From ba6be953da86e53a424a62177fdc028a3e5fc0637ef1511b19a6bb88c7646c97 Mon Sep 17 00:00:00 2001
From: Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
Date: Fri, 30 Sep 2022 10:26:12 +0000
Subject: [PATCH] Accepting request 1007029 from
 home:ohollmann:branches:home:jsikes:branches:security:tls

- Added openssl-1_1-paramgen-default_to_rfc7919.patch
  * bsc#1180995
  * Default to RFC7919 groups when generating ECDH parameters
    using 'genpkey' or 'dhparam' in FIPS mode.

OBS-URL: https://build.opensuse.org/request/show/1007029
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=119
---
 openssl-1_1-paramgen-default_to_rfc7919.patch | 88 +++++++++++++++++++
 openssl-1_1.changes                           |  8 ++
 openssl-1_1.spec                              |  2 +
 3 files changed, 98 insertions(+)
 create mode 100644 openssl-1_1-paramgen-default_to_rfc7919.patch

diff --git a/openssl-1_1-paramgen-default_to_rfc7919.patch b/openssl-1_1-paramgen-default_to_rfc7919.patch
new file mode 100644
index 0000000..8ec1f9f
--- /dev/null
+++ b/openssl-1_1-paramgen-default_to_rfc7919.patch
@@ -0,0 +1,88 @@
+diff --git a/apps/dhparam.c b/apps/dhparam.c
+index 98c7321..ac7feb4 100644
+--- a/apps/dhparam.c
++++ b/apps/dhparam.c
+@@ -194,15 +194,42 @@ int dhparam_main(int argc, char **argv)
+         } else
+ #endif
+         {
+-            dh = DH_new();
+-            BIO_printf(bio_err,
+-                       "Generating DH parameters, %d bit long safe prime, generator %d\n",
+-                       num, g);
+-            BIO_printf(bio_err, "This is going to take a long time\n");
+-            if (dh == NULL || !DH_generate_parameters_ex(dh, num, g, cb)) {
++#ifdef OPENSSL_FIPS
++          if (FIPS_mode()) {
++            /* In FIPS mode, instead of generating DH parameters we use parameters from an approved group,
++             in this case, RFC-7919. */
++            int param_nid;
++            switch (num) {
++            case 8192:
++              param_nid = NID_ffdhe8192;
++              break;
++            case 6144:
++              param_nid = NID_ffdhe6144;
++              break;
++            case 4096:
++              param_nid = NID_ffdhe4096;
++              break;
++            case 3072:
++              param_nid = NID_ffdhe3072;
++              break;
++            default:
++              param_nid = NID_ffdhe2048;
++              break;
++            }
++            dh = DH_new_by_nid(param_nid);
++          } else
++#endif /* OPENSSL_FIPS */
++            {
++              dh = DH_new();
++              BIO_printf(bio_err,
++                         "Generating DH parameters, %d bit long safe prime, generator %d\n",
++                         num, g);
++              BIO_printf(bio_err, "This is going to take a long time\n");
++              if (dh == NULL || !DH_generate_parameters_ex(dh, num, g, cb)) {
+                 BN_GENCB_free(cb);
+                 ERR_print_errors(bio_err);
+                 goto end;
++              }
+             }
+         }
+ 
+diff --git a/crypto/dh/dh_pmeth.c b/crypto/dh/dh_pmeth.c
+index 261c8a1..d281873 100644
+--- a/crypto/dh/dh_pmeth.c
++++ b/crypto/dh/dh_pmeth.c
+@@ -330,6 +330,30 @@ static int pkey_dh_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
+     DH_PKEY_CTX *dctx = ctx->data;
+     BN_GENCB *pcb;
+     int ret;
++
++#ifdef OPENSSL_FIPS
++    /* In FIPS mode we default to an appropriate group. */
++    if (FIPS_mode() && (!(dctx->rfc5114_param)) && (dctx->param_nid == 0)) {
++      switch (dctx->prime_len) {
++      case 8192:
++        dctx->param_nid = NID_ffdhe8192;
++        break;
++      case 6144:
++        dctx->param_nid = NID_ffdhe6144;
++        break;
++      case 4096:
++        dctx->param_nid = NID_ffdhe4096;
++        break;
++      case 3072:
++        dctx->param_nid = NID_ffdhe3072;
++        break;
++      default:
++        dctx->param_nid = NID_ffdhe2048;
++        break;
++      }
++    }
++#endif /* OPENSSL_FIPS */
++
+     if (dctx->rfc5114_param) {
+         switch (dctx->rfc5114_param) {
+         case 1:
diff --git a/openssl-1_1.changes b/openssl-1_1.changes
index 5634a8d..7221979 100644
--- a/openssl-1_1.changes
+++ b/openssl-1_1.changes
@@ -1,3 +1,11 @@
+-------------------------------------------------------------------
+Sat Sep 24 02:40:39 UTC 2022 - Jason Sikes <jsikes@suse.com>
+
+- Added openssl-1_1-paramgen-default_to_rfc7919.patch
+  * bsc#1180995
+  * Default to RFC7919 groups when generating ECDH parameters
+    using 'genpkey' or 'dhparam' in FIPS mode.
+
 -------------------------------------------------------------------
 Thu Jul  7 02:17:23 UTC 2022 - Jason Sikes <jsikes@suse.com>
 
diff --git a/openssl-1_1.spec b/openssl-1_1.spec
index 7acdf53..1564b8a 100644
--- a/openssl-1_1.spec
+++ b/openssl-1_1.spec
@@ -121,6 +121,8 @@ Patch71:        openssl-1_1-Optimize-AES-XTS-aarch64.patch
 Patch72:        openssl-1_1-Optimize-AES-GCM-uarchs.patch
 #PATCH-FIX-SUSE bsc#1182959 FIPS: Fix function and reason error codes
 Patch73:        openssl-1_1-FIPS-fix-error-reason-codes.patch
+#PATCH-FIX-SUSE bsc#1180995 Default to RFC7919 groups in FIPS mode
+Patch74:        openssl-1_1-paramgen-default_to_rfc7919.patch
 Requires:       libopenssl1_1 = %{version}-%{release}
 BuildRequires:  pkgconfig
 BuildRequires:  pkgconfig(zlib)