diff --git a/openssl-1_1-disable-test_srp-sslapi.patch b/openssl-1_1-disable-test_srp-sslapi.patch new file mode 100644 index 0000000..0699791 --- /dev/null +++ b/openssl-1_1-disable-test_srp-sslapi.patch @@ -0,0 +1,13 @@ +Index: openssl-1.1.1i/test/sslapitest.c +=================================================================== +--- openssl-1.1.1i.orig/test/sslapitest.c ++++ openssl-1.1.1i/test/sslapitest.c +@@ -6766,7 +6766,7 @@ int setup_tests(void) + #endif + ADD_ALL_TESTS(test_ssl_clear, 2); + ADD_ALL_TESTS(test_max_fragment_len_ext, OSSL_NELEM(max_fragment_len_test)); +-#if !defined(OPENSSL_NO_SRP) && !defined(OPENSSL_NO_TLS1_2) ++#if !defined(OPENSSL_NO_SRP) && !defined(OPENSSL_NO_TLS1_2) && 0 + ADD_ALL_TESTS(test_srp, 6); + #endif + ADD_ALL_TESTS(test_info_callback, 6); diff --git a/openssl-1_1-seclevel.patch b/openssl-1_1-seclevel.patch new file mode 100644 index 0000000..e7cce59 --- /dev/null +++ b/openssl-1_1-seclevel.patch @@ -0,0 +1,160 @@ +diff -up openssl-1.1.1g/crypto/x509/x509_vfy.c.seclevel openssl-1.1.1g/crypto/x509/x509_vfy.c +--- openssl-1.1.1g/crypto/x509/x509_vfy.c.seclevel 2020-04-21 14:22:39.000000000 +0200 ++++ openssl-1.1.1g/crypto/x509/x509_vfy.c 2020-06-05 17:16:54.835536823 +0200 +@@ -3225,6 +3225,7 @@ static int build_chain(X509_STORE_CTX *c + } + + static const int minbits_table[] = { 80, 112, 128, 192, 256 }; ++static const int minbits_digest_table[] = { 80, 80, 128, 192, 256 }; + static const int NUM_AUTH_LEVELS = OSSL_NELEM(minbits_table); + + /* +@@ -3276,6 +3277,11 @@ static int check_sig_level(X509_STORE_CT + + if (!X509_get_signature_info(cert, NULL, NULL, &secbits, NULL)) + return 0; +- +- return secbits >= minbits_table[level - 1]; ++ /* ++ * Allow SHA1 in SECLEVEL 2 in non-FIPS mode or when the magic ++ * disable SHA1 flag is not set. ++ */ ++ if ((ctx->param->flags & 0x40000000) || FIPS_mode()) ++ return secbits >= minbits_table[level - 1]; ++ return secbits >= minbits_digest_table[level - 1]; + } +diff -up openssl-1.1.1g/doc/man3/SSL_CTX_set_security_level.pod.seclevel openssl-1.1.1g/doc/man3/SSL_CTX_set_security_level.pod +--- openssl-1.1.1g/doc/man3/SSL_CTX_set_security_level.pod.seclevel 2020-04-21 14:22:39.000000000 +0200 ++++ openssl-1.1.1g/doc/man3/SSL_CTX_set_security_level.pod 2020-06-04 15:48:01.608178833 +0200 +@@ -81,8 +81,10 @@ using MD5 for the MAC is also prohibited + + =item B + +-Security level set to 112 bits of security. As a result RSA, DSA and DH keys +-shorter than 2048 bits and ECC keys shorter than 224 bits are prohibited. ++Security level set to 112 bits of security with the exception of SHA1 allowed ++for signatures. ++As a result RSA, DSA and DH keys shorter than 2048 bits and ECC keys ++shorter than 224 bits are prohibited. + In addition to the level 1 exclusions any cipher suite using RC4 is also + prohibited. SSL version 3 is also not allowed. Compression is disabled. + +diff -up openssl-1.1.1g/ssl/ssl_cert.c.seclevel openssl-1.1.1g/ssl/ssl_cert.c +--- openssl-1.1.1g/ssl/ssl_cert.c.seclevel 2020-04-21 14:22:39.000000000 +0200 ++++ openssl-1.1.1g/ssl/ssl_cert.c 2020-06-05 17:10:11.842198401 +0200 +@@ -27,6 +27,7 @@ + static int ssl_security_default_callback(const SSL *s, const SSL_CTX *ctx, + int op, int bits, int nid, void *other, + void *ex); ++static unsigned long sha1_disable(const SSL *s, const SSL_CTX *ctx); + + static CRYPTO_ONCE ssl_x509_store_ctx_once = CRYPTO_ONCE_STATIC_INIT; + static volatile int ssl_x509_store_ctx_idx = -1; +@@ -396,7 +397,7 @@ int ssl_verify_cert_chain(SSL *s, STACK_ + X509_VERIFY_PARAM_set_auth_level(param, SSL_get_security_level(s)); + + /* Set suite B flags if needed */ +- X509_STORE_CTX_set_flags(ctx, tls1_suiteb(s)); ++ X509_STORE_CTX_set_flags(ctx, tls1_suiteb(s) | sha1_disable(s, NULL)); + if (!X509_STORE_CTX_set_ex_data + (ctx, SSL_get_ex_data_X509_STORE_CTX_idx(), s)) { + goto end; +@@ -953,12 +954,33 @@ static int ssl_security_default_callback + return 0; + break; + default: ++ /* allow SHA1 in SECLEVEL 2 in non FIPS mode */ ++ if (nid == NID_sha1 && minbits == 112 && !sha1_disable(s, ctx)) ++ break; + if (bits < minbits) + return 0; + } + return 1; + } + ++static unsigned long sha1_disable(const SSL *s, const SSL_CTX *ctx) ++{ ++ unsigned long ret = 0x40000000; /* a magical internal value used by X509_VERIFY_PARAM */ ++ const CERT *c; ++ ++ if (FIPS_mode()) ++ return ret; ++ ++ if (ctx != NULL) { ++ c = ctx->cert; ++ } else { ++ c = s->cert; ++ } ++ if (tls1_cert_sigalgs_have_sha1(c)) ++ return 0; ++ return ret; ++} ++ + int ssl_security(const SSL *s, int op, int bits, int nid, void *other) + { + return s->cert->sec_cb(s, NULL, op, bits, nid, other, s->cert->sec_ex); +diff -up openssl-1.1.1g/ssl/ssl_local.h.seclevel openssl-1.1.1g/ssl/ssl_local.h +--- openssl-1.1.1g/ssl/ssl_local.h.seclevel 2020-06-04 15:48:01.602178783 +0200 ++++ openssl-1.1.1g/ssl/ssl_local.h 2020-06-05 17:02:22.666313410 +0200 +@@ -2576,6 +2576,7 @@ __owur int tls1_save_sigalgs(SSL *s, PAC + __owur int tls1_process_sigalgs(SSL *s); + __owur int tls1_set_peer_legacy_sigalg(SSL *s, const EVP_PKEY *pkey); + __owur int tls1_lookup_md(const SIGALG_LOOKUP *lu, const EVP_MD **pmd); ++int tls1_cert_sigalgs_have_sha1(const CERT *c); + __owur size_t tls12_get_psigalgs(SSL *s, int sent, const uint16_t **psigs); + # ifndef OPENSSL_NO_EC + __owur int tls_check_sigalg_curve(const SSL *s, int curve); +diff -up openssl-1.1.1g/ssl/t1_lib.c.seclevel openssl-1.1.1g/ssl/t1_lib.c +--- openssl-1.1.1g/ssl/t1_lib.c.seclevel 2020-06-04 15:48:01.654179221 +0200 ++++ openssl-1.1.1g/ssl/t1_lib.c 2020-06-05 17:02:40.268459157 +0200 +@@ -2145,6 +2145,36 @@ int tls1_set_sigalgs(CERT *c, const int + return 0; + } + ++static int tls1_sigalgs_have_sha1(const uint16_t *sigalgs, size_t sigalgslen) ++{ ++ size_t i; ++ ++ for (i = 0; i < sigalgslen; i++, sigalgs++) { ++ const SIGALG_LOOKUP *lu = tls1_lookup_sigalg(*sigalgs); ++ ++ if (lu == NULL) ++ continue; ++ if (lu->hash == NID_sha1) ++ return 1; ++ } ++ return 0; ++} ++ ++ ++int tls1_cert_sigalgs_have_sha1(const CERT *c) ++{ ++ if (c->client_sigalgs != NULL) { ++ if (tls1_sigalgs_have_sha1(c->client_sigalgs, c->client_sigalgslen)) ++ return 1; ++ } ++ if (c->conf_sigalgs != NULL) { ++ if (tls1_sigalgs_have_sha1(c->conf_sigalgs, c->conf_sigalgslen)) ++ return 1; ++ return 0; ++ } ++ return 1; ++} ++ + static int tls1_check_sig_alg(SSL *s, X509 *x, int default_nid) + { + int sig_nid, use_pc_sigalgs = 0; +diff -up openssl-1.1.1g/test/recipes/25-test_verify.t.seclevel openssl-1.1.1g/test/recipes/25-test_verify.t +--- openssl-1.1.1g/test/recipes/25-test_verify.t.seclevel 2020-04-21 14:22:39.000000000 +0200 ++++ openssl-1.1.1g/test/recipes/25-test_verify.t 2020-06-04 15:48:01.608178833 +0200 +@@ -346,8 +346,8 @@ ok(verify("ee-pss-sha1-cert", "sslserver + ok(verify("ee-pss-sha256-cert", "sslserver", ["root-cert"], ["ca-cert"], ), + "CA with PSS signature using SHA256"); + +-ok(!verify("ee-pss-sha1-cert", "sslserver", ["root-cert"], ["ca-cert"], "-auth_level", "2"), +- "Reject PSS signature using SHA1 and auth level 2"); ++ok(!verify("ee-pss-sha1-cert", "sslserver", ["root-cert"], ["ca-cert"], "-auth_level", "3"), ++ "Reject PSS signature using SHA1 and auth level 3"); + + ok(verify("ee-pss-sha256-cert", "sslserver", ["root-cert"], ["ca-cert"], "-auth_level", "2"), + "PSS signature using SHA256 and auth level 2"); diff --git a/openssl-1_1-use-seclevel2-in-tests.patch b/openssl-1_1-use-seclevel2-in-tests.patch new file mode 100644 index 0000000..ca321ce --- /dev/null +++ b/openssl-1_1-use-seclevel2-in-tests.patch @@ -0,0 +1,38 @@ +Index: openssl-1.1.1d/test/ssl_test.c +=================================================================== +--- openssl-1.1.1d.orig/test/ssl_test.c ++++ openssl-1.1.1d/test/ssl_test.c +@@ -435,6 +440,7 @@ static int test_handshake(int idx) + #endif + if (test_ctx->method == SSL_TEST_METHOD_TLS) { + server_ctx = SSL_CTX_new(TLS_server_method()); ++ SSL_CTX_set_security_level(server_ctx, 1); + if (!TEST_true(SSL_CTX_set_max_proto_version(server_ctx, + TLS_MAX_VERSION))) + goto err; +@@ -443,21 +449,25 @@ static int test_handshake(int idx) + SSL_TEST_SERVERNAME_CB_NONE) { + if (!TEST_ptr(server2_ctx = SSL_CTX_new(TLS_server_method()))) + goto err; ++ SSL_CTX_set_security_level(server2_ctx, 1); + if (!TEST_true(SSL_CTX_set_max_proto_version(server2_ctx, + TLS_MAX_VERSION))) + goto err; + } + client_ctx = SSL_CTX_new(TLS_client_method()); ++ SSL_CTX_set_security_level(client_ctx, 1); + if (!TEST_true(SSL_CTX_set_max_proto_version(client_ctx, + TLS_MAX_VERSION))) + goto err; + + if (test_ctx->handshake_mode == SSL_TEST_HANDSHAKE_RESUME) { + resume_server_ctx = SSL_CTX_new(TLS_server_method()); ++ SSL_CTX_set_security_level(resume_server_ctx, 1); + if (!TEST_true(SSL_CTX_set_max_proto_version(resume_server_ctx, + TLS_MAX_VERSION))) + goto err; + resume_client_ctx = SSL_CTX_new(TLS_client_method()); ++ SSL_CTX_set_security_level(resume_client_ctx, 1); + if (!TEST_true(SSL_CTX_set_max_proto_version(resume_client_ctx, + TLS_MAX_VERSION))) + goto err; diff --git a/openssl-1_1.changes b/openssl-1_1.changes index 6257c41..5d11cad 100644 --- a/openssl-1_1.changes +++ b/openssl-1_1.changes @@ -1,3 +1,18 @@ +------------------------------------------------------------------- +Wed Jan 20 15:59:01 UTC 2021 - Pedro Monreal + +- Disable test_srp subsection from 90-test_sslapi.t test +- Use SECLEVEL 2 in 80-test_ssl_new.t +- Add patches: + * openssl-1_1-use-seclevel2-in-tests.patch + * openssl-1_1-disable-test_srp-sslapi.patch + +------------------------------------------------------------------- +Fri Jan 8 17:49:33 UTC 2021 - Pedro Monreal + +- Allow SHA1 in SECLEVEL 2 in non-FIPS mode +- Add openssl-1_1-seclevel.patch + ------------------------------------------------------------------- Thu Dec 17 17:16:08 UTC 2020 - Pedro Monreal diff --git a/openssl-1_1.spec b/openssl-1_1.spec index 6361cb4..9b40f36 100644 --- a/openssl-1_1.spec +++ b/openssl-1_1.spec @@ -87,6 +87,10 @@ Patch47: openssl-unknown_dgst.patch Patch50: openssl-s390x-assembly-pack-accelerate-X25519-X448-Ed25519-and-Ed448.patch Patch51: openssl-s390x-fix-x448-and-x448-test-vector-ctime-for-x25519-and-x448.patch Patch52: openssl-1.1.1-system-cipherlist.patch +# PATCH-FIX-OPENSUSE jsc#SLE-15832 Centralized Crypto Compliance Configuration +Patch53: openssl-1_1-seclevel.patch +Patch54: openssl-1_1-use-seclevel2-in-tests.patch +Patch55: openssl-1_1-disable-test_srp-sslapi.patch BuildRequires: pkgconfig Conflicts: ssl Provides: ssl @@ -212,8 +216,10 @@ make all %{?_smp_mflags} %check export MALLOC_CHECK_=3 export MALLOC_PERTURB_=$(($RANDOM % 255 + 1)) +#export HARNESS_VERBOSE=1 LD_LIBRARY_PATH=`pwd` make test -j1 -# show cyphers + +# show ciphers gcc -o showciphers %{optflags} -I%{buildroot}%{_includedir} %{SOURCE5} -L%{buildroot}%{_libdir} -lssl -lcrypto LD_LIBRARY_PATH=%{buildroot}%{_libdir} ./showciphers