public inbox for git-commits@fedoraproject.org
help / color / mirror / Atom feed
* [rpms/openssl] rebase_40beta: Rewire FIPS_drbg API to use the RAND_DRBG
@ 2026-06-09 12:44 Tomas Mraz
0 siblings, 0 replies; only message in thread
From: Tomas Mraz @ 2026-06-09 12:44 UTC (permalink / raw)
To: git-commits
A new commit has been pushed.
Repo : rpms/openssl
Branch : rebase_40beta
Commit : f023424321d8f12c747c789f34df1b64f7139c30
Author : Tomas Mraz <tmraz@fedoraproject.org>
Date : 2020-06-22T13:43:12+02:00
Stats : +285/-56 in 3 file(s)
URL : https://src.fedoraproject.org/rpms/openssl/c/f023424321d8f12c747c789f34df1b64f7139c30?branch=rebase_40beta
Log:
Rewire FIPS_drbg API to use the RAND_DRBG
---
diff --git a/openssl-1.1.1-fips-dh.patch b/openssl-1.1.1-fips-dh.patch
index 37efa98..9e15289 100644
--- a/openssl-1.1.1-fips-dh.patch
+++ b/openssl-1.1.1-fips-dh.patch
@@ -1,6 +1,6 @@
diff -up openssl-1.1.1g/crypto/bn/bn_const.c.fips-dh openssl-1.1.1g/crypto/bn/bn_const.c
--- openssl-1.1.1g/crypto/bn/bn_const.c.fips-dh 2020-04-21 14:22:39.000000000 +0200
-+++ openssl-1.1.1g/crypto/bn/bn_const.c 2020-05-25 18:41:00.478262334 +0200
++++ openssl-1.1.1g/crypto/bn/bn_const.c 2020-06-05 17:31:28.044776018 +0200
@@ -1,13 +1,17 @@
/*
- * Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
@@ -479,7 +479,7 @@ diff -up openssl-1.1.1g/crypto/bn/bn_const.c.fips-dh openssl-1.1.1g/crypto/bn/bn
}
diff -up openssl-1.1.1g/crypto/bn/bn_dh.c.fips-dh openssl-1.1.1g/crypto/bn/bn_dh.c
--- openssl-1.1.1g/crypto/bn/bn_dh.c.fips-dh 2020-04-21 14:22:39.000000000 +0200
-+++ openssl-1.1.1g/crypto/bn/bn_dh.c 2020-05-25 18:41:00.480262350 +0200
++++ openssl-1.1.1g/crypto/bn/bn_dh.c 2020-06-05 17:31:28.044776018 +0200
@@ -1,7 +1,7 @@
/*
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
@@ -1958,7 +1958,7 @@ diff -up openssl-1.1.1g/crypto/bn/bn_dh.c.fips-dh openssl-1.1.1g/crypto/bn/bn_dh
+#endif /* OPENSSL_NO_DH */
diff -up openssl-1.1.1g/crypto/dh/dh_check.c.fips-dh openssl-1.1.1g/crypto/dh/dh_check.c
--- openssl-1.1.1g/crypto/dh/dh_check.c.fips-dh 2020-04-21 14:22:39.000000000 +0200
-+++ openssl-1.1.1g/crypto/dh/dh_check.c 2020-05-25 18:41:00.481262359 +0200
++++ openssl-1.1.1g/crypto/dh/dh_check.c 2020-06-05 17:31:28.045776027 +0200
@@ -10,6 +10,7 @@
#include <stdio.h>
#include "internal/cryptlib.h"
@@ -1999,8 +1999,8 @@ diff -up openssl-1.1.1g/crypto/dh/dh_check.c.fips-dh openssl-1.1.1g/crypto/dh/dh
if (ctx == NULL)
goto err;
diff -up openssl-1.1.1g/crypto/dh/dh_gen.c.fips-dh openssl-1.1.1g/crypto/dh/dh_gen.c
---- openssl-1.1.1g/crypto/dh/dh_gen.c.fips-dh 2020-05-25 18:41:00.255260458 +0200
-+++ openssl-1.1.1g/crypto/dh/dh_gen.c 2020-05-25 18:41:00.481262359 +0200
+--- openssl-1.1.1g/crypto/dh/dh_gen.c.fips-dh 2020-06-05 17:31:27.977775462 +0200
++++ openssl-1.1.1g/crypto/dh/dh_gen.c 2020-06-05 17:31:28.045776027 +0200
@@ -27,8 +27,7 @@ int DH_generate_parameters_ex(DH *ret, i
BN_GENCB *cb)
{
@@ -2031,8 +2031,8 @@ diff -up openssl-1.1.1g/crypto/dh/dh_gen.c.fips-dh openssl-1.1.1g/crypto/dh/dh_g
if (ctx == NULL)
goto err;
diff -up openssl-1.1.1g/crypto/dh/dh_key.c.fips-dh openssl-1.1.1g/crypto/dh/dh_key.c
---- openssl-1.1.1g/crypto/dh/dh_key.c.fips-dh 2020-05-25 18:41:00.255260458 +0200
-+++ openssl-1.1.1g/crypto/dh/dh_key.c 2020-05-25 18:41:00.482262367 +0200
+--- openssl-1.1.1g/crypto/dh/dh_key.c.fips-dh 2020-06-05 17:31:27.977775462 +0200
++++ openssl-1.1.1g/crypto/dh/dh_key.c 2020-06-05 17:31:28.045776027 +0200
@@ -100,10 +100,18 @@ static int generate_key(DH *dh)
BIGNUM *pub_key = NULL, *priv_key = NULL;
@@ -2075,8 +2075,16 @@ diff -up openssl-1.1.1g/crypto/dh/dh_key.c.fips-dh openssl-1.1.1g/crypto/dh/dh_k
goto err;
diff -up openssl-1.1.1g/crypto/dh/dh_lib.c.fips-dh openssl-1.1.1g/crypto/dh/dh_lib.c
--- openssl-1.1.1g/crypto/dh/dh_lib.c.fips-dh 2020-04-21 14:22:39.000000000 +0200
-+++ openssl-1.1.1g/crypto/dh/dh_lib.c 2020-05-25 18:41:00.482262367 +0200
-@@ -86,6 +86,8 @@ DH *DH_new_method(ENGINE *engine)
++++ openssl-1.1.1g/crypto/dh/dh_lib.c 2020-06-18 14:13:33.546892717 +0200
+@@ -8,6 +8,7 @@
+ */
+
+ #include <stdio.h>
++#include <openssl/objects.h>
+ #include "internal/cryptlib.h"
+ #include "internal/refcount.h"
+ #include <openssl/bn.h>
+@@ -86,6 +87,8 @@ DH *DH_new_method(ENGINE *engine)
goto err;
}
@@ -2085,7 +2093,7 @@ diff -up openssl-1.1.1g/crypto/dh/dh_lib.c.fips-dh openssl-1.1.1g/crypto/dh/dh_l
return ret;
err:
-@@ -205,7 +207,9 @@ int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNU
+@@ -205,7 +208,9 @@ int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNU
dh->g = g;
}
@@ -2097,8 +2105,8 @@ diff -up openssl-1.1.1g/crypto/dh/dh_lib.c.fips-dh openssl-1.1.1g/crypto/dh/dh_l
}
diff -up openssl-1.1.1g/crypto/dh/dh_local.h.fips-dh openssl-1.1.1g/crypto/dh/dh_local.h
---- openssl-1.1.1g/crypto/dh/dh_local.h.fips-dh 2020-05-25 18:40:59.396253234 +0200
-+++ openssl-1.1.1g/crypto/dh/dh_local.h 2020-05-25 18:41:00.482262367 +0200
+--- openssl-1.1.1g/crypto/dh/dh_local.h.fips-dh 2020-06-05 17:31:27.763773685 +0200
++++ openssl-1.1.1g/crypto/dh/dh_local.h 2020-06-05 17:31:28.045776027 +0200
@@ -35,6 +35,7 @@ struct dh_st {
const DH_METHOD *meth;
ENGINE *engine;
@@ -2115,7 +2123,7 @@ diff -up openssl-1.1.1g/crypto/dh/dh_local.h.fips-dh openssl-1.1.1g/crypto/dh/dh
+void dh_cache_nid(DH *dh);
diff -up openssl-1.1.1g/crypto/dh/dh_rfc7919.c.fips-dh openssl-1.1.1g/crypto/dh/dh_rfc7919.c
--- openssl-1.1.1g/crypto/dh/dh_rfc7919.c.fips-dh 2020-04-21 14:22:39.000000000 +0200
-+++ openssl-1.1.1g/crypto/dh/dh_rfc7919.c 2020-05-27 10:05:05.828687005 +0200
++++ openssl-1.1.1g/crypto/dh/dh_rfc7919.c 2020-06-05 17:31:28.045776027 +0200
@@ -7,6 +7,8 @@
* https://www.openssl.org/source/license.html
*/
@@ -2281,7 +2289,7 @@ diff -up openssl-1.1.1g/crypto/dh/dh_rfc7919.c.fips-dh openssl-1.1.1g/crypto/dh/
+}
diff -up openssl-1.1.1g/crypto/evp/p_lib.c.fips-dh openssl-1.1.1g/crypto/evp/p_lib.c
--- openssl-1.1.1g/crypto/evp/p_lib.c.fips-dh 2020-04-21 14:22:39.000000000 +0200
-+++ openssl-1.1.1g/crypto/evp/p_lib.c 2020-05-26 14:51:33.604162226 +0200
++++ openssl-1.1.1g/crypto/evp/p_lib.c 2020-06-05 17:31:28.045776027 +0200
@@ -540,7 +540,8 @@ EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *p
int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key)
@@ -2293,8 +2301,8 @@ diff -up openssl-1.1.1g/crypto/evp/p_lib.c.fips-dh openssl-1.1.1g/crypto/evp/p_l
if (ret)
diff -up openssl-1.1.1g/crypto/objects/obj_dat.h.fips-dh openssl-1.1.1g/crypto/objects/obj_dat.h
---- openssl-1.1.1g/crypto/objects/obj_dat.h.fips-dh 2020-05-25 18:41:00.452262115 +0200
-+++ openssl-1.1.1g/crypto/objects/obj_dat.h 2020-05-25 18:41:00.485262392 +0200
+--- openssl-1.1.1g/crypto/objects/obj_dat.h.fips-dh 2020-06-05 17:31:28.036775952 +0200
++++ openssl-1.1.1g/crypto/objects/obj_dat.h 2020-06-05 17:31:28.046776035 +0200
@@ -1078,7 +1078,7 @@ static const unsigned char so[7762] = {
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x0D, /* [ 7753] OBJ_hmacWithSHA512_256 */
};
@@ -2357,8 +2365,8 @@ diff -up openssl-1.1.1g/crypto/objects/obj_dat.h.fips-dh openssl-1.1.1g/crypto/o
173, /* "name" */
681, /* "onBasis" */
diff -up openssl-1.1.1g/crypto/objects/objects.txt.fips-dh openssl-1.1.1g/crypto/objects/objects.txt
---- openssl-1.1.1g/crypto/objects/objects.txt.fips-dh 2020-05-25 18:41:00.453262123 +0200
-+++ openssl-1.1.1g/crypto/objects/objects.txt 2020-05-25 18:41:00.486262401 +0200
+--- openssl-1.1.1g/crypto/objects/objects.txt.fips-dh 2020-06-05 17:31:28.037775960 +0200
++++ openssl-1.1.1g/crypto/objects/objects.txt 2020-06-05 17:31:28.046776035 +0200
@@ -1657,6 +1657,13 @@ id-pkinit 5 : pkInit
: ffdhe4096
: ffdhe6144
@@ -2374,8 +2382,8 @@ diff -up openssl-1.1.1g/crypto/objects/objects.txt.fips-dh openssl-1.1.1g/crypto
# OIDs for DSTU-4145/DSTU-7564 (http://zakon2.rada.gov.ua/laws/show/z0423-17)
diff -up openssl-1.1.1g/crypto/objects/obj_mac.num.fips-dh openssl-1.1.1g/crypto/objects/obj_mac.num
---- openssl-1.1.1g/crypto/objects/obj_mac.num.fips-dh 2020-05-25 18:41:00.453262123 +0200
-+++ openssl-1.1.1g/crypto/objects/obj_mac.num 2020-05-25 18:41:00.486262401 +0200
+--- openssl-1.1.1g/crypto/objects/obj_mac.num.fips-dh 2020-06-05 17:31:28.037775960 +0200
++++ openssl-1.1.1g/crypto/objects/obj_mac.num 2020-06-05 17:31:28.046776035 +0200
@@ -1196,3 +1196,9 @@ sshkdf 1195
kbkdf 1196
krb5kdf 1197
@@ -2388,7 +2396,7 @@ diff -up openssl-1.1.1g/crypto/objects/obj_mac.num.fips-dh openssl-1.1.1g/crypto
+modp_8192 1204
diff -up openssl-1.1.1g/doc/man3/DH_new_by_nid.pod.fips-dh openssl-1.1.1g/doc/man3/DH_new_by_nid.pod
--- openssl-1.1.1g/doc/man3/DH_new_by_nid.pod.fips-dh 2020-04-21 14:22:39.000000000 +0200
-+++ openssl-1.1.1g/doc/man3/DH_new_by_nid.pod 2020-05-25 18:41:00.487262409 +0200
++++ openssl-1.1.1g/doc/man3/DH_new_by_nid.pod 2020-06-05 17:31:28.046776035 +0200
@@ -8,13 +8,15 @@ DH_new_by_nid, DH_get_nid - get or find
#include <openssl/dh.h>
@@ -2409,7 +2417,7 @@ diff -up openssl-1.1.1g/doc/man3/DH_new_by_nid.pod.fips-dh openssl-1.1.1g/doc/ma
any named set. It returns the NID corresponding to the matching parameters or
diff -up openssl-1.1.1g/doc/man3/EVP_PKEY_CTX_ctrl.pod.fips-dh openssl-1.1.1g/doc/man3/EVP_PKEY_CTX_ctrl.pod
--- openssl-1.1.1g/doc/man3/EVP_PKEY_CTX_ctrl.pod.fips-dh 2020-04-21 14:22:39.000000000 +0200
-+++ openssl-1.1.1g/doc/man3/EVP_PKEY_CTX_ctrl.pod 2020-05-25 18:41:00.487262409 +0200
++++ openssl-1.1.1g/doc/man3/EVP_PKEY_CTX_ctrl.pod 2020-06-05 17:31:28.046776035 +0200
@@ -294,10 +294,11 @@ The EVP_PKEY_CTX_set_dh_pad() macro sets
If B<pad> is zero (the default) then no padding is performed.
@@ -2428,7 +2436,7 @@ diff -up openssl-1.1.1g/doc/man3/EVP_PKEY_CTX_ctrl.pod.fips-dh openssl-1.1.1g/do
The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are
diff -up openssl-1.1.1g/include/crypto/bn_dh.h.fips-dh openssl-1.1.1g/include/crypto/bn_dh.h
--- openssl-1.1.1g/include/crypto/bn_dh.h.fips-dh 2020-04-21 14:22:39.000000000 +0200
-+++ openssl-1.1.1g/include/crypto/bn_dh.h 2020-05-25 18:41:00.488262418 +0200
++++ openssl-1.1.1g/include/crypto/bn_dh.h 2020-06-05 17:31:28.047776043 +0200
@@ -1,7 +1,7 @@
/*
- * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
@@ -2478,8 +2486,8 @@ diff -up openssl-1.1.1g/include/crypto/bn_dh.h.fips-dh openssl-1.1.1g/include/cr
+extern const BIGNUM _bignum_modp_6144_q;
+extern const BIGNUM _bignum_modp_8192_q;
diff -up openssl-1.1.1g/include/openssl/obj_mac.h.fips-dh openssl-1.1.1g/include/openssl/obj_mac.h
---- openssl-1.1.1g/include/openssl/obj_mac.h.fips-dh 2020-05-25 18:41:00.458262165 +0200
-+++ openssl-1.1.1g/include/openssl/obj_mac.h 2020-05-25 18:41:00.489262426 +0200
+--- openssl-1.1.1g/include/openssl/obj_mac.h.fips-dh 2020-06-05 17:31:28.038775968 +0200
++++ openssl-1.1.1g/include/openssl/obj_mac.h 2020-06-05 17:31:28.047776043 +0200
@@ -5115,6 +5115,24 @@
#define SN_ffdhe8192 "ffdhe8192"
#define NID_ffdhe8192 1130
@@ -2506,8 +2514,8 @@ diff -up openssl-1.1.1g/include/openssl/obj_mac.h.fips-dh openssl-1.1.1g/include
#define NID_ISO_UA 1150
#define OBJ_ISO_UA OBJ_member_body,804L
diff -up openssl-1.1.1g/ssl/s3_lib.c.fips-dh openssl-1.1.1g/ssl/s3_lib.c
---- openssl-1.1.1g/ssl/s3_lib.c.fips-dh 2020-05-25 18:41:00.318260988 +0200
-+++ openssl-1.1.1g/ssl/s3_lib.c 2020-05-26 08:52:28.102535244 +0200
+--- openssl-1.1.1g/ssl/s3_lib.c.fips-dh 2020-06-05 17:31:27.996775620 +0200
++++ openssl-1.1.1g/ssl/s3_lib.c 2020-06-05 17:31:28.047776043 +0200
@@ -4858,13 +4858,51 @@ int ssl_derive(SSL *s, EVP_PKEY *privkey
EVP_PKEY *ssl_dh_to_pkey(DH *dh)
{
@@ -2561,44 +2569,90 @@ diff -up openssl-1.1.1g/ssl/s3_lib.c.fips-dh openssl-1.1.1g/ssl/s3_lib.c
}
#endif
diff -up openssl-1.1.1g/ssl/t1_lib.c.fips-dh openssl-1.1.1g/ssl/t1_lib.c
---- openssl-1.1.1g/ssl/t1_lib.c.fips-dh 2020-05-25 18:41:00.470262266 +0200
-+++ openssl-1.1.1g/ssl/t1_lib.c 2020-05-26 08:48:55.619713737 +0200
-@@ -2482,7 +2482,7 @@ int SSL_check_chain(SSL *s, X509 *x, EVP
+--- openssl-1.1.1g/ssl/t1_lib.c.fips-dh 2020-06-05 17:31:28.042776002 +0200
++++ openssl-1.1.1g/ssl/t1_lib.c 2020-06-18 14:18:13.518339214 +0200
+@@ -2511,46 +2511,48 @@ int SSL_check_chain(SSL *s, X509 *x, EVP
+ #ifndef OPENSSL_NO_DH
DH *ssl_get_auto_dh(SSL *s)
{
++ DH *dhp = NULL;
++ BIGNUM *p = NULL, *g = NULL;
int dh_secbits = 80;
- if (s->cert->dh_tmp_auto == 2)
-+ if (!FIPS_mode() && s->cert->dh_tmp_auto == 2)
- return DH_get_1024_160();
- if (s->s3->tmp.new_cipher->algorithm_auth & (SSL_aNULL | SSL_aPSK)) {
- if (s->s3->tmp.new_cipher->strength_bits == 256)
-@@ -2495,7 +2495,7 @@ DH *ssl_get_auto_dh(SSL *s)
- dh_secbits = EVP_PKEY_security_bits(s->s3->tmp.cert->privatekey);
+- return DH_get_1024_160();
+- if (s->s3->tmp.new_cipher->algorithm_auth & (SSL_aNULL | SSL_aPSK)) {
+- if (s->s3->tmp.new_cipher->strength_bits == 256)
+- dh_secbits = 128;
+- else
+- dh_secbits = 80;
+- } else {
+- if (s->s3->tmp.cert == NULL)
+- return NULL;
+- dh_secbits = EVP_PKEY_security_bits(s->s3->tmp.cert->privatekey);
++ if (s->cert->dh_tmp_auto != 2) {
++ if (s->s3->tmp.new_cipher->algorithm_auth & (SSL_aNULL | SSL_aPSK)) {
++ if (s->s3->tmp.new_cipher->strength_bits == 256)
++ dh_secbits = 128;
++ else
++ dh_secbits = 80;
++ } else {
++ if (s->s3->tmp.cert == NULL)
++ return NULL;
++ dh_secbits = EVP_PKEY_security_bits(s->s3->tmp.cert->privatekey);
++ }
}
- if (dh_secbits >= 128) {
-+ if (dh_secbits >= 112 || FIPS_mode()) {
- DH *dhp = DH_new();
- BIGNUM *p, *g;
- if (dhp == NULL)
-@@ -2508,8 +2508,10 @@ DH *ssl_get_auto_dh(SSL *s)
- }
- if (dh_secbits >= 192)
- p = BN_get_rfc3526_prime_8192(NULL);
+- DH *dhp = DH_new();
+- BIGNUM *p, *g;
+- if (dhp == NULL)
+- return NULL;
+- g = BN_new();
+- if (g == NULL || !BN_set_word(g, 2)) {
+- DH_free(dhp);
+- BN_free(g);
+- return NULL;
+- }
+- if (dh_secbits >= 192)
+- p = BN_get_rfc3526_prime_8192(NULL);
- else
-+ else if (dh_secbits >= 128)
- p = BN_get_rfc3526_prime_3072(NULL);
-+ else
-+ p = BN_get_rfc3526_prime_2048(NULL);
- if (p == NULL || !DH_set0_pqg(dhp, p, NULL, g)) {
- DH_free(dhp);
- BN_free(p);
-@@ -2518,8 +2520,6 @@ DH *ssl_get_auto_dh(SSL *s)
- }
- return dhp;
+- p = BN_get_rfc3526_prime_3072(NULL);
+- if (p == NULL || !DH_set0_pqg(dhp, p, NULL, g)) {
+- DH_free(dhp);
+- BN_free(p);
+- BN_free(g);
+- return NULL;
+- }
+- return dhp;
++ dhp = DH_new();
++ if (dhp == NULL)
++ return NULL;
++ g = BN_new();
++ if (g == NULL || !BN_set_word(g, 2)) {
++ DH_free(dhp);
++ BN_free(g);
++ return NULL;
++ }
++ if (dh_secbits >= 192)
++ p = BN_get_rfc3526_prime_8192(NULL);
++ else if (dh_secbits >= 152)
++ p = BN_get_rfc3526_prime_4096(NULL);
++ else if (dh_secbits >= 128)
++ p = BN_get_rfc3526_prime_3072(NULL);
++ else if (dh_secbits >= 112 || FIPS_mode())
++ p = BN_get_rfc3526_prime_2048(NULL);
++ else
++ p = BN_get_rfc2409_prime_1024(NULL);
++ if (p == NULL || !DH_set0_pqg(dhp, p, NULL, g)) {
++ DH_free(dhp);
++ BN_free(p);
++ BN_free(g);
++ return NULL;
}
- if (dh_secbits >= 112)
- return DH_get_2048_224();
- return DH_get_1024_160();
+- return DH_get_1024_160();
++ return dhp;
}
#endif
+
diff --git a/openssl-1.1.1-rewire-fips-drbg.patch b/openssl-1.1.1-rewire-fips-drbg.patch
new file mode 100644
index 0000000..4d04d37
--- /dev/null
+++ b/openssl-1.1.1-rewire-fips-drbg.patch
@@ -0,0 +1,170 @@
+diff -up openssl-1.1.1g/crypto/fips/fips_drbg_lib.c.rewire-fips-drbg openssl-1.1.1g/crypto/fips/fips_drbg_lib.c
+--- openssl-1.1.1g/crypto/fips/fips_drbg_lib.c.rewire-fips-drbg 2020-06-22 13:32:47.611852927 +0200
++++ openssl-1.1.1g/crypto/fips/fips_drbg_lib.c 2020-06-22 13:32:47.675852917 +0200
+@@ -337,6 +337,19 @@ static int drbg_reseed(DRBG_CTX *dctx,
+ int FIPS_drbg_reseed(DRBG_CTX *dctx,
+ const unsigned char *adin, size_t adinlen)
+ {
++ int len = (int)adinlen;
++
++ if (len < 0 || (size_t)len != adinlen) {
++ FIPSerr(FIPS_F_DRBG_RESEED, FIPS_R_ADDITIONAL_INPUT_TOO_LONG);
++ return 0;
++ }
++ RAND_seed(adin, len);
++ return 1;
++}
++
++int FIPS_drbg_reseed_internal(DRBG_CTX *dctx,
++ const unsigned char *adin, size_t adinlen)
++{
+ return drbg_reseed(dctx, adin, adinlen, 1);
+ }
+
+@@ -358,6 +371,19 @@ int FIPS_drbg_generate(DRBG_CTX *dctx, u
+ int prediction_resistance,
+ const unsigned char *adin, size_t adinlen)
+ {
++ int len = (int)outlen;
++
++ if (len < 0 || (size_t)len != outlen) {
++ FIPSerr(FIPS_F_FIPS_DRBG_GENERATE, FIPS_R_REQUEST_TOO_LARGE_FOR_DRBG);
++ return 0;
++ }
++ return RAND_bytes(out, len);
++}
++
++int FIPS_drbg_generate_internal(DRBG_CTX *dctx, unsigned char *out, size_t outlen,
++ int prediction_resistance,
++ const unsigned char *adin, size_t adinlen)
++{
+ int r = 0;
+
+ if (FIPS_selftest_failed()) {
+diff -up openssl-1.1.1g/crypto/fips/fips_drbg_rand.c.rewire-fips-drbg openssl-1.1.1g/crypto/fips/fips_drbg_rand.c
+--- openssl-1.1.1g/crypto/fips/fips_drbg_rand.c.rewire-fips-drbg 2020-06-22 13:32:47.611852927 +0200
++++ openssl-1.1.1g/crypto/fips/fips_drbg_rand.c 2020-06-22 13:32:47.675852917 +0200
+@@ -57,6 +57,8 @@
+ #include <openssl/err.h>
+ #include <openssl/rand.h>
+ #include <openssl/fips.h>
++#define FIPS_DRBG_generate FIPS_DRBG_generate_internal
++#define FIPS_DRBG_reseed FIPS_DRBG_reseed_internal
+ #include <openssl/fips_rand.h>
+ #include "fips_rand_lcl.h"
+
+diff -up openssl-1.1.1g/crypto/fips/fips_drbg_selftest.c.rewire-fips-drbg openssl-1.1.1g/crypto/fips/fips_drbg_selftest.c
+--- openssl-1.1.1g/crypto/fips/fips_drbg_selftest.c.rewire-fips-drbg 2020-06-22 13:32:47.612852927 +0200
++++ openssl-1.1.1g/crypto/fips/fips_drbg_selftest.c 2020-06-22 13:32:47.675852917 +0200
+@@ -55,6 +55,8 @@
+ #include <openssl/crypto.h>
+ #include <openssl/err.h>
+ #include <openssl/fips.h>
++#define FIPS_DRBG_generate FIPS_DRBG_generate_internal
++#define FIPS_DRBG_reseed FIPS_DRBG_reseed_internal
+ #include <openssl/fips_rand.h>
+ #include "fips_rand_lcl.h"
+ #include "fips_locl.h"
+diff -up openssl-1.1.1g/crypto/fips/fips_post.c.rewire-fips-drbg openssl-1.1.1g/crypto/fips/fips_post.c
+--- openssl-1.1.1g/crypto/fips/fips_post.c.rewire-fips-drbg 2020-06-22 13:32:47.672852918 +0200
++++ openssl-1.1.1g/crypto/fips/fips_post.c 2020-06-22 13:32:47.675852917 +0200
+@@ -79,8 +79,6 @@ int FIPS_selftest(void)
+ ERR_add_error_data(2, "Type=", "rand_drbg_selftest");
+ rv = 0;
+ }
+- if (!FIPS_selftest_drbg())
+- rv = 0;
+ if (!FIPS_selftest_sha1())
+ rv = 0;
+ if (!FIPS_selftest_sha2())
+diff -up openssl-1.1.1g/crypto/fips/fips_rand_lib.c.rewire-fips-drbg openssl-1.1.1g/crypto/fips/fips_rand_lib.c
+--- openssl-1.1.1g/crypto/fips/fips_rand_lib.c.rewire-fips-drbg 2020-06-22 13:32:47.613852927 +0200
++++ openssl-1.1.1g/crypto/fips/fips_rand_lib.c 2020-06-22 13:36:28.722817967 +0200
+@@ -120,6 +120,7 @@ void FIPS_rand_reset(void)
+
+ int FIPS_rand_seed(const void *buf, int num)
+ {
++#if 0
+ if (!fips_approved_rand_meth && FIPS_module_mode()) {
+ FIPSerr(FIPS_F_FIPS_RAND_SEED, FIPS_R_NON_FIPS_METHOD);
+ return 0;
+@@ -127,10 +128,15 @@ int FIPS_rand_seed(const void *buf, int
+ if (fips_rand_meth && fips_rand_meth->seed)
+ fips_rand_meth->seed(buf, num);
+ return 1;
++#else
++ RAND_seed(buf, num);
++ return 1;
++#endif
+ }
+
+ int FIPS_rand_bytes(unsigned char *buf, int num)
+ {
++#if 0
+ if (!fips_approved_rand_meth && FIPS_module_mode()) {
+ FIPSerr(FIPS_F_FIPS_RAND_BYTES, FIPS_R_NON_FIPS_METHOD);
+ return 0;
+@@ -138,10 +144,14 @@ int FIPS_rand_bytes(unsigned char *buf,
+ if (fips_rand_meth && fips_rand_meth->bytes)
+ return fips_rand_meth->bytes(buf, num);
+ return 0;
++#else
++ return RAND_bytes(buf, num);
++#endif
+ }
+
+ int FIPS_rand_status(void)
+ {
++#if 0
+ if (!fips_approved_rand_meth && FIPS_module_mode()) {
+ FIPSerr(FIPS_F_FIPS_RAND_STATUS, FIPS_R_NON_FIPS_METHOD);
+ return 0;
+@@ -149,6 +159,9 @@ int FIPS_rand_status(void)
+ if (fips_rand_meth && fips_rand_meth->status)
+ return fips_rand_meth->status();
+ return 0;
++#else
++ return RAND_status();
++#endif
+ }
+
+ /* Return instantiated strength of PRNG. For DRBG this is an internal
+diff -up openssl-1.1.1g/include/openssl/fips.h.rewire-fips-drbg openssl-1.1.1g/include/openssl/fips.h
+--- openssl-1.1.1g/include/openssl/fips.h.rewire-fips-drbg 2020-06-22 13:32:47.672852918 +0200
++++ openssl-1.1.1g/include/openssl/fips.h 2020-06-22 13:32:47.675852917 +0200
+@@ -64,6 +64,11 @@ extern "C" {
+
+ int FIPS_selftest(void);
+ int FIPS_selftest_failed(void);
++
++ /*
++ * This function is deprecated as it performs selftest of the old FIPS drbg
++ * implementation that is not validated.
++ */
+ int FIPS_selftest_drbg_all(void);
+
+ int FIPS_dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N,
+diff -up openssl-1.1.1g/include/openssl/fips_rand.h.rewire-fips-drbg openssl-1.1.1g/include/openssl/fips_rand.h
+--- openssl-1.1.1g/include/openssl/fips_rand.h.rewire-fips-drbg 2020-06-22 13:32:47.617852926 +0200
++++ openssl-1.1.1g/include/openssl/fips_rand.h 2020-06-22 13:32:47.675852917 +0200
+@@ -60,6 +60,20 @@
+ # ifdef __cplusplus
+ extern "C" {
+ # endif
++
++/*
++ * IMPORTANT NOTE:
++ * All functions in this header file are deprecated and should not be used
++ * as they use the old FIPS_drbg implementation that is not FIPS validated
++ * anymore.
++ * To provide backwards compatibility for applications that need FIPS compliant
++ * RNG number generation and use FIPS_drbg_generate, this function was
++ * re-wired to call the FIPS validated DRBG instance instead through
++ * the RAND_bytes() call.
++ *
++ * All these functions will be removed in future.
++ */
++
+ typedef struct drbg_ctx_st DRBG_CTX;
+ /* DRBG external flags */
+ /* Flag for CTR mode only: use derivation function ctr_df */
diff --git a/openssl.spec b/openssl.spec
index d4111ad..9ad568b 100644
--- a/openssl.spec
+++ b/openssl.spec
@@ -22,7 +22,7 @@
Summary: Utilities from the general purpose cryptography library with TLS implementation
Name: openssl
Version: 1.1.1g
-Release: 9%{?dist}
+Release: 10%{?dist}
Epoch: 1
# We have to remove certain patented algorithms from the openssl source
# tarball with the hobble-openssl script which is included below.
@@ -71,6 +71,7 @@ Patch66: openssl-1.1.1-fips-dh.patch
Patch67: openssl-1.1.1-kdf-selftest.patch
Patch68: openssl-1.1.1-reneg-no-extms.patch
Patch69: openssl-1.1.1-alpn-cb.patch
+Patch70: openssl-1.1.1-rewire-fips-drbg.patch
# Backported fixes including security fixes
Patch52: openssl-1.1.1-s390x-update.patch
Patch53: openssl-1.1.1-fips-crng-test.patch
@@ -187,6 +188,7 @@ cp %{SOURCE13} test/
%patch67 -p1 -b .kdf-selftest
%patch68 -p1 -b .reneg-no-extms
%patch69 -p1 -b .alpn-cb
+%patch70 -p1 -b .rewire-fips-drbg
%build
@@ -473,6 +475,9 @@ export LD_LIBRARY_PATH
%ldconfig_scriptlets libs
%changelog
+* Mon Jun 22 2020 Tomáš Mráz <tmraz@redhat.com> 1.1.1g-10
+- Rewire FIPS_drbg API to use the RAND_DRBG
+
* Fri Jun 5 2020 Tomáš Mráz <tmraz@redhat.com> 1.1.1g-9
- Disallow dropping Extended Master Secret extension
on renegotiation
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2026-06-09 12:44 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2026-06-09 12:44 [rpms/openssl] rebase_40beta: Rewire FIPS_drbg API to use the RAND_DRBG Tomas Mraz
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox