From cff6307f44c79df8975b3f205e98cd1a0464824b Mon Sep 17 00:00:00 2001 From: Petr Mensik Date: Wed, 27 Apr 2022 19:58:39 +0200 Subject: [PATCH] Disable ED25519 and ED448 in FIPS mode on openssl3 Both crypto functions are not allowed by FIPS 140-3. Use openssl 3.0 function to check FIPS mode presence and use it to make those algorithms unsupported. --- unbound-1.16.0/config.h.in | 4 ++++ unbound-1.16.0/configure.ac | 2 +- unbound-1.16.0/validator/val_secalgo.c | 17 ++++++++++++++++- 3 files changed, 21 insertions(+), 2 deletions(-) diff --git a/unbound-1.16.0/config.h.in b/unbound-1.16.0/config.h.in index a080dde..cc1fbe8 100644 --- a/unbound-1.16.0/config.h.in +++ b/unbound-1.16.0/config.h.in @@ -222,6 +222,10 @@ /* Define to 1 if you have the `EVP_cleanup' function. */ #undef HAVE_EVP_CLEANUP +/* Define to 1 if you have the `EVP_default_properties_is_fips_enabled' + function. */ +#undef HAVE_EVP_DEFAULT_PROPERTIES_IS_FIPS_ENABLED + /* Define to 1 if you have the `EVP_DigestVerify' function. */ #undef HAVE_EVP_DIGESTVERIFY diff --git a/unbound-1.16.0/configure.ac b/unbound-1.16.0/configure.ac index 1453b3a..69cb13b 100644 --- a/unbound-1.16.0/configure.ac +++ b/unbound-1.16.0/configure.ac @@ -906,7 +906,7 @@ else AC_MSG_RESULT([no]) fi AC_CHECK_HEADERS([openssl/conf.h openssl/engine.h openssl/bn.h openssl/dh.h openssl/dsa.h openssl/rsa.h openssl/core_names.h openssl/param_build.h],,, [AC_INCLUDES_DEFAULT]) -AC_CHECK_FUNCS([OPENSSL_config EVP_sha1 EVP_sha256 EVP_sha512 FIPS_mode EVP_MD_CTX_new OpenSSL_add_all_digests OPENSSL_init_crypto EVP_cleanup ENGINE_cleanup ERR_load_crypto_strings CRYPTO_cleanup_all_ex_data ERR_free_strings RAND_cleanup DSA_SIG_set0 EVP_dss1 EVP_DigestVerify EVP_aes_256_cbc EVP_EncryptInit_ex HMAC_Init_ex CRYPTO_THREADID_set_callback EVP_MAC_CTX_set_params OSSL_PARAM_BLD_new BIO_set_callback_ex]) +AC_CHECK_FUNCS([OPENSSL_config EVP_sha1 EVP_sha256 EVP_sha512 FIPS_mode EVP_default_properties_is_fips_enabled EVP_MD_CTX_new OpenSSL_add_all_digests OPENSSL_init_crypto EVP_cleanup ENGINE_cleanup ERR_load_crypto_strings CRYPTO_cleanup_all_ex_data ERR_free_strings RAND_cleanup DSA_SIG_set0 EVP_dss1 EVP_DigestVerify EVP_aes_256_cbc EVP_EncryptInit_ex HMAC_Init_ex CRYPTO_THREADID_set_callback EVP_MAC_CTX_set_params OSSL_PARAM_BLD_new BIO_set_callback_ex]) # these check_funcs need -lssl BAKLIBS="$LIBS" diff --git a/unbound-1.16.0/validator/val_secalgo.c b/unbound-1.16.0/validator/val_secalgo.c index 7abf66f..6276675 100644 --- a/unbound-1.16.0/validator/val_secalgo.c +++ b/unbound-1.16.0/validator/val_secalgo.c @@ -215,6 +215,10 @@ ds_digest_size_supported(int algo) switch(algo) { case LDNS_SHA1: #if defined(HAVE_EVP_SHA1) && defined(USE_SHA1) +#ifdef HAVE_EVP_DEFAULT_PROPERTIES_IS_FIPS_ENABLED + if (EVP_default_properties_is_fips_enabled(NULL)) + return 0; +#endif return SHA_DIGEST_LENGTH; #else if(fake_sha1) return 20; @@ -325,7 +329,11 @@ dnskey_algo_id_is_supported(int id) case LDNS_RSASHA1: case LDNS_RSASHA1_NSEC3: #ifdef USE_SHA1 +#ifdef HAVE_EVP_DEFAULT_PROPERTIES_IS_FIPS_ENABLED + return !EVP_default_properties_is_fips_enabled(NULL); +#else return 1; +#endif #else if(fake_sha1) return 1; return 0; @@ -341,15 +349,22 @@ dnskey_algo_id_is_supported(int id) case LDNS_ECDSAP256SHA256: case LDNS_ECDSAP384SHA384: #endif +#if (defined(HAVE_EVP_SHA256) && defined(USE_SHA2)) || (defined(HAVE_EVP_SHA512) && defined(USE_SHA2)) || defined(USE_ECDSA) + return 1; +#endif #ifdef USE_ED25519 case LDNS_ED25519: #endif #ifdef USE_ED448 case LDNS_ED448: #endif -#if (defined(HAVE_EVP_SHA256) && defined(USE_SHA2)) || (defined(HAVE_EVP_SHA512) && defined(USE_SHA2)) || defined(USE_ECDSA) || defined(USE_ED25519) || defined(USE_ED448) +#if defined(USE_ED25519) || defined(USE_ED448) +#ifdef HAVE_EVP_DEFAULT_PROPERTIES_IS_FIPS_ENABLED + return !EVP_default_properties_is_fips_enabled(NULL); +#else return 1; #endif +#endif #ifdef USE_GOST case LDNS_ECC_GOST: -- 2.36.1