Accepting request 1099073 from security:tls

OBS-URL: https://build.opensuse.org/request/show/1099073 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/crypto-policies?expand=0&rev=4
2023-07-27 14:50:31 +00:00 · 2023-07-27 14:50:31 +00:00 · f20fe34d25
commit f20fe34d25
parent d79ae5c3ad c840e031b3
14 changed files with 234 additions and 91 deletions
--- a/BSI.pol
+++ b/BSI.pol
@ -0,0 +1,87 @@
+# This policy follows the BSI TR-02102-2 "Kryptographische Verfahren: Verwendung von Transport Layer Security (TLS)"
+# 	Generic:https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR02102/BSI-TR-02102.html
+# 	TLS:	https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR02102/BSI-TR-02102-2.html
+# 	IPSEC:	https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR02102/BSI-TR-02102-3.html
+# 		Note that currently crypto-policies do not adjust ipsec configs, but only openssl or nss.
+# 	SSH:	https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR02102/BSI-TR-02102-4.html
+# 		Note that the SUSE openssh is not yet reading crypto policies.
+# Author: Marcus Meissner <meissner@suse.de> 2023
+#
+# Based on NEXT.pol
+
+# BSI TR 02102 / revision 2023.1, Table 5.1 "Empfohlene Hashfunktionen."
+# 	HMAC-SHA1 is not valid anymore
+# 	UMAC is for SSH... check TODO
+mac = AEAD HMAC-SHA2-256 UMAC-128 HMAC-SHA2-384 HMAC-SHA2-512
+
+# BSI TR 02102-2 / revision 2023.1, Table 4 "Empfohlene Diffie-Hellman-Gruppen für TLS 1.2"
+# not listed in BSI TR, but could be included: FFDHE-6144 FFDHE-8192
+group = SECP256R1 SECP384R1 SECP521R1 FFDHE-2048 FFDHE-3072 FFDHE-4096 BRAINPOOL-P512R1 BRAINPOOL-P384R1 BRAINPOOL-P256R1
+
+# BSI TR 02102 / revision 2023.1, Table 5.1 "Empfohlene Hashfunktionen."
+hash = SHA2-256 SHA2-384 SHA2-512 SHA3-256 SHA3-384 SHA3-512
+
+hash@DNSSec = SHA1+  # SHA1 is still prevalent in DNSSec
+
+# BSI TR 02102-2 / revision 2023.1, Table 5 "Empfohlene Signaturverfahren für TLS 1.2" and
+# Table 6 "Empfohlene Hashfunktionen für Signaturverfahren in TLS 1.2"
+# BSI TR 02102 / revision 2023.1 Section 5 "Hashfunktionen"
+# 	224 bit SHA parts not recommended by BSI: ECDSA-SHA2-224 RSA-PSS-SHA2-224 RSA-SHA2-224 ECDSA-SHA3-224 RSA-PSS-SHA3-224 RSA-SHA3-224 
+sign = ECDSA-SHA3-256 ECDSA-SHA2-256 ECDSA-SHA2-256-FIDO \
+       ECDSA-SHA3-384 ECDSA-SHA2-384 \
+       ECDSA-SHA3-512 ECDSA-SHA2-512 \
+       EDDSA-ED25519 EDDSA-ED25519-FIDO EDDSA-ED448 \
+       RSA-PSS-SHA3-256 RSA-PSS-SHA2-256 \
+       RSA-PSS-SHA3-384 RSA-PSS-SHA2-384 \
+       RSA-PSS-SHA3-512 RSA-PSS-SHA2-512 \
+       RSA-PSS-RSAE-SHA3-256 RSA-PSS-RSAE-SHA2-256 \
+       RSA-PSS-RSAE-SHA3-384 RSA-PSS-RSAE-SHA2-384 \
+       RSA-PSS-RSAE-SHA3-512 RSA-PSS-RSAE-SHA2-512 \
+       RSA-SHA3-256 RSA-SHA2-256 \
+       RSA-SHA3-384 RSA-SHA2-384 \
+       RSA-SHA3-512 RSA-SHA2-512
+sign@DNSSec = RSA-SHA1+ ECDSA-SHA1+  # SHA1 is still prevalent in DNSSec
+
+# BSI TR 02102 / revision 2023.1
+# Not listed in BSI TR: CHACHA20-POLY1305 CAMELLIA-256-GCM CAMELLIA-128-CBC CAMELLIA-256-CBC CAMELLIA-128-GCM 
+cipher = AES-256-GCM AES-256-CCM AES-256-CTR AES-256-CBC AES-128-GCM AES-128-CCM AES-128-CTR AES-128-CBC
+
+# BSI TR 02102-2 / revision 2023.1, Table 1 and Table 2
+# 	CHACHA20-POLY1305 not listed in TR
+cipher@TLS = AES-256-GCM AES-256-CCM AES-256-CBC AES-128-GCM AES-128-CCM AES-128-CBC
+
+cipher@sequoia = AES-256-CFB AES-128-CFB CAMELLIA-256-CFB CAMELLIA-128-CFB
+cipher@RPM = AES-256-CFB AES-128-CFB CAMELLIA-256-CFB CAMELLIA-128-CFB
+
+# CBC ciphers in SSH are considered vulnerable to plaintext recovery attacks
+# and disabled in client OpenSSH 7.6 (2017) and server OpenSSH 6.7 (2014).
+cipher@SSH = -*-CBC
+
+# BSI TR 02102-2 / revision 2023.1, Table 1 and Table 2
+# Note this goes to all ciphers. DHE-GSS is not valid for TLS, but used in SSH.
+# 	TLS: ECDHE DHE DHE-RSA PSK DHE-PSK ECDHE-PSK RSA-PSK are ok, GSS is not used in TLS, will not be used for TLS
+key_exchange = ECDHE DHE DHE-RSA PSK DHE-PSK ECDHE-PSK RSA-PSK ECDHE-GSS DHE-GSS
+
+# BSI TR 02102-2 / revision 2023.1, Section 3.2 "SSL/TLS Versionen"
+protocol@TLS = TLS1.3 TLS1.2 DTLS1.2
+
+protocol@IKE = IKEv2
+
+# Parameter sizes
+min_dh_size = 3072
+min_dsa_size = 3072
+# BSI TR 02102-2 / revision 2023.1: 2k still allowed until end of 2023.
+min_rsa_size = 2048
+
+# GnuTLS only for now
+sha1_in_certs = 0
+
+arbitrary_dh_groups = 1
+ssh_certs = 1
+ssh_etm = 1
+
+# https://pagure.io/fesco/issue/2960
+# "RPM must accept SHA-1 hashes and DSA keys for Fedora 38"
+sign@RPM = DSA-SHA1+
+hash@RPM = SHA1+
+min_dsa_size@RPM = 1024
--- a/README.SUSE
+++ b/README.SUSE
@ -1,6 +1,6 @@
 Currently, the supported back-end policies are:
  * OpenSSL library
  * GnuTLS library
-  * OpenJDK (only for java-1_8_0-openjdk and java-11-openjdk)
+  * OpenJDK

 The rest of the modules ignore the policy settings for the time being.
--- a/2
+++ b/2
@ -4,7 +4,7 @@
    <param name="scm">git</param>
    <param name="versionformat">%cd.%h</param>
    <param name="changesgenerate">enable</param>
-    <param name="revision">3d08ae70557e5a86686e5b24e443731bfdf232bb</param>
+    <param name="revision">5f3458e619628288883f22695f3311f1ccd6a39f</param>
  </service>
  <service name="recompress" mode="disabled">
    <param name="file">*.tar</param>
--- a/2
+++ b/2
@ -1,4 +1,4 @@
 <servicedata>
 <service name="tar_scm">
                <param name="url">https://gitlab.com/redhat-crypto/fedora-crypto-policies.git</param>
-              <param name="changesrevision">3d08ae70557e5a86686e5b24e443731bfdf232bb</param></service></servicedata>
+              <param name="changesrevision">5f3458e619628288883f22695f3311f1ccd6a39f</param></service></servicedata>
--- a/crypto-policies-revert-rh-allow-sha1-signatures.patch
+++ b/crypto-policies-revert-rh-allow-sha1-signatures.patch
@ -4,10 +4,10 @@ Date: Fri, 8 Apr 2022 13:47:29 +0200
 Subject: openssl: disable SHA-1 signatures in FUTURE/NO-SHA1


-Index: fedora-crypto-policies-20230420.3d08ae7/policies/FUTURE.pol
+Index: fedora-crypto-policies-20230614.5f3458e/policies/FUTURE.pol
 ===================================================================
--- fedora-crypto-policies-20230420.3d08ae7.orig/policies/FUTURE.pol
-+++ fedora-crypto-policies-20230420.3d08ae7/policies/FUTURE.pol
+--- fedora-crypto-policies-20230614.5f3458e.orig/policies/FUTURE.pol
+++ fedora-crypto-policies-20230614.5f3458e/policies/FUTURE.pol
@@ -65,7 +65,3 @@ sha1_in_certs = 0
 arbitrary_dh_groups = 1
 ssh_certs = 1
@ -16,10 +16,10 @@ Index: fedora-crypto-policies-20230420.3d08ae7/policies/FUTURE.pol
 -# https://fedoraproject.org/wiki/Changes/StrongCryptoSettings3Forewarning1
 -# SHA-1 signatures are blocked in OpenSSL in FUTURE only
 -__openssl_block_sha1_signatures = 1
-Index: fedora-crypto-policies-20230420.3d08ae7/policies/modules/NO-SHA1.pmod
+Index: fedora-crypto-policies-20230614.5f3458e/policies/modules/NO-SHA1.pmod
 ===================================================================
--- fedora-crypto-policies-20230420.3d08ae7.orig/policies/modules/NO-SHA1.pmod
-+++ fedora-crypto-policies-20230420.3d08ae7/policies/modules/NO-SHA1.pmod
+--- fedora-crypto-policies-20230614.5f3458e.orig/policies/modules/NO-SHA1.pmod
+++ fedora-crypto-policies-20230614.5f3458e/policies/modules/NO-SHA1.pmod
@@ -3,7 +3,3 @@
 hash = -SHA1
 sign = -*-SHA1
@ -28,10 +28,10 @@ Index: fedora-crypto-policies-20230420.3d08ae7/policies/modules/NO-SHA1.pmod
 -# https://fedoraproject.org/wiki/Changes/StrongCryptoSettings3Preview1
 -# SHA-1 signatures are blocked in OpenSSL in FUTURE only
 -__openssl_block_sha1_signatures = 1
-Index: fedora-crypto-policies-20230420.3d08ae7/python/cryptopolicies/cryptopolicies.py
+Index: fedora-crypto-policies-20230614.5f3458e/python/cryptopolicies/cryptopolicies.py
 ===================================================================
--- fedora-crypto-policies-20230420.3d08ae7.orig/python/cryptopolicies/cryptopolicies.py
-+++ fedora-crypto-policies-20230420.3d08ae7/python/cryptopolicies/cryptopolicies.py
+--- fedora-crypto-policies-20230614.5f3458e.orig/python/cryptopolicies/cryptopolicies.py
+++ fedora-crypto-policies-20230614.5f3458e/python/cryptopolicies/cryptopolicies.py
@@ -19,7 +19,6 @@ from . import validation  # moved out of
 INT_DEFAULTS = {k: 0 for k in (
     'arbitrary_dh_groups',
@ -40,10 +40,10 @@ Index: fedora-crypto-policies-20230420.3d08ae7/python/cryptopolicies/cryptopolic
     'sha1_in_certs',
     'ssh_certs', 'ssh_etm',
 )}
-Index: fedora-crypto-policies-20230420.3d08ae7/python/policygenerators/openssl.py
+Index: fedora-crypto-policies-20230614.5f3458e/python/policygenerators/openssl.py
 ===================================================================
--- fedora-crypto-policies-20230420.3d08ae7.orig/python/policygenerators/openssl.py
-+++ fedora-crypto-policies-20230420.3d08ae7/python/policygenerators/openssl.py
+--- fedora-crypto-policies-20230614.5f3458e.orig/python/policygenerators/openssl.py
+++ fedora-crypto-policies-20230614.5f3458e/python/policygenerators/openssl.py
@@ -7,14 +7,6 @@ from subprocess import check_output, Cal
 
 from .configgenerator import ConfigGenerator
@ -72,10 +72,10 @@ Index: fedora-crypto-policies-20230420.3d08ae7/python/policygenerators/openssl.p
         return s
 
     @classmethod
-Index: fedora-crypto-policies-20230420.3d08ae7/tests/alternative-policies/FUTURE.pol
+Index: fedora-crypto-policies-20230614.5f3458e/tests/alternative-policies/FUTURE.pol
 ===================================================================
--- fedora-crypto-policies-20230420.3d08ae7.orig/tests/alternative-policies/FUTURE.pol
-+++ fedora-crypto-policies-20230420.3d08ae7/tests/alternative-policies/FUTURE.pol
+--- fedora-crypto-policies-20230614.5f3458e.orig/tests/alternative-policies/FUTURE.pol
+++ fedora-crypto-policies-20230614.5f3458e/tests/alternative-policies/FUTURE.pol
@@ -71,7 +71,3 @@ sha1_in_dnssec = 0
 arbitrary_dh_groups = 1
 ssh_certs = 1
@ -84,52 +84,52 @@ Index: fedora-crypto-policies-20230420.3d08ae7/tests/alternative-policies/FUTURE
 -# https://fedoraproject.org/wiki/Changes/StrongCryptoSettings3Preview1
 -# SHA-1 signatures are blocked in OpenSSL in FUTURE only
 -__openssl_block_sha1_signatures = 1
-Index: fedora-crypto-policies-20230420.3d08ae7/tests/outputs/DEFAULT-opensslcnf.txt
+Index: fedora-crypto-policies-20230614.5f3458e/tests/outputs/DEFAULT-opensslcnf.txt
 ===================================================================
--- fedora-crypto-policies-20230420.3d08ae7.orig/tests/outputs/DEFAULT-opensslcnf.txt
-+++ fedora-crypto-policies-20230420.3d08ae7/tests/outputs/DEFAULT-opensslcnf.txt
+--- fedora-crypto-policies-20230614.5f3458e.orig/tests/outputs/DEFAULT-opensslcnf.txt
+++ fedora-crypto-policies-20230614.5f3458e/tests/outputs/DEFAULT-opensslcnf.txt
@@ -6,9 +6,3 @@ DTLS.MinProtocol = DTLSv1.2
 DTLS.MaxProtocol = DTLSv1.2
 SignatureAlgorithms = ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA512:ed25519:ed448:rsa_pss_pss_sha256:rsa_pss_pss_sha384:rsa_pss_pss_sha512:rsa_pss_rsae_sha256:rsa_pss_rsae_sha384:rsa_pss_rsae_sha512:RSA+SHA256:RSA+SHA384:RSA+SHA512:ECDSA+SHA224:RSA+SHA224
- Groups = X25519:X448:secp256r1:secp384r1:secp521r1:ffdhe2048:ffdhe3072:ffdhe4096:ffdhe6144:ffdhe8192
+ Groups = X25519:secp256r1:X448:secp521r1:secp384r1:ffdhe2048:ffdhe3072:ffdhe4096:ffdhe6144:ffdhe8192
 -
 -[openssl_init]
 -alg_section = evp_properties
 -
 -[evp_properties]
 -rh-allow-sha1-signatures = yes
-Index: fedora-crypto-policies-20230420.3d08ae7/tests/outputs/DEFAULT:FEDORA32-opensslcnf.txt
+Index: fedora-crypto-policies-20230614.5f3458e/tests/outputs/DEFAULT:FEDORA32-opensslcnf.txt
 ===================================================================
--- fedora-crypto-policies-20230420.3d08ae7.orig/tests/outputs/DEFAULT:FEDORA32-opensslcnf.txt
-+++ fedora-crypto-policies-20230420.3d08ae7/tests/outputs/DEFAULT:FEDORA32-opensslcnf.txt
+--- fedora-crypto-policies-20230614.5f3458e.orig/tests/outputs/DEFAULT:FEDORA32-opensslcnf.txt
+++ fedora-crypto-policies-20230614.5f3458e/tests/outputs/DEFAULT:FEDORA32-opensslcnf.txt
@@ -6,9 +6,3 @@ DTLS.MinProtocol = DTLSv1
 DTLS.MaxProtocol = DTLSv1.2
 SignatureAlgorithms = ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA512:ed25519:ed448:rsa_pss_pss_sha256:rsa_pss_pss_sha384:rsa_pss_pss_sha512:rsa_pss_rsae_sha256:rsa_pss_rsae_sha384:rsa_pss_rsae_sha512:RSA+SHA256:RSA+SHA384:RSA+SHA512:ECDSA+SHA224:RSA+SHA224:ECDSA+SHA1:RSA+SHA1
- Groups = X25519:X448:secp256r1:secp384r1:secp521r1:ffdhe2048:ffdhe3072:ffdhe4096:ffdhe6144:ffdhe8192
+ Groups = X25519:secp256r1:X448:secp521r1:secp384r1:ffdhe2048:ffdhe3072:ffdhe4096:ffdhe6144:ffdhe8192
 -
 -[openssl_init]
 -alg_section = evp_properties
 -
 -[evp_properties]
 -rh-allow-sha1-signatures = yes
-Index: fedora-crypto-policies-20230420.3d08ae7/tests/outputs/DEFAULT:GOST-opensslcnf.txt
+Index: fedora-crypto-policies-20230614.5f3458e/tests/outputs/DEFAULT:GOST-opensslcnf.txt
 ===================================================================
--- fedora-crypto-policies-20230420.3d08ae7.orig/tests/outputs/DEFAULT:GOST-opensslcnf.txt
-+++ fedora-crypto-policies-20230420.3d08ae7/tests/outputs/DEFAULT:GOST-opensslcnf.txt
+--- fedora-crypto-policies-20230614.5f3458e.orig/tests/outputs/DEFAULT:GOST-opensslcnf.txt
+++ fedora-crypto-policies-20230614.5f3458e/tests/outputs/DEFAULT:GOST-opensslcnf.txt
@@ -6,9 +6,3 @@ DTLS.MinProtocol = DTLSv1.2
 DTLS.MaxProtocol = DTLSv1.2
 SignatureAlgorithms = ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA512:ed25519:ed448:rsa_pss_pss_sha256:rsa_pss_pss_sha384:rsa_pss_pss_sha512:rsa_pss_rsae_sha256:rsa_pss_rsae_sha384:rsa_pss_rsae_sha512:RSA+SHA256:RSA+SHA384:RSA+SHA512:ECDSA+SHA224:RSA+SHA224
- Groups = X25519:X448:secp256r1:secp384r1:secp521r1:ffdhe2048:ffdhe3072:ffdhe4096:ffdhe6144:ffdhe8192
+ Groups = X25519:secp256r1:X448:secp521r1:secp384r1:ffdhe2048:ffdhe3072:ffdhe4096:ffdhe6144:ffdhe8192
 -
 -[openssl_init]
 -alg_section = evp_properties
 -
 -[evp_properties]
 -rh-allow-sha1-signatures = yes
-Index: fedora-crypto-policies-20230420.3d08ae7/tests/outputs/EMPTY-opensslcnf.txt
+Index: fedora-crypto-policies-20230614.5f3458e/tests/outputs/EMPTY-opensslcnf.txt
 ===================================================================
--- fedora-crypto-policies-20230420.3d08ae7.orig/tests/outputs/EMPTY-opensslcnf.txt
-+++ fedora-crypto-policies-20230420.3d08ae7/tests/outputs/EMPTY-opensslcnf.txt
+--- fedora-crypto-policies-20230614.5f3458e.orig/tests/outputs/EMPTY-opensslcnf.txt
+++ fedora-crypto-policies-20230614.5f3458e/tests/outputs/EMPTY-opensslcnf.txt
@@ -2,9 +2,3 @@ CipherString = @SECLEVEL=0:-kPSK:-kDHEPS
 Ciphersuites = 
 SignatureAlgorithms = 
@ -140,66 +140,52 @@ Index: fedora-crypto-policies-20230420.3d08ae7/tests/outputs/EMPTY-opensslcnf.tx
 -
 -[evp_properties]
 -rh-allow-sha1-signatures = yes
-Index: fedora-crypto-policies-20230420.3d08ae7/tests/outputs/FIPS-opensslcnf.txt
+Index: fedora-crypto-policies-20230614.5f3458e/tests/outputs/FIPS-opensslcnf.txt
 ===================================================================
--- fedora-crypto-policies-20230420.3d08ae7.orig/tests/outputs/FIPS-opensslcnf.txt
-+++ fedora-crypto-policies-20230420.3d08ae7/tests/outputs/FIPS-opensslcnf.txt
+--- fedora-crypto-policies-20230614.5f3458e.orig/tests/outputs/FIPS-opensslcnf.txt
+++ fedora-crypto-policies-20230614.5f3458e/tests/outputs/FIPS-opensslcnf.txt
@@ -6,9 +6,3 @@ DTLS.MinProtocol = DTLSv1.2
 DTLS.MaxProtocol = DTLSv1.2
 SignatureAlgorithms = ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA512:rsa_pss_pss_sha256:rsa_pss_pss_sha384:rsa_pss_pss_sha512:rsa_pss_rsae_sha256:rsa_pss_rsae_sha384:rsa_pss_rsae_sha512:RSA+SHA256:RSA+SHA384:RSA+SHA512:ECDSA+SHA224:RSA+SHA224
- Groups = secp256r1:secp384r1:secp521r1:ffdhe2048:ffdhe3072:ffdhe4096:ffdhe6144:ffdhe8192
+ Groups = secp256r1:secp521r1:secp384r1:ffdhe2048:ffdhe3072:ffdhe4096:ffdhe6144:ffdhe8192
 -
 -[openssl_init]
 -alg_section = evp_properties
 -
 -[evp_properties]
 -rh-allow-sha1-signatures = yes
-Index: fedora-crypto-policies-20230420.3d08ae7/tests/outputs/FIPS:ECDHE-ONLY-opensslcnf.txt
+Index: fedora-crypto-policies-20230614.5f3458e/tests/outputs/FIPS:ECDHE-ONLY-opensslcnf.txt
 ===================================================================
--- fedora-crypto-policies-20230420.3d08ae7.orig/tests/outputs/FIPS:ECDHE-ONLY-opensslcnf.txt
-+++ fedora-crypto-policies-20230420.3d08ae7/tests/outputs/FIPS:ECDHE-ONLY-opensslcnf.txt
+--- fedora-crypto-policies-20230614.5f3458e.orig/tests/outputs/FIPS:ECDHE-ONLY-opensslcnf.txt
+++ fedora-crypto-policies-20230614.5f3458e/tests/outputs/FIPS:ECDHE-ONLY-opensslcnf.txt
@@ -6,9 +6,3 @@ DTLS.MinProtocol = DTLSv1.2
 DTLS.MaxProtocol = DTLSv1.2
 SignatureAlgorithms = ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA512:rsa_pss_pss_sha256:rsa_pss_pss_sha384:rsa_pss_pss_sha512:rsa_pss_rsae_sha256:rsa_pss_rsae_sha384:rsa_pss_rsae_sha512:RSA+SHA256:RSA+SHA384:RSA+SHA512:ECDSA+SHA224:RSA+SHA224
- Groups = secp256r1:secp384r1:secp521r1
+ Groups = secp256r1:secp521r1:secp384r1
 -
 -[openssl_init]
 -alg_section = evp_properties
 -
 -[evp_properties]
 -rh-allow-sha1-signatures = yes
-Index: fedora-crypto-policies-20230420.3d08ae7/tests/outputs/FIPS:OSPP-opensslcnf.txt
+Index: fedora-crypto-policies-20230614.5f3458e/tests/outputs/FUTURE-opensslcnf.txt
 ===================================================================
--- fedora-crypto-policies-20230420.3d08ae7.orig/tests/outputs/FIPS:OSPP-opensslcnf.txt
-+++ fedora-crypto-policies-20230420.3d08ae7/tests/outputs/FIPS:OSPP-opensslcnf.txt
-@@ -6,9 +6,3 @@ DTLS.MinProtocol = DTLSv1.2
- DTLS.MaxProtocol = DTLSv1.2
- SignatureAlgorithms = ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA512:rsa_pss_pss_sha256:rsa_pss_pss_sha384:rsa_pss_pss_sha512:rsa_pss_rsae_sha256:rsa_pss_rsae_sha384:rsa_pss_rsae_sha512:RSA+SHA256:RSA+SHA384:RSA+SHA512
- Groups = secp256r1:secp384r1:secp521r1:ffdhe2048:ffdhe3072:ffdhe4096:ffdhe6144:ffdhe8192
-
-[openssl_init]
-alg_section = evp_properties
-
-[evp_properties]
-rh-allow-sha1-signatures = yes
-Index: fedora-crypto-policies-20230420.3d08ae7/tests/outputs/FUTURE-opensslcnf.txt
-===================================================================
--- fedora-crypto-policies-20230420.3d08ae7.orig/tests/outputs/FUTURE-opensslcnf.txt
-+++ fedora-crypto-policies-20230420.3d08ae7/tests/outputs/FUTURE-opensslcnf.txt
+--- fedora-crypto-policies-20230614.5f3458e.orig/tests/outputs/FUTURE-opensslcnf.txt
+++ fedora-crypto-policies-20230614.5f3458e/tests/outputs/FUTURE-opensslcnf.txt
@@ -6,9 +6,3 @@ DTLS.MinProtocol = DTLSv1.2
 DTLS.MaxProtocol = DTLSv1.2
 SignatureAlgorithms = ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA512:ed25519:ed448:rsa_pss_pss_sha256:rsa_pss_pss_sha384:rsa_pss_pss_sha512:rsa_pss_rsae_sha256:rsa_pss_rsae_sha384:rsa_pss_rsae_sha512:RSA+SHA256:RSA+SHA384:RSA+SHA512
- Groups = X25519:X448:secp256r1:secp384r1:secp521r1:ffdhe3072:ffdhe4096:ffdhe6144:ffdhe8192
+ Groups = X25519:secp256r1:X448:secp521r1:secp384r1:ffdhe3072:ffdhe4096:ffdhe6144:ffdhe8192
 -
 -[openssl_init]
 -alg_section = evp_properties
 -
 -[evp_properties]
 -rh-allow-sha1-signatures = no
-Index: fedora-crypto-policies-20230420.3d08ae7/tests/outputs/GOST-ONLY-opensslcnf.txt
+Index: fedora-crypto-policies-20230614.5f3458e/tests/outputs/GOST-ONLY-opensslcnf.txt
 ===================================================================
--- fedora-crypto-policies-20230420.3d08ae7.orig/tests/outputs/GOST-ONLY-opensslcnf.txt
-+++ fedora-crypto-policies-20230420.3d08ae7/tests/outputs/GOST-ONLY-opensslcnf.txt
+--- fedora-crypto-policies-20230614.5f3458e.orig/tests/outputs/GOST-ONLY-opensslcnf.txt
+++ fedora-crypto-policies-20230614.5f3458e/tests/outputs/GOST-ONLY-opensslcnf.txt
@@ -4,9 +4,3 @@ TLS.MinProtocol = TLSv1
 TLS.MaxProtocol = TLSv1.3
 SignatureAlgorithms = 
@ -210,38 +196,38 @@ Index: fedora-crypto-policies-20230420.3d08ae7/tests/outputs/GOST-ONLY-opensslcn
 -
 -[evp_properties]
 -rh-allow-sha1-signatures = yes
-Index: fedora-crypto-policies-20230420.3d08ae7/tests/outputs/LEGACY-opensslcnf.txt
+Index: fedora-crypto-policies-20230614.5f3458e/tests/outputs/LEGACY-opensslcnf.txt
 ===================================================================
--- fedora-crypto-policies-20230420.3d08ae7.orig/tests/outputs/LEGACY-opensslcnf.txt
-+++ fedora-crypto-policies-20230420.3d08ae7/tests/outputs/LEGACY-opensslcnf.txt
+--- fedora-crypto-policies-20230614.5f3458e.orig/tests/outputs/LEGACY-opensslcnf.txt
+++ fedora-crypto-policies-20230614.5f3458e/tests/outputs/LEGACY-opensslcnf.txt
@@ -6,9 +6,3 @@ DTLS.MinProtocol = DTLSv1
 DTLS.MaxProtocol = DTLSv1.2
 SignatureAlgorithms = ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA512:ed25519:ed448:rsa_pss_pss_sha256:rsa_pss_pss_sha384:rsa_pss_pss_sha512:rsa_pss_rsae_sha256:rsa_pss_rsae_sha384:rsa_pss_rsae_sha512:RSA+SHA256:RSA+SHA384:RSA+SHA512:ECDSA+SHA224:RSA+SHA224:DSA+SHA256:DSA+SHA384:DSA+SHA512:DSA+SHA224:ECDSA+SHA1:RSA+SHA1:DSA+SHA1
- Groups = X25519:X448:secp256r1:secp384r1:secp521r1:ffdhe2048:ffdhe3072:ffdhe4096:ffdhe6144:ffdhe8192
+ Groups = X25519:secp256r1:X448:secp521r1:secp384r1:ffdhe2048:ffdhe3072:ffdhe4096:ffdhe6144:ffdhe8192
 -
 -[openssl_init]
 -alg_section = evp_properties
 -
 -[evp_properties]
 -rh-allow-sha1-signatures = yes
-Index: fedora-crypto-policies-20230420.3d08ae7/tests/outputs/LEGACY:AD-SUPPORT-opensslcnf.txt
+Index: fedora-crypto-policies-20230614.5f3458e/tests/outputs/LEGACY:AD-SUPPORT-opensslcnf.txt
 ===================================================================
--- fedora-crypto-policies-20230420.3d08ae7.orig/tests/outputs/LEGACY:AD-SUPPORT-opensslcnf.txt
-+++ fedora-crypto-policies-20230420.3d08ae7/tests/outputs/LEGACY:AD-SUPPORT-opensslcnf.txt
+--- fedora-crypto-policies-20230614.5f3458e.orig/tests/outputs/LEGACY:AD-SUPPORT-opensslcnf.txt
+++ fedora-crypto-policies-20230614.5f3458e/tests/outputs/LEGACY:AD-SUPPORT-opensslcnf.txt
@@ -6,9 +6,3 @@ DTLS.MinProtocol = DTLSv1
 DTLS.MaxProtocol = DTLSv1.2
 SignatureAlgorithms = ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA512:ed25519:ed448:rsa_pss_pss_sha256:rsa_pss_pss_sha384:rsa_pss_pss_sha512:rsa_pss_rsae_sha256:rsa_pss_rsae_sha384:rsa_pss_rsae_sha512:RSA+SHA256:RSA+SHA384:RSA+SHA512:ECDSA+SHA224:RSA+SHA224:DSA+SHA256:DSA+SHA384:DSA+SHA512:DSA+SHA224:ECDSA+SHA1:RSA+SHA1:DSA+SHA1
- Groups = X25519:X448:secp256r1:secp384r1:secp521r1:ffdhe2048:ffdhe3072:ffdhe4096:ffdhe6144:ffdhe8192
+ Groups = X25519:secp256r1:X448:secp521r1:secp384r1:ffdhe2048:ffdhe3072:ffdhe4096:ffdhe6144:ffdhe8192
 -
 -[openssl_init]
 -alg_section = evp_properties
 -
 -[evp_properties]
 -rh-allow-sha1-signatures = yes
-Index: fedora-crypto-policies-20230420.3d08ae7/tests/unit/test_cryptopolicy.py
+Index: fedora-crypto-policies-20230614.5f3458e/tests/unit/test_cryptopolicy.py
 ===================================================================
--- fedora-crypto-policies-20230420.3d08ae7.orig/tests/unit/test_cryptopolicy.py
-+++ fedora-crypto-policies-20230420.3d08ae7/tests/unit/test_cryptopolicy.py
+--- fedora-crypto-policies-20230614.5f3458e.orig/tests/unit/test_cryptopolicy.py
+++ fedora-crypto-policies-20230614.5f3458e/tests/unit/test_cryptopolicy.py
@@ -260,7 +260,6 @@ def test_cryptopolicy_to_string_empty(tm
         min_dh_size = 0
         min_dsa_size = 0
@ -258,10 +244,10 @@ Index: fedora-crypto-policies-20230420.3d08ae7/tests/unit/test_cryptopolicy.py
         sha1_in_certs = 0
         ssh_certs = 0
         ssh_etm = 0
-Index: fedora-crypto-policies-20230420.3d08ae7/policies/TEST-FEDORA39.pol
+Index: fedora-crypto-policies-20230614.5f3458e/policies/TEST-FEDORA39.pol
 ===================================================================
--- fedora-crypto-policies-20230420.3d08ae7.orig/policies/TEST-FEDORA39.pol
-+++ fedora-crypto-policies-20230420.3d08ae7/policies/TEST-FEDORA39.pol
+--- fedora-crypto-policies-20230614.5f3458e.orig/policies/TEST-FEDORA39.pol
+++ fedora-crypto-policies-20230614.5f3458e/policies/TEST-FEDORA39.pol
@@ -67,7 +67,3 @@ sha1_in_certs = 0
 arbitrary_dh_groups = 1
 ssh_certs = 1
@ -270,3 +256,45 @@ Index: fedora-crypto-policies-20230420.3d08ae7/policies/TEST-FEDORA39.pol
 -# https://fedoraproject.org/wiki/Changes/StrongCryptoSettings3Forewarning1
 -# SHA-1 signatures will blocked in OpenSSL
 -__openssl_block_sha1_signatures = 1
+Index: fedora-crypto-policies-20230614.5f3458e/tests/outputs/FEDORA38-opensslcnf.txt
+===================================================================
+--- fedora-crypto-policies-20230614.5f3458e.orig/tests/outputs/FEDORA38-opensslcnf.txt
+++ fedora-crypto-policies-20230614.5f3458e/tests/outputs/FEDORA38-opensslcnf.txt
+@@ -6,9 +6,3 @@ DTLS.MinProtocol = DTLSv1.2
+ DTLS.MaxProtocol = DTLSv1.2
+ SignatureAlgorithms = ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA512:ed25519:ed448:rsa_pss_pss_sha256:rsa_pss_pss_sha384:rsa_pss_pss_sha512:rsa_pss_rsae_sha256:rsa_pss_rsae_sha384:rsa_pss_rsae_sha512:RSA+SHA256:RSA+SHA384:RSA+SHA512:ECDSA+SHA224:RSA+SHA224
+ Groups = X25519:secp256r1:X448:secp521r1:secp384r1:ffdhe2048:ffdhe3072:ffdhe4096:ffdhe6144:ffdhe8192
+-
+-[openssl_init]
+-alg_section = evp_properties
+-
+-[evp_properties]
+-rh-allow-sha1-signatures = yes
+Index: fedora-crypto-policies-20230614.5f3458e/tests/outputs/TEST-FEDORA39-opensslcnf.txt
+===================================================================
+--- fedora-crypto-policies-20230614.5f3458e.orig/tests/outputs/TEST-FEDORA39-opensslcnf.txt
+++ fedora-crypto-policies-20230614.5f3458e/tests/outputs/TEST-FEDORA39-opensslcnf.txt
+@@ -6,9 +6,3 @@ DTLS.MinProtocol = DTLSv1.2
+ DTLS.MaxProtocol = DTLSv1.2
+ SignatureAlgorithms = ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA512:ed25519:ed448:rsa_pss_pss_sha256:rsa_pss_pss_sha384:rsa_pss_pss_sha512:rsa_pss_rsae_sha256:rsa_pss_rsae_sha384:rsa_pss_rsae_sha512:RSA+SHA256:RSA+SHA384:RSA+SHA512:ECDSA+SHA224:RSA+SHA224
+ Groups = X25519:secp256r1:X448:secp521r1:secp384r1:ffdhe2048:ffdhe3072:ffdhe4096:ffdhe6144:ffdhe8192
+-
+-[openssl_init]
+-alg_section = evp_properties
+-
+-[evp_properties]
+-rh-allow-sha1-signatures = no
+Index: fedora-crypto-policies-20230614.5f3458e/tests/outputs/FIPS:OSPP-opensslcnf.txt
+===================================================================
+--- fedora-crypto-policies-20230614.5f3458e.orig/tests/outputs/FIPS:OSPP-opensslcnf.txt
+++ fedora-crypto-policies-20230614.5f3458e/tests/outputs/FIPS:OSPP-opensslcnf.txt
+@@ -6,9 +6,3 @@ DTLS.MinProtocol = DTLSv1.2
+ DTLS.MaxProtocol = DTLSv1.2
+ SignatureAlgorithms = ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA512:rsa_pss_pss_sha256:rsa_pss_pss_sha384:rsa_pss_pss_sha512:rsa_pss_rsae_sha256:rsa_pss_rsae_sha384:rsa_pss_rsae_sha512:RSA+SHA256:RSA+SHA384:RSA+SHA512
+ Groups = secp256r1:secp521r1:secp384r1:ffdhe2048:ffdhe3072:ffdhe4096:ffdhe6144:ffdhe8192
+-
+-[openssl_init]
+-alg_section = evp_properties
+-
+-[evp_properties]
+-rh-allow-sha1-signatures = yes
--- a/crypto-policies-supported.patch
+++ b/crypto-policies-supported.patch
@ -16,7 +16,7 @@ Index: fedora-crypto-policies-20230420.3d08ae7/update-crypto-policies.8.txt
 +* NSS library (NSS, SSL, TLS) (Not supported)
 
 -* OpenJDK (java-tls, SSL, TLS)
-+* OpenJDK (java-tls, SSL, TLS) (Supported only for java-1_8_0-openjdk and java-11-openjdk)
+* OpenJDK (java-tls, SSL, TLS) (Supported)
 
 -* Libkrb5 (krb5, kerberos)
 +* Libkrb5 (krb5, kerberos) (Not supported)
--- a/crypto-policies.7.gz
+++ b/crypto-policies.7.gz
@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:08e4778d0c659ec3d5f408ba889634255f462b5fe6ee0d22194347103da69a7e
-size 6896
+oid sha256:5eceb5b5a5360d08e1f85163bea95bdb84c748e1e3836765b400773d42bba1c9
+size 6937
--- a/crypto-policies.changes
+++ b/crypto-policies.changes
@ -1,3 +1,18 @@
+-------------------------------------------------------------------
+Fri Jul 14 14:59:06 UTC 2023 - Marcus Meissner <meissner@suse.com>
+
+- BSI.pol: Added a new BSI policy for BSI TR 02102* (jsc#PED-4933)
+  derived from NEXT.pol
+
+-------------------------------------------------------------------
+Thu Jul 13 06:36:20 UTC 2023 - Pedro Monreal <pmonreal@suse.com>
+
+- Update to version 20230614.5f3458e:
+  * policies: impose old OpenSSL groups order for all back-ends
+  * Rebase patches:
+    - crypto-policies-revert-rh-allow-sha1-signatures.patch
+    - crypto-policies-supported.patch
+
 -------------------------------------------------------------------
 Thu May 25 11:28:12 UTC 2023 - Pedro Monreal <pmonreal@suse.com>

--- a/crypto-policies.spec
+++ b/crypto-policies.spec
@ -22,7 +22,7 @@
 %bcond_with manbuild
 %global _python_bytecompile_extra 0
 Name:           crypto-policies
-Version:        20230420.3d08ae7
+Version:        20230614.5f3458e
 Release:        0
 Summary:        System-wide crypto policies
 License:        LGPL-2.1-or-later
@ -35,6 +35,8 @@ Source3:        update-crypto-policies.8.gz
 Source4:        fips-mode-setup.8.gz
 Source5:        fips-finish-install.8.gz
 Source6:        crypto-policies-rpmlintrc
+# BSI TR-02102 encoded for jsc#PED-4933 (customer request to have BSI TR-02102 policies)
+Source7:        BSI.pol
 %if %{without manbuild}
 #PATCH-FIX-OPENSUSE Manpages build cycles and dependencies
 # To reduce the build dependencies in Ring0, we have to compile the
@ -58,7 +60,7 @@ BuildRequires:  python3-base >= 3.6
 BuildRequires:  asciidoc
 %endif
 %if %{with testsuite}
-# The following buildrequires are needed for the testsuite
+# The following packages are needed for the testsuite
 BuildRequires:  bind
 BuildRequires:  gnutls >= 3.6.0
 BuildRequires:  java-devel
@ -92,6 +94,7 @@ such as SSL/TLS libraries.
 %package scripts
 Summary:        Tool to switch between crypto policies
 Requires:       %{name} = %{version}-%{release}
+Recommends:     grubby

 %description scripts
 This package provides a tool update-crypto-policies, which applies
@ -99,6 +102,9 @@ the policies provided by the crypto-policies package. These can be
 either the pre-built policies from the base package or custom policies
 defined in simple policy definition files.

+The package also provides a tool fips-mode-setup, which can be used
+to enable or disable the system FIPS mode.
+
 %prep
 %autosetup -p1 -n fedora-%{name}-%{version}

@ -111,6 +117,9 @@ find -name sequoia.py -delete

 %build
 export OPENSSL_CONF=''
+sed -i "s/MIN_RSA_DEFAULT = .*/MIN_RSA_DEFAULT = 'RequiredRSASize'/" \
+    python/policygenerators/openssh.py
+grep "MIN_RSA_DEFAULT = 'RequiredRSASize'" python/policygenerators/openssh.py
 %make_build

 %install
@ -124,6 +133,10 @@ mkdir -p -m 755 %{buildroot}%{_sysconfdir}/crypto-policies/policies/modules/
 mkdir -p -m 755 %{buildroot}%{_bindir}

 make DESTDIR=%{buildroot} DIR=%{_datarootdir}/crypto-policies MANDIR=%{_mandir} %{?_smp_mflags} install
+
+# BSI.pol
+install -c -m 644 %{SOURCE7} %{buildroot}/%{_datarootdir}/crypto-policies/policies/
+
 install -p -m 644 default-config %{buildroot}%{_sysconfdir}/crypto-policies/config
 touch %{buildroot}%{_sysconfdir}/crypto-policies/state/current
 touch %{buildroot}%{_sysconfdir}/crypto-policies/state/CURRENT.pol
@ -168,7 +181,7 @@ install -p -m 644 %{SOURCE1} %{buildroot}%{_sysconfdir}/crypto-policies
 %check
 %if %{with testsuite}
 export OPENSSL_CONF=''
-%make_build test || :
+%make_build test test-install test-fips-setup || :
 %endif

 %post -p <lua>
--- a/fedora-crypto-policies-20230420.3d08ae7.tar.gz
+++ b/fedora-crypto-policies-20230420.3d08ae7.tar.gz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:0554a9e3965970a2233dee8770fe414527e073b80106db89a1170fa845c3903b
-size 85811
--- a/fedora-crypto-policies-20230614.5f3458e.tar.gz
+++ b/fedora-crypto-policies-20230614.5f3458e.tar.gz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:40cb4cf8f865336b269fdad5d3f5ab81c8dd8c823cb2b2282f6a96252a529dae
+size 85187
--- a/fips-finish-install.8.gz
+++ b/fips-finish-install.8.gz
@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:c127272faa0580e5969d1a1b33ea4a8811a60da45d23fe50a782eaaf8c0c9075
-size 824
+oid sha256:b0c4844eb573ddb5517d78c0e2e663066413ef3807dfa63df5ee43c0fefe1582
+size 825
--- a/fips-mode-setup.8.gz
+++ b/fips-mode-setup.8.gz
@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:7a427092b98f11bf8bb0606afd71dbe1d153362f9c3a15ed53e479436f45e43b
-size 1541
+oid sha256:af453be70b0971f4e4139eec3b669bee3b5195df2d7c28853d3fd4c4006cbb1b
+size 1542
--- a/update-crypto-policies.8.gz
+++ b/update-crypto-policies.8.gz
@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:3530ed7a871a3b9c72ea761ff45f9a80ab2720f76bb223e58debad848b8aa7a1
-size 4178
+oid sha256:cad2a9da340059b6ba7b84c9646a85f113cb8781d55c0ea5c8aa0422ea632c3c
+size 4154