|
 |
b85bfec |
From 72a137b3f51ef8aeb2747bbc102ea5c98b6daa05 Mon Sep 17 00:00:00 2001
|
|
|
b85bfec |
From: rpm-build <rpm-build>
|
|
|
b85bfec |
Date: Wed, 6 Mar 2024 19:17:17 +0100
|
|
|
b85bfec |
Subject: [PATCH 43/49] 0113-asymciphers-kem-Add-explicit-FIPS-indicator.patch
|
|
|
e52367a |
|
|
|
e52367a |
Patch-name: 0113-asymciphers-kem-Add-explicit-FIPS-indicator.patch
|
|
|
e52367a |
Patch-id: 113
|
|
|
b85bfec |
Patch-status: |
|
|
|
b85bfec |
# 0113-asymciphers-kem-Add-explicit-FIPS-indicator.patch
|
|
|
b85bfec |
From-dist-git-commit: 4334bc837fbc64d14890fdc51679a80770d498ce
|
|
|
e52367a |
---
|
|
|
e52367a |
include/openssl/evp.h | 4 +++
|
|
|
e52367a |
.../implementations/asymciphers/rsa_enc.c | 22 ++++++++++++++
|
|
|
e52367a |
providers/implementations/kem/rsa_kem.c | 30 ++++++++++++++++++-
|
|
|
b85bfec |
util/perl/OpenSSL/paramnames.pm | 6 ++--
|
|
|
b85bfec |
4 files changed, 59 insertions(+), 3 deletions(-)
|
|
|
e52367a |
|
|
|
e52367a |
diff --git a/include/openssl/evp.h b/include/openssl/evp.h
|
|
|
b85bfec |
index dc42140932..3a6345d71e 100644
|
|
|
e52367a |
--- a/include/openssl/evp.h
|
|
|
e52367a |
+++ b/include/openssl/evp.h
|
|
|
b85bfec |
@@ -1772,6 +1772,10 @@ OSSL_DEPRECATEDIN_3_0 size_t EVP_PKEY_meth_get_count(void);
|
|
|
e52367a |
OSSL_DEPRECATEDIN_3_0 const EVP_PKEY_METHOD *EVP_PKEY_meth_get0(size_t idx);
|
|
|
e52367a |
# endif
|
|
|
e52367a |
|
|
|
e52367a |
+# define EVP_PKEY_REDHAT_FIPS_INDICATOR_UNDETERMINED 0
|
|
|
e52367a |
+# define EVP_PKEY_REDHAT_FIPS_INDICATOR_APPROVED 1
|
|
|
e52367a |
+# define EVP_PKEY_REDHAT_FIPS_INDICATOR_NOT_APPROVED 2
|
|
|
e52367a |
+
|
|
|
e52367a |
EVP_KEYMGMT *EVP_KEYMGMT_fetch(OSSL_LIB_CTX *ctx, const char *algorithm,
|
|
|
e52367a |
const char *properties);
|
|
|
e52367a |
int EVP_KEYMGMT_up_ref(EVP_KEYMGMT *keymgmt);
|
|
|
e52367a |
diff --git a/providers/implementations/asymciphers/rsa_enc.c b/providers/implementations/asymciphers/rsa_enc.c
|
|
|
b85bfec |
index f3443b0c66..b2c239c03b 100644
|
|
|
e52367a |
--- a/providers/implementations/asymciphers/rsa_enc.c
|
|
|
e52367a |
+++ b/providers/implementations/asymciphers/rsa_enc.c
|
|
|
b85bfec |
@@ -462,6 +462,27 @@ static int rsa_get_ctx_params(void *vprsactx, OSSL_PARAM *params)
|
|
|
e52367a |
if (p != NULL && !OSSL_PARAM_set_uint(p, prsactx->implicit_rejection))
|
|
|
e52367a |
return 0;
|
|
|
e52367a |
|
|
|
e52367a |
+#ifdef FIPS_MODULE
|
|
|
e52367a |
+ p = OSSL_PARAM_locate(params, OSSL_ASYM_CIPHER_PARAM_REDHAT_FIPS_INDICATOR);
|
|
|
e52367a |
+ if (p != NULL) {
|
|
|
e52367a |
+ int fips_indicator = EVP_PKEY_REDHAT_FIPS_INDICATOR_APPROVED;
|
|
|
e52367a |
+
|
|
|
e52367a |
+ /* NIST SP 800-56Br2 section 6.4.2.1 requires either explicit key
|
|
|
e52367a |
+ * confirmation (section 6.4.2.3.2), or assurance from a trusted third
|
|
|
e52367a |
+ * party (section 6.4.2.3.1) for the KTS-OAEP key transport scheme, but
|
|
|
e52367a |
+ * explicit key confirmation is not implemented here and cannot be
|
|
|
e52367a |
+ * implemented without protocol changes, and the FIPS provider does not
|
|
|
e52367a |
+ * implement trusted third party validation, since it relies on its
|
|
|
e52367a |
+ * callers to do that. We must thus mark RSA-OAEP as unapproved until
|
|
|
e52367a |
+ * we have received clarification from NIST on how library modules such
|
|
|
e52367a |
+ * as OpenSSL should implement TTP validation. */
|
|
|
e52367a |
+ fips_indicator = EVP_PKEY_REDHAT_FIPS_INDICATOR_NOT_APPROVED;
|
|
|
e52367a |
+
|
|
|
e52367a |
+ if (!OSSL_PARAM_set_int(p, fips_indicator))
|
|
|
e52367a |
+ return 0;
|
|
|
e52367a |
+ }
|
|
|
e52367a |
+#endif /* defined(FIPS_MODULE) */
|
|
|
e52367a |
+
|
|
|
e52367a |
return 1;
|
|
|
e52367a |
}
|
|
|
e52367a |
|
|
|
b85bfec |
@@ -475,6 +496,7 @@ static const OSSL_PARAM known_gettable_ctx_params[] = {
|
|
 |
f4c397c |
OSSL_PARAM_uint(OSSL_ASYM_CIPHER_PARAM_TLS_NEGOTIATED_VERSION, NULL),
|
|
|
e52367a |
#ifdef FIPS_MODULE
|
|
|
e52367a |
OSSL_PARAM_octet_string(OSSL_ASYM_CIPHER_PARAM_REDHAT_KAT_OEAP_SEED, NULL, 0),
|
|
|
e52367a |
+ OSSL_PARAM_int(OSSL_ASYM_CIPHER_PARAM_REDHAT_FIPS_INDICATOR, NULL),
|
|
|
e52367a |
#endif /* FIPS_MODULE */
|
|
|
f4c397c |
OSSL_PARAM_uint(OSSL_ASYM_CIPHER_PARAM_IMPLICIT_REJECTION, NULL),
|
|
|
e52367a |
OSSL_PARAM_END
|
|
|
e52367a |
diff --git a/providers/implementations/kem/rsa_kem.c b/providers/implementations/kem/rsa_kem.c
|
|
|
b85bfec |
index 0824c6bdd6..2e637bdf30 100644
|
|
|
e52367a |
--- a/providers/implementations/kem/rsa_kem.c
|
|
|
e52367a |
+++ b/providers/implementations/kem/rsa_kem.c
|
|
|
e52367a |
@@ -152,11 +152,39 @@ static int rsakem_decapsulate_init(void *vprsactx, void *vrsa,
|
|
|
e52367a |
static int rsakem_get_ctx_params(void *vprsactx, OSSL_PARAM *params)
|
|
|
e52367a |
{
|
|
|
e52367a |
PROV_RSA_CTX *ctx = (PROV_RSA_CTX *)vprsactx;
|
|
|
e52367a |
+#ifdef FIPS_MODULE
|
|
|
e52367a |
+ OSSL_PARAM *p;
|
|
|
e52367a |
+#endif /* defined(FIPS_MODULE) */
|
|
|
e52367a |
+
|
|
|
e52367a |
+ if (ctx == NULL)
|
|
|
e52367a |
+ return 0;
|
|
|
e52367a |
+
|
|
|
e52367a |
+#ifdef FIPS_MODULE
|
|
|
e52367a |
+ p = OSSL_PARAM_locate(params, OSSL_KEM_PARAM_REDHAT_FIPS_INDICATOR);
|
|
|
e52367a |
+ if (p != NULL) {
|
|
|
e52367a |
+ /* NIST SP 800-56Br2 section 6.4.2.1 requires either explicit key
|
|
|
e52367a |
+ * confirmation (section 6.4.2.3.2), or assurance from a trusted third
|
|
|
e52367a |
+ * party (section 6.4.2.3.1) for key agreement or key transport, but
|
|
|
e52367a |
+ * explicit key confirmation is not implemented here and cannot be
|
|
|
e52367a |
+ * implemented without protocol changes, and the FIPS provider does not
|
|
|
e52367a |
+ * implement trusted third party validation, since it relies on its
|
|
|
e52367a |
+ * callers to do that. We must thus mark RSASVE unapproved until we
|
|
|
e52367a |
+ * have received clarification from NIST on how library modules such as
|
|
|
e52367a |
+ * OpenSSL should implement TTP validation. */
|
|
|
e52367a |
+ int fips_indicator = EVP_PKEY_REDHAT_FIPS_INDICATOR_NOT_APPROVED;
|
|
|
e52367a |
+
|
|
|
e52367a |
+ if (!OSSL_PARAM_set_int(p, fips_indicator))
|
|
|
e52367a |
+ return 0;
|
|
|
e52367a |
+ }
|
|
|
e52367a |
+#endif /* defined(FIPS_MODULE) */
|
|
|
e52367a |
|
|
|
e52367a |
- return ctx != NULL;
|
|
|
e52367a |
+ return 1;
|
|
|
e52367a |
}
|
|
|
e52367a |
|
|
|
e52367a |
static const OSSL_PARAM known_gettable_rsakem_ctx_params[] = {
|
|
|
e52367a |
+#ifdef FIPS_MODULE
|
|
|
e52367a |
+ OSSL_PARAM_int(OSSL_KEM_PARAM_REDHAT_FIPS_INDICATOR, NULL),
|
|
|
e52367a |
+#endif /* defined(FIPS_MODULE) */
|
|
|
e52367a |
OSSL_PARAM_END
|
|
|
e52367a |
};
|
|
|
e52367a |
|
|
|
b85bfec |
diff --git a/util/perl/OpenSSL/paramnames.pm b/util/perl/OpenSSL/paramnames.pm
|
|
|
b85bfec |
index 64e9809387..45ab0c8dc4 100644
|
|
|
b85bfec |
--- a/util/perl/OpenSSL/paramnames.pm
|
|
|
b85bfec |
+++ b/util/perl/OpenSSL/paramnames.pm
|
|
|
f4c397c |
@@ -406,6 +406,7 @@ my %params = (
|
|
|
f4c397c |
'ASYM_CIPHER_PARAM_TLS_NEGOTIATED_VERSION' => "tls-negotiated-version",
|
|
|
f4c397c |
'ASYM_CIPHER_PARAM_IMPLICIT_REJECTION' => "implicit-rejection",
|
|
|
f4c397c |
'ASYM_CIPHER_PARAM_REDHAT_KAT_OEAP_SEED' => "redhat-kat-oaep-seed",
|
|
|
f4c397c |
+ 'ASYM_CIPHER_PARAM_REDHAT_FIPS_INDICATOR' => "redhat-fips-indicator",
|
|
|
f4c397c |
|
|
|
f4c397c |
# Encoder / decoder parameters
|
|
|
f4c397c |
|
|
|
f4c397c |
@@ -438,8 +439,9 @@ my %params = (
|
|
|
f4c397c |
'SIGNATURE_PARAM_KAT' => "kat",
|
|
|
f4c397c |
|
|
|
f4c397c |
# KEM parameters
|
|
|
f4c397c |
- 'KEM_PARAM_OPERATION' => "operation",
|
|
|
f4c397c |
- 'KEM_PARAM_IKME' => "ikme",
|
|
|
f4c397c |
+ 'KEM_PARAM_OPERATION' => "operation",
|
|
|
f4c397c |
+ 'KEM_PARAM_REDHAT_FIPS_INDICATOR' => "redhat-fips-indicator",
|
|
|
f4c397c |
+ 'KEM_PARAM_IKME' => "ikme",
|
|
|
f4c397c |
|
|
|
f4c397c |
# Capabilities
|
|
|
f4c397c |
|
|
|
b85bfec |
--
|
|
|
b85bfec |
2.44.0
|
|
|
b85bfec |
|