mirror of https://github.com/openssl/openssl.git
Compare commits
16 Commits
c2793d8b83
...
c23b04ef06
| Author | SHA1 | Date |
|---|---|---|
Nikola Pajkovsky
|
c23b04ef06 | |
Michael Baentsch
|
296f1f6dd8 | |
|
Michael Baentsch
|
fd7fc90346 | |
Tomas Mraz
|
fcb5e20ac7 | |
Ingo Franzki
|
b9ff440dd6 | |
|
Ingo Franzki
|
f77fafd16e | |
Nikola Pajkovsky
|
0b6c29172a | |
|
Nikola Pajkovsky
|
73076c3745 | |
Pauli
|
ba3775a4b5 | |
|
Pauli
|
234ef5009c | |
|
Pauli
|
fec84bf590 | |
|
Pauli
|
cc981dc5ad | |
|
Pauli
|
e879b41afa | |
|
Pauli
|
e0d3b45a10 | |
|
Pauli
|
337244f8a2 | |
|
Pauli
|
df44c5b970 |
|
|
@ -31,6 +31,11 @@ OpenSSL 3.6
|
|||
|
||||
### Changes between 3.5 and 3.6 [xx XXX xxxx]
|
||||
|
||||
* The FIPS provider now performs a PCT on key import for RSA, EC and ECX.
|
||||
This is mandated by FIPS 140-3 IG 10.3.A additional comment 1.
|
||||
|
||||
*Dr Paul Dale*
|
||||
|
||||
* Introduce SSL_OP_SERVER_PREFERENCE superceding misleadingly
|
||||
named SSL_OP_CIPHER_SERVER_PREFERENCE.
|
||||
|
||||
|
|
|
|||
|
|
@ -93,7 +93,6 @@ EOF
|
|||
|
||||
my %cmd_disabler = (
|
||||
ciphers => "sock",
|
||||
genrsa => "rsa",
|
||||
gendsa => "dsa",
|
||||
dsaparam => "dsa",
|
||||
gendh => "dh",
|
||||
|
|
@ -107,7 +106,7 @@ EOF
|
|||
# [2] = preprocessor conditional for excluding irrespective of deprecation
|
||||
# rsa => [ "pkey", "3_0", "rsa" ],
|
||||
# genrsa => [ "genpkey", "3_0", "rsa" ],
|
||||
rsautl => [ "pkeyutl", "3_0", "rsa" ],
|
||||
rsautl => [ "pkeyutl", "3_0", "" ],
|
||||
# dhparam => [ "pkeyparam", "3_0", "dh" ],
|
||||
# dsaparam => [ "pkeyparam", "3_0", "dsa" ],
|
||||
# dsa => [ "pkey", "3_0", "dsa" ],
|
||||
|
|
|
|||
|
|
@ -80,12 +80,6 @@ int ossl_dh_key_fromdata(DH *dh, const OSSL_PARAM params[], int include_private)
|
|||
if (!DH_set0_key(dh, pub_key, priv_key))
|
||||
goto err;
|
||||
|
||||
#ifdef FIPS_MODULE
|
||||
if (pub_key != NULL && priv_key != NULL)
|
||||
if (ossl_dh_check_pairwise(dh) == 0)
|
||||
return 0;
|
||||
#endif
|
||||
|
||||
return 1;
|
||||
|
||||
err:
|
||||
|
|
|
|||
|
|
@ -16,6 +16,7 @@
|
|||
#include <stdio.h>
|
||||
#include "internal/cryptlib.h"
|
||||
#include <openssl/bn.h>
|
||||
#include <openssl/self_test.h>
|
||||
#include "dh_local.h"
|
||||
#include "crypto/dh.h"
|
||||
|
||||
|
|
@ -329,17 +330,27 @@ end:
|
|||
* FFC pairwise check from SP800-56A R3.
|
||||
* Section 5.6.2.1.4 Owner Assurance of Pair-wise Consistency
|
||||
*/
|
||||
int ossl_dh_check_pairwise(const DH *dh)
|
||||
int ossl_dh_check_pairwise(const DH *dh, int return_on_null_numbers)
|
||||
{
|
||||
int ret = 0;
|
||||
BN_CTX *ctx = NULL;
|
||||
BIGNUM *pub_key = NULL;
|
||||
OSSL_SELF_TEST *st = NULL;
|
||||
OSSL_CALLBACK *stcb = NULL;
|
||||
void *stcbarg = NULL;
|
||||
|
||||
if (dh->params.p == NULL
|
||||
|| dh->params.g == NULL
|
||||
|| dh->priv_key == NULL
|
||||
|| dh->pub_key == NULL)
|
||||
return 0;
|
||||
return return_on_null_numbers;
|
||||
|
||||
OSSL_SELF_TEST_get_callback(dh->libctx, &stcb, &stcbarg);
|
||||
st = OSSL_SELF_TEST_new(stcb, stcbarg);
|
||||
if (st == NULL)
|
||||
goto err;
|
||||
OSSL_SELF_TEST_onbegin(st, OSSL_SELF_TEST_TYPE_PCT,
|
||||
OSSL_SELF_TEST_DESC_PCT_DH);
|
||||
|
||||
ctx = BN_CTX_new_ex(dh->libctx);
|
||||
if (ctx == NULL)
|
||||
|
|
@ -351,10 +362,27 @@ int ossl_dh_check_pairwise(const DH *dh)
|
|||
/* recalculate the public key = (g ^ priv) mod p */
|
||||
if (!ossl_dh_generate_public_key(ctx, dh, dh->priv_key, pub_key))
|
||||
goto err;
|
||||
|
||||
#ifdef FIPS_MODULE
|
||||
{
|
||||
int len;
|
||||
unsigned char bytes[1024] = {0}; /* Max key size of 8192 bits */
|
||||
|
||||
if (BN_num_bytes(pub_key) > (int)sizeof(bytes))
|
||||
goto err;
|
||||
len = BN_bn2bin(pub_key, bytes);
|
||||
OSSL_SELF_TEST_oncorrupt_byte(st, bytes);
|
||||
if (BN_bin2bn(bytes, len, pub_key) == NULL)
|
||||
goto err;
|
||||
}
|
||||
#endif
|
||||
/* check it matches the existing public_key */
|
||||
ret = BN_cmp(pub_key, dh->pub_key) == 0;
|
||||
err:
|
||||
err:
|
||||
BN_free(pub_key);
|
||||
BN_CTX_free(ctx);
|
||||
|
||||
OSSL_SELF_TEST_onend(st, ret);
|
||||
OSSL_SELF_TEST_free(st);
|
||||
return ret;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -261,10 +261,12 @@ int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx,
|
|||
|
||||
cipher = ctx->op.ciph.cipher;
|
||||
desc = cipher->description != NULL ? cipher->description : "";
|
||||
ERR_set_mark();
|
||||
ret = cipher->encrypt(ctx->op.ciph.algctx, out, outlen, (out == NULL ? 0 : *outlen), in, inlen);
|
||||
if (ret <= 0)
|
||||
if (ret <= 0 && ERR_count_to_mark() == 0)
|
||||
ERR_raise_data(ERR_LIB_EVP, EVP_R_PROVIDER_ASYM_CIPHER_FAILURE,
|
||||
"%s encrypt:%s", cipher->type_name, desc);
|
||||
ERR_clear_last_mark();
|
||||
return ret;
|
||||
|
||||
legacy:
|
||||
|
|
@ -309,10 +311,12 @@ int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx,
|
|||
|
||||
cipher = ctx->op.ciph.cipher;
|
||||
desc = cipher->description != NULL ? cipher->description : "";
|
||||
ERR_set_mark();
|
||||
ret = cipher->decrypt(ctx->op.ciph.algctx, out, outlen, (out == NULL ? 0 : *outlen), in, inlen);
|
||||
if (ret <= 0)
|
||||
if (ret <= 0 && ERR_count_to_mark() == 0)
|
||||
ERR_raise_data(ERR_LIB_EVP, EVP_R_PROVIDER_ASYM_CIPHER_FAILURE,
|
||||
"%s decrypt:%s", cipher->type_name, desc);
|
||||
ERR_clear_last_mark();
|
||||
|
||||
return ret;
|
||||
|
||||
|
|
|
|||
|
|
@ -460,10 +460,12 @@ void *evp_keymgmt_gen(const EVP_KEYMGMT *keymgmt, void *genctx,
|
|||
return NULL;
|
||||
}
|
||||
|
||||
ERR_set_mark();
|
||||
ret = keymgmt->gen(genctx, cb, cbarg);
|
||||
if (ret == NULL)
|
||||
if (ret == NULL && ERR_count_to_mark() == 0)
|
||||
ERR_raise_data(ERR_LIB_EVP, EVP_R_PROVIDER_KEYMGMT_FAILURE,
|
||||
"%s key generation:%s", keymgmt->type_name, desc);
|
||||
ERR_clear_last_mark();
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -426,10 +426,12 @@ int EVP_DigestSignUpdate(EVP_MD_CTX *ctx, const void *data, size_t dsize)
|
|||
return 0;
|
||||
}
|
||||
|
||||
ERR_set_mark();
|
||||
ret = signature->digest_sign_update(pctx->op.sig.algctx, data, dsize);
|
||||
if (ret <= 0)
|
||||
if (ret <= 0 && ERR_count_to_mark() == 0)
|
||||
ERR_raise_data(ERR_LIB_EVP, EVP_R_PROVIDER_SIGNATURE_FAILURE,
|
||||
"%s digest_sign_update:%s", signature->type_name, desc);
|
||||
ERR_clear_last_mark();
|
||||
return ret;
|
||||
|
||||
legacy:
|
||||
|
|
@ -474,10 +476,12 @@ int EVP_DigestVerifyUpdate(EVP_MD_CTX *ctx, const void *data, size_t dsize)
|
|||
return 0;
|
||||
}
|
||||
|
||||
ERR_set_mark();
|
||||
ret = signature->digest_verify_update(pctx->op.sig.algctx, data, dsize);
|
||||
if (ret <= 0)
|
||||
if (ret <= 0 && ERR_count_to_mark() == 0)
|
||||
ERR_raise_data(ERR_LIB_EVP, EVP_R_PROVIDER_SIGNATURE_FAILURE,
|
||||
"%s digest_verify_update:%s", signature->type_name, desc);
|
||||
ERR_clear_last_mark();
|
||||
return ret;
|
||||
|
||||
legacy:
|
||||
|
|
@ -527,11 +531,13 @@ int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
|
|||
pctx = dctx;
|
||||
}
|
||||
|
||||
ERR_set_mark();
|
||||
r = signature->digest_sign_final(pctx->op.sig.algctx, sigret, siglen,
|
||||
sigret == NULL ? 0 : *siglen);
|
||||
if (!r)
|
||||
if (!r && ERR_count_to_mark() == 0)
|
||||
ERR_raise_data(ERR_LIB_EVP, EVP_R_PROVIDER_SIGNATURE_FAILURE,
|
||||
"%s digest_sign_final:%s", signature->type_name, desc);
|
||||
ERR_clear_last_mark();
|
||||
if (dctx == NULL && sigret != NULL)
|
||||
ctx->flags |= EVP_MD_CTX_FLAG_FINALISED;
|
||||
else
|
||||
|
|
@ -638,11 +644,13 @@ int EVP_DigestSign(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen,
|
|||
|
||||
if (sigret != NULL)
|
||||
ctx->flags |= EVP_MD_CTX_FLAG_FINALISED;
|
||||
ERR_set_mark();
|
||||
ret = signature->digest_sign(pctx->op.sig.algctx, sigret, siglen,
|
||||
sigret == NULL ? 0 : *siglen, tbs, tbslen);
|
||||
if (ret <= 0)
|
||||
if (ret <= 0 && ERR_count_to_mark() == 0)
|
||||
ERR_raise_data(ERR_LIB_EVP, EVP_R_PROVIDER_SIGNATURE_FAILURE,
|
||||
"%s digest_sign:%s", signature->type_name, desc);
|
||||
ERR_clear_last_mark();
|
||||
return ret;
|
||||
}
|
||||
} else {
|
||||
|
|
@ -693,10 +701,12 @@ int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sig,
|
|||
pctx = dctx;
|
||||
}
|
||||
|
||||
ERR_set_mark();
|
||||
r = signature->digest_verify_final(pctx->op.sig.algctx, sig, siglen);
|
||||
if (!r)
|
||||
if (!r && ERR_count_to_mark() == 0)
|
||||
ERR_raise_data(ERR_LIB_EVP, EVP_R_PROVIDER_SIGNATURE_FAILURE,
|
||||
"%s digest_verify_final:%s", signature->type_name, desc);
|
||||
ERR_clear_last_mark();
|
||||
if (dctx == NULL)
|
||||
ctx->flags |= EVP_MD_CTX_FLAG_FINALISED;
|
||||
else
|
||||
|
|
@ -769,10 +779,12 @@ int EVP_DigestVerify(EVP_MD_CTX *ctx, const unsigned char *sigret,
|
|||
int ret;
|
||||
|
||||
ctx->flags |= EVP_MD_CTX_FLAG_FINALISED;
|
||||
ERR_set_mark();
|
||||
ret = signature->digest_verify(pctx->op.sig.algctx, sigret, siglen, tbs, tbslen);
|
||||
if (ret <= 0)
|
||||
if (ret <= 0 && ERR_count_to_mark() == 0)
|
||||
ERR_raise_data(ERR_LIB_EVP, EVP_R_PROVIDER_SIGNATURE_FAILURE,
|
||||
"%s digest_verify:%s", signature->type_name, desc);
|
||||
ERR_clear_last_mark();
|
||||
return ret;
|
||||
}
|
||||
} else {
|
||||
|
|
|
|||
|
|
@ -2419,6 +2419,11 @@ static int core_pop_error_to_mark(const OSSL_CORE_HANDLE *handle)
|
|||
return ERR_pop_to_mark();
|
||||
}
|
||||
|
||||
static int core_count_to_mark(const OSSL_CORE_HANDLE *handle)
|
||||
{
|
||||
return ERR_count_to_mark();
|
||||
}
|
||||
|
||||
static void core_indicator_get_callback(OPENSSL_CORE_CTX *libctx,
|
||||
OSSL_INDICATOR_CALLBACK **cb)
|
||||
{
|
||||
|
|
@ -2600,6 +2605,7 @@ static const OSSL_DISPATCH core_dispatch_[] = {
|
|||
{ OSSL_FUNC_CORE_CLEAR_LAST_ERROR_MARK,
|
||||
(void (*)(void))core_clear_last_error_mark },
|
||||
{ OSSL_FUNC_CORE_POP_ERROR_TO_MARK, (void (*)(void))core_pop_error_to_mark },
|
||||
{ OSSL_FUNC_CORE_COUNT_TO_MARK, (void (*)(void))core_count_to_mark },
|
||||
{ OSSL_FUNC_BIO_NEW_FILE, (void (*)(void))ossl_core_bio_new_file },
|
||||
{ OSSL_FUNC_BIO_NEW_MEMBUF, (void (*)(void))ossl_core_bio_new_mem_buf },
|
||||
{ OSSL_FUNC_BIO_READ_EX, (void (*)(void))ossl_core_bio_read_ex },
|
||||
|
|
|
|||
|
|
@ -734,3 +734,18 @@ err:
|
|||
|
||||
return ret;
|
||||
}
|
||||
|
||||
#ifdef FIPS_MODULE
|
||||
int ossl_rsa_key_pairwise_test(RSA *rsa)
|
||||
{
|
||||
OSSL_CALLBACK *stcb;
|
||||
void *stcbarg;
|
||||
int res;
|
||||
|
||||
OSSL_SELF_TEST_get_callback(rsa->libctx, &stcb, &stcbarg);
|
||||
res = rsa_keygen_pairwise_test(rsa, stcb, stcbarg);
|
||||
if (res <= 0)
|
||||
ossl_set_error_state(OSSL_SELF_TEST_TYPE_PCT);
|
||||
return res;
|
||||
}
|
||||
#endif /* FIPS_MODULE */
|
||||
|
|
|
|||
|
|
@ -154,6 +154,10 @@ provider):
|
|||
core_new_error OSSL_FUNC_CORE_NEW_ERROR
|
||||
core_set_error_debug OSSL_FUNC_CORE_SET_ERROR_DEBUG
|
||||
core_vset_error OSSL_FUNC_CORE_VSET_ERROR
|
||||
core_set_error_mark OSSL_FUNC_CORE_SET_ERROR_MARK
|
||||
core_clear_last_error_mark OSSL_FUNC_CORE_CLEAR_LAST_ERROR_MARK
|
||||
core_pop_error_to_mark OSSL_FUNC_CORE_POP_ERROR_TO_MARK
|
||||
core_count_to_mark OSSL_FUNC_CORE_COUNT_TO_MARK
|
||||
core_obj_add_sigid OSSL_FUNC_CORE_OBJ_ADD_SIGID
|
||||
core_obj_create OSSL_FUNC_CORE_OBJ_CREATE
|
||||
CRYPTO_malloc OSSL_FUNC_CRYPTO_MALLOC
|
||||
|
|
@ -270,6 +274,33 @@ error occurred or was reported.
|
|||
|
||||
This corresponds to the OpenSSL function L<ERR_vset_error(3)>.
|
||||
|
||||
=item core_set_error_mark()
|
||||
|
||||
sets a mark on the current topmost error record if there is one.
|
||||
|
||||
This corresponds to the OpenSSL function L<ERR_set_mark(3)>.
|
||||
|
||||
=item core_clear_last_error_mark()
|
||||
|
||||
removes the last mark added if there is one.
|
||||
|
||||
This corresponds to the OpenSSL function L<ERR_clear_last_mark(3)>.
|
||||
|
||||
=item core_pop_error_to_mark()
|
||||
|
||||
pops the top of the error stack until a mark is found. The mark is then removed.
|
||||
If there is no mark, the whole stack is removed.
|
||||
|
||||
This corresponds to the OpenSSL function L<ERR_pop_to_mark(3)>.
|
||||
|
||||
=item core_count_to_mark()
|
||||
|
||||
returns the number of entries on the error stack above the most recently
|
||||
marked entry, not including that entry. If there is no mark in the error stack,
|
||||
the number of entries in the error stack is returned.
|
||||
|
||||
This corresponds to the OpenSSL function L<ERR_count_to_mark(3)>.
|
||||
|
||||
=back
|
||||
|
||||
The core_obj_create() function registers a new OID and associated short name
|
||||
|
|
|
|||
|
|
@ -590,10 +590,7 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len)
|
|||
SSL *server;
|
||||
BIO *in;
|
||||
BIO *out;
|
||||
#if !defined(OPENSSL_NO_EC) \
|
||||
|| (!defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_DEPRECATED_3_0))
|
||||
BIO *bio_buf;
|
||||
#endif
|
||||
SSL_CTX *ctx;
|
||||
int ret;
|
||||
#ifndef OPENSSL_NO_DEPRECATED_3_0
|
||||
|
|
|
|||
|
|
@ -42,7 +42,7 @@ int ossl_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh);
|
|||
|
||||
int ossl_dh_check_pub_key_partial(const DH *dh, const BIGNUM *pub_key, int *ret);
|
||||
int ossl_dh_check_priv_key(const DH *dh, const BIGNUM *priv_key, int *ret);
|
||||
int ossl_dh_check_pairwise(const DH *dh);
|
||||
int ossl_dh_check_pairwise(const DH *dh, int return_on_null_numbers);
|
||||
|
||||
const DH_METHOD *ossl_dh_get_method(const DH *dh);
|
||||
|
||||
|
|
|
|||
|
|
@ -124,6 +124,10 @@ ASN1_STRING *ossl_rsa_ctx_to_pss_string(EVP_PKEY_CTX *pkctx);
|
|||
int ossl_rsa_pss_to_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pkctx,
|
||||
const X509_ALGOR *sigalg, EVP_PKEY *pkey);
|
||||
|
||||
# ifdef FIPS_MODULE
|
||||
int ossl_rsa_key_pairwise_test(RSA *rsa);
|
||||
# endif /* FIPS_MODULE */
|
||||
|
||||
# if defined(FIPS_MODULE) && !defined(OPENSSL_NO_ACVP_TESTS)
|
||||
int ossl_rsa_acvp_test_gen_params_new(OSSL_PARAM **dst, const OSSL_PARAM src[]);
|
||||
void ossl_rsa_acvp_test_gen_params_free(OSSL_PARAM *dst);
|
||||
|
|
|
|||
|
|
@ -253,6 +253,10 @@ OSSL_CORE_MAKE_FUNC(int, provider_up_ref,
|
|||
OSSL_CORE_MAKE_FUNC(int, provider_free,
|
||||
(const OSSL_CORE_HANDLE *prov, int deactivate))
|
||||
|
||||
/* Additional error functions provided by the core */
|
||||
# define OSSL_FUNC_CORE_COUNT_TO_MARK 120
|
||||
OSSL_CORE_MAKE_FUNC(int, core_count_to_mark, (const OSSL_CORE_HANDLE *prov))
|
||||
|
||||
/* Functions provided by the provider to the Core, reserved numbers 1024-1535 */
|
||||
# define OSSL_FUNC_PROVIDER_TEARDOWN 1024
|
||||
OSSL_CORE_MAKE_FUNC(void, provider_teardown, (void *provctx))
|
||||
|
|
|
|||
|
|
@ -50,6 +50,7 @@ extern "C" {
|
|||
# define OSSL_SELF_TEST_DESC_PCT_RSA_PKCS1 "RSA"
|
||||
# define OSSL_SELF_TEST_DESC_PCT_ECDSA "ECDSA"
|
||||
# define OSSL_SELF_TEST_DESC_PCT_EDDSA "EDDSA"
|
||||
# define OSSL_SELF_TEST_DESC_PCT_DH "DH"
|
||||
# define OSSL_SELF_TEST_DESC_PCT_DSA "DSA"
|
||||
# define OSSL_SELF_TEST_DESC_PCT_ML_DSA "ML-DSA"
|
||||
# define OSSL_SELF_TEST_DESC_PCT_ML_KEM "ML-KEM"
|
||||
|
|
|
|||
|
|
@ -65,6 +65,7 @@ static OSSL_FUNC_core_vset_error_fn *c_vset_error;
|
|||
static OSSL_FUNC_core_set_error_mark_fn *c_set_error_mark;
|
||||
static OSSL_FUNC_core_clear_last_error_mark_fn *c_clear_last_error_mark;
|
||||
static OSSL_FUNC_core_pop_error_to_mark_fn *c_pop_error_to_mark;
|
||||
static OSSL_FUNC_core_count_to_mark_fn *c_count_to_mark;
|
||||
static OSSL_FUNC_CRYPTO_malloc_fn *c_CRYPTO_malloc;
|
||||
static OSSL_FUNC_CRYPTO_zalloc_fn *c_CRYPTO_zalloc;
|
||||
static OSSL_FUNC_CRYPTO_free_fn *c_CRYPTO_free;
|
||||
|
|
@ -834,6 +835,9 @@ int OSSL_provider_init_int(const OSSL_CORE_HANDLE *handle,
|
|||
case OSSL_FUNC_CORE_POP_ERROR_TO_MARK:
|
||||
set_func(c_pop_error_to_mark, OSSL_FUNC_core_pop_error_to_mark(in));
|
||||
break;
|
||||
case OSSL_FUNC_CORE_COUNT_TO_MARK:
|
||||
set_func(c_count_to_mark, OSSL_FUNC_core_count_to_mark(in));
|
||||
break;
|
||||
case OSSL_FUNC_CRYPTO_MALLOC:
|
||||
set_func(c_CRYPTO_malloc, OSSL_FUNC_CRYPTO_malloc(in));
|
||||
break;
|
||||
|
|
@ -1072,6 +1076,11 @@ int ERR_pop_to_mark(void)
|
|||
return c_pop_error_to_mark(NULL);
|
||||
}
|
||||
|
||||
int ERR_count_to_mark(void)
|
||||
{
|
||||
return c_count_to_mark != NULL ? c_count_to_mark(NULL) : 0;
|
||||
}
|
||||
|
||||
/*
|
||||
* This must take a library context, since it's called from the depths
|
||||
* of crypto/initthread.c code, where it's (correctly) assumed that the
|
||||
|
|
|
|||
|
|
@ -19,10 +19,12 @@
|
|||
#include <openssl/core_names.h>
|
||||
#include <openssl/bn.h>
|
||||
#include <openssl/err.h>
|
||||
#include <openssl/self_test.h>
|
||||
#include "prov/implementations.h"
|
||||
#include "prov/providercommon.h"
|
||||
#include "prov/provider_ctx.h"
|
||||
#include "crypto/dh.h"
|
||||
#include "internal/fips.h"
|
||||
#include "internal/sizes.h"
|
||||
|
||||
static OSSL_FUNC_keymgmt_new_fn dh_newdata;
|
||||
|
|
@ -207,6 +209,18 @@ static int dh_import(void *keydata, int selection, const OSSL_PARAM params[])
|
|||
selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY ? 1 : 0;
|
||||
|
||||
ok = ok && ossl_dh_key_fromdata(dh, params, include_private);
|
||||
#ifdef FIPS_MODULE
|
||||
/*
|
||||
* FIPS 140-3 IG 10.3.A additional comment 1 mandates that a pairwise
|
||||
* consistency check be undertaken on key import. The required test
|
||||
* is described in SP 800-56Ar3 5.6.2.1.4.
|
||||
*/
|
||||
if (ok > 0 && !ossl_fips_self_testing()) {
|
||||
ok = ossl_dh_check_pairwise(dh, 1);
|
||||
if (ok <= 0)
|
||||
ossl_set_error_state(OSSL_SELF_TEST_TYPE_PCT);
|
||||
}
|
||||
#endif /* FIPS_MODULE */
|
||||
}
|
||||
|
||||
return ok;
|
||||
|
|
@ -444,7 +458,7 @@ static int dh_validate(const void *keydata, int selection, int checktype)
|
|||
|
||||
if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR)
|
||||
== OSSL_KEYMGMT_SELECT_KEYPAIR)
|
||||
ok = ok && ossl_dh_check_pairwise(dh);
|
||||
ok = ok && ossl_dh_check_pairwise(dh, 0);
|
||||
return ok;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -20,12 +20,14 @@
|
|||
#include <openssl/err.h>
|
||||
#include <openssl/objects.h>
|
||||
#include <openssl/proverr.h>
|
||||
#include <openssl/self_test.h>
|
||||
#include "crypto/bn.h"
|
||||
#include "crypto/ec.h"
|
||||
#include "prov/implementations.h"
|
||||
#include "prov/providercommon.h"
|
||||
#include "prov/provider_ctx.h"
|
||||
#include "prov/securitycheck.h"
|
||||
#include "internal/fips.h"
|
||||
#include "internal/param_build_set.h"
|
||||
|
||||
#ifndef FIPS_MODULE
|
||||
|
|
@ -429,6 +431,21 @@ int common_import(void *keydata, int selection, const OSSL_PARAM params[],
|
|||
if ((selection & OSSL_KEYMGMT_SELECT_OTHER_PARAMETERS) != 0)
|
||||
ok = ok && ossl_ec_key_otherparams_fromdata(ec, params);
|
||||
|
||||
#ifdef FIPS_MODULE
|
||||
if (ok > 0
|
||||
&& !ossl_fips_self_testing()
|
||||
&& EC_KEY_get0_public_key(ec) != NULL
|
||||
&& EC_KEY_get0_private_key(ec) != NULL
|
||||
&& EC_KEY_get0_group(ec) != NULL) {
|
||||
BN_CTX *bnctx = BN_CTX_new_ex(ossl_ec_key_get_libctx(ec));
|
||||
|
||||
ok = bnctx != NULL && ossl_ec_key_pairwise_check(ec, bnctx);
|
||||
BN_CTX_free(bnctx);
|
||||
if (ok <= 0)
|
||||
ossl_set_error_state(OSSL_SELF_TEST_TYPE_PCT);
|
||||
}
|
||||
#endif /* FIPS_MODULE */
|
||||
|
||||
return ok;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -17,6 +17,7 @@
|
|||
#include <openssl/evp.h>
|
||||
#include <openssl/rand.h>
|
||||
#include <openssl/self_test.h>
|
||||
#include "internal/fips.h"
|
||||
#include "internal/param_build_set.h"
|
||||
#include <openssl/param_build.h>
|
||||
#include "crypto/ecx.h"
|
||||
|
|
@ -92,6 +93,15 @@ static void *s390x_ecd_keygen25519(struct ecx_gen_ctx *gctx);
|
|||
static void *s390x_ecd_keygen448(struct ecx_gen_ctx *gctx);
|
||||
#endif
|
||||
|
||||
#ifdef FIPS_MODULE
|
||||
static int ecd_fips140_pairwise_test(const ECX_KEY *ecx, int type, int self_test);
|
||||
#endif /* FIPS_MODULE */
|
||||
|
||||
static ossl_inline int ecx_key_type_is_ed(ECX_KEY_TYPE type)
|
||||
{
|
||||
return type == ECX_KEY_TYPE_ED25519 || type == ECX_KEY_TYPE_ED448;
|
||||
}
|
||||
|
||||
static void *x25519_new_key(void *provctx)
|
||||
{
|
||||
if (!ossl_prov_is_running())
|
||||
|
|
@ -208,6 +218,14 @@ static int ecx_import(void *keydata, int selection, const OSSL_PARAM params[])
|
|||
include_private = selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY ? 1 : 0;
|
||||
ok = ok && ossl_ecx_key_fromdata(key, params, include_private);
|
||||
|
||||
#ifdef FIPS_MODULE
|
||||
if (ok > 0 && ecx_key_type_is_ed(key->type) && !ossl_fips_self_testing())
|
||||
if (key->haspubkey && key->privkey != NULL) {
|
||||
ok = ecd_fips140_pairwise_test(key, key->type, 1);
|
||||
if (ok <= 0)
|
||||
ossl_set_error_state(OSSL_SELF_TEST_TYPE_PCT);
|
||||
}
|
||||
#endif /* FIPS_MODULE */
|
||||
return ok;
|
||||
}
|
||||
|
||||
|
|
@ -716,8 +734,7 @@ static void *ecx_gen(struct ecx_gen_ctx *gctx)
|
|||
}
|
||||
#ifndef FIPS_MODULE
|
||||
if (gctx->dhkem_ikm != NULL && gctx->dhkem_ikmlen != 0) {
|
||||
if (gctx->type == ECX_KEY_TYPE_ED25519
|
||||
|| gctx->type == ECX_KEY_TYPE_ED448)
|
||||
if (ecx_key_type_is_ed(gctx->type))
|
||||
goto err;
|
||||
if (!ossl_ecx_dhkem_derive_private(key, privkey,
|
||||
gctx->dhkem_ikm, gctx->dhkem_ikmlen))
|
||||
|
|
@ -981,7 +998,7 @@ static int ecx_validate(const void *keydata, int selection, int type,
|
|||
if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != OSSL_KEYMGMT_SELECT_KEYPAIR)
|
||||
return ok;
|
||||
|
||||
if (type == ECX_KEY_TYPE_ED25519 || type == ECX_KEY_TYPE_ED448)
|
||||
if (ecx_key_type_is_ed(type))
|
||||
ok = ok && ecd_key_pairwise_check(ecx, type);
|
||||
else
|
||||
ok = ok && ecx_key_pairwise_check(ecx, type);
|
||||
|
|
|
|||
|
|
@ -25,6 +25,7 @@
|
|||
#include "prov/provider_ctx.h"
|
||||
#include "crypto/rsa.h"
|
||||
#include "crypto/cryptlib.h"
|
||||
#include "internal/fips.h"
|
||||
#include "internal/param_build_set.h"
|
||||
|
||||
static OSSL_FUNC_keymgmt_new_fn rsa_newdata;
|
||||
|
|
@ -196,6 +197,23 @@ static int rsa_import(void *keydata, int selection, const OSSL_PARAM params[])
|
|||
ok = ok && ossl_rsa_fromdata(rsa, params, include_private);
|
||||
}
|
||||
|
||||
#ifdef FIPS_MODULE
|
||||
if (ok > 0 && !ossl_fips_self_testing()) {
|
||||
const BIGNUM *n, *e, *d, *dp, *dq, *iq, *p, *q;
|
||||
|
||||
RSA_get0_key(rsa, &n, &e, &d);
|
||||
RSA_get0_crt_params(rsa, &dp, &dq, &iq);
|
||||
p = RSA_get0_p(rsa);
|
||||
q = RSA_get0_q(rsa);
|
||||
|
||||
/* Check for the public key */
|
||||
if (n != NULL && e != NULL)
|
||||
/* Check for private key in straightforward or CRT form */
|
||||
if (d != NULL || (p != NULL && q != NULL && dp != NULL
|
||||
&& dq != NULL && iq != NULL))
|
||||
ok = ossl_rsa_key_pairwise_test(rsa);
|
||||
}
|
||||
#endif /* FIPS_MODULE */
|
||||
return ok;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -48,6 +48,7 @@ static OSSL_FUNC_core_vset_error_fn *c_vset_error;
|
|||
static OSSL_FUNC_core_set_error_mark_fn *c_set_error_mark;
|
||||
static OSSL_FUNC_core_clear_last_error_mark_fn *c_clear_last_error_mark;
|
||||
static OSSL_FUNC_core_pop_error_to_mark_fn *c_pop_error_to_mark;
|
||||
static OSSL_FUNC_core_count_to_mark_fn *c_count_to_mark;
|
||||
#endif
|
||||
|
||||
/* Parameters we provide to the core */
|
||||
|
|
@ -234,6 +235,9 @@ int OSSL_provider_init(const OSSL_CORE_HANDLE *handle,
|
|||
case OSSL_FUNC_CORE_POP_ERROR_TO_MARK:
|
||||
set_func(c_pop_error_to_mark, OSSL_FUNC_core_pop_error_to_mark(tmp));
|
||||
break;
|
||||
case OSSL_FUNC_CORE_COUNT_TO_MARK:
|
||||
set_func(c_count_to_mark, OSSL_FUNC_core_count_to_mark(in));
|
||||
break;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
|
@ -301,4 +305,9 @@ int ERR_pop_to_mark(void)
|
|||
{
|
||||
return c_pop_error_to_mark(NULL);
|
||||
}
|
||||
|
||||
int ERR_count_to_mark(void)
|
||||
{
|
||||
return c_count_to_mark != NULL ? c_count_to_mark(NULL) : 0;
|
||||
}
|
||||
#endif
|
||||
|
|
|
|||
|
|
@ -23,9 +23,19 @@ print <<"_____";
|
|||
#ifndef OPENSSL_NO_STDIO
|
||||
# include <stdio.h>
|
||||
#endif
|
||||
_____
|
||||
|
||||
if (${name_uc} eq "RSA") {
|
||||
print("#include <openssl/rsa.h>");
|
||||
}
|
||||
else {
|
||||
print <<"_____";
|
||||
#ifndef OPENSSL_NO_${name_uc}
|
||||
# include <openssl/$name.h>
|
||||
#endif
|
||||
_____
|
||||
}
|
||||
print <<"_____";
|
||||
|
||||
int main(void)
|
||||
{
|
||||
|
|
|
|||
|
|
@ -1984,7 +1984,7 @@ static int test_tlsext_status_type(void)
|
|||
if (!create_ssl_ctx_pair(libctx, TLS_server_method(), TLS_client_method(),
|
||||
TLS1_VERSION, 0,
|
||||
&sctx, &cctx, leaf, skey))
|
||||
return 0;
|
||||
goto end;
|
||||
if (SSL_CTX_use_certificate_chain_file(sctx, leaf_chain) <= 0)
|
||||
goto end;
|
||||
if (SSL_CTX_get_tlsext_status_type(cctx) != -1)
|
||||
|
|
|
|||
Loading…
Reference in New Issue