_alg = talloc_strdup (opts, "sha256");
opts->key_strength = 2048;
break;
- case 3: opts->key_strength = 3072; break;
+ case 3:
+ opts->hash_alg = talloc_strdup (opts, "sha256");
+ opts->key_strength = 3072;
+ break;
- case 4: opts->key_strength = 7680; break;
+ case 4:
+ opts->hash_alg = talloc_strdup (opts, "sha384");
+ opts->key_strength = 7680;
+ break;
default:
/* Unknown security level. Default to the highest we know about */
fprintf (stderr,
"Unknown system security level %d. Defaulting to highest-known "
"level.\n",
security_level);
/* Fall through */
- case 5: opts->key_strength = 15360; break;
+ case 5:
+ opts->hash_alg = talloc_strdup (opts, "sha512");
+ opts->key_strength = 15360;
+ break;
}
opts->minimum_key_strength = opts->key_strength;
return 0;
}
@@ -175,11 +185,10 @@ main (int argc, const char **argv)
char *organization = NULL;
char *organizational_unit = NULL;
char *email = NULL;
char *hostname = NULL;
char *packagename;
- char *hash_alg = NULL;
char **alternative_names = NULL;
char *ca_file = NULL;
char *ca_key_file = NULL;
char *cert_file = NULL;
@@ -349,14 +358,14 @@ main (int argc, const char **argv)
_ ("Strength of the certificate private keys in bits."),
minimum_key_strength_help },
{
"hash-alg",
'\0',
- POPT_ARG_STRING,
- &hash_alg,
+ POPT_ARG_STRING | POPT_ARGFLAG_SHOW_DEFAULT,
+ &options->hash_alg,
0,
- _ ("Hashing algorithm to use for signing. (default: sha256)"),
+ _ ("Hashing algorithm to use for signing."),
_ ("{sha256,sha384,sha512}"),
},
{
"ca-file",
'\0',
@@ -590,21 +599,14 @@ main (int argc, const char **argv)
options->minimum_key_strength);
ret = EINVAL;
goto done;
}
- if (!hash_alg)
- {
- /* Default to SHA256 */
- options->hash_fn = EVP_sha256 ();
- }
- else
- {
- /* TODO: restrict this to approved hashes.
- * For now, we'll only list SHA[256|384|512] in the help */
- options->hash_fn = EVP_get_digestbyname (hash_alg);
- }
+ /* TODO: restrict this to approved hashes.
+ * For now, we'll only list SHA[256|384|512] in the help */
+ options->hash_fn = EVP_get_digestbyname (options->hash_alg);
+
if (!options->hash_fn)
{
fprintf (stderr, "Unsupported hashing algorithm.");
ret = EINVAL;
goto done;
--
2.19.1
Reference in New Issue Copy Permalink