openssl-1_1/openssl-1_1-FIPS_drbg-rewire.patch

183 lines
5.9 KiB
Diff

Index: openssl-1.1.1l/crypto/fips/fips_drbg_lib.c
===================================================================
--- openssl-1.1.1l.orig/crypto/fips/fips_drbg_lib.c
+++ openssl-1.1.1l/crypto/fips/fips_drbg_lib.c
@@ -337,6 +337,19 @@ static int drbg_reseed(DRBG_CTX *dctx,
int FIPS_drbg_reseed(DRBG_CTX *dctx,
const unsigned char *adin, size_t adinlen)
{
+ int len = (int)adinlen;
+
+ if (len < 0 || (size_t)len != adinlen) {
+ FIPSerr(FIPS_F_DRBG_RESEED, FIPS_R_ADDITIONAL_INPUT_TOO_LONG);
+ return 0;
+ }
+ RAND_seed(adin, len);
+ return 1;
+}
+
+int FIPS_drbg_reseed_internal(DRBG_CTX *dctx,
+ const unsigned char *adin, size_t adinlen)
+{
return drbg_reseed(dctx, adin, adinlen, 1);
}
@@ -358,6 +371,19 @@ int FIPS_drbg_generate(DRBG_CTX *dctx, u
int prediction_resistance,
const unsigned char *adin, size_t adinlen)
{
+ int len = (int)outlen;
+
+ if (len < 0 || (size_t)len != outlen) {
+ FIPSerr(FIPS_F_FIPS_DRBG_GENERATE, FIPS_R_REQUEST_TOO_LARGE_FOR_DRBG);
+ return 0;
+ }
+ return RAND_bytes(out, len);
+}
+
+int FIPS_drbg_generate_internal(DRBG_CTX *dctx, unsigned char *out, size_t outlen,
+ int prediction_resistance,
+ const unsigned char *adin, size_t adinlen)
+{
int r = 0;
if (FIPS_selftest_failed()) {
Index: openssl-1.1.1l/crypto/fips/fips_drbg_rand.c
===================================================================
--- openssl-1.1.1l.orig/crypto/fips/fips_drbg_rand.c
+++ openssl-1.1.1l/crypto/fips/fips_drbg_rand.c
@@ -57,6 +57,8 @@
#include <openssl/err.h>
#include <openssl/rand.h>
#include <openssl/fips.h>
+#define FIPS_DRBG_generate FIPS_DRBG_generate_internal
+#define FIPS_DRBG_reseed FIPS_DRBG_reseed_internal
#include <openssl/fips_rand.h>
#include "fips_rand_lcl.h"
Index: openssl-1.1.1l/crypto/fips/fips_drbg_selftest.c
===================================================================
--- openssl-1.1.1l.orig/crypto/fips/fips_drbg_selftest.c
+++ openssl-1.1.1l/crypto/fips/fips_drbg_selftest.c
@@ -55,6 +55,8 @@
#include <openssl/crypto.h>
#include <openssl/err.h>
#include <openssl/fips.h>
+#define FIPS_DRBG_generate FIPS_DRBG_generate_internal
+#define FIPS_DRBG_reseed FIPS_DRBG_reseed_internal
#include <openssl/fips_rand.h>
#include "fips_rand_lcl.h"
#include "fips_locl.h"
Index: openssl-1.1.1l/crypto/fips/fips_rand_lib.c
===================================================================
--- openssl-1.1.1l.orig/crypto/fips/fips_rand_lib.c
+++ openssl-1.1.1l/crypto/fips/fips_rand_lib.c
@@ -120,6 +120,7 @@ void FIPS_rand_reset(void)
int FIPS_rand_seed(const void *buf, int num)
{
+#if 0
if (!fips_approved_rand_meth && FIPS_module_mode()) {
FIPSerr(FIPS_F_FIPS_RAND_SEED, FIPS_R_NON_FIPS_METHOD);
return 0;
@@ -127,10 +128,15 @@ int FIPS_rand_seed(const void *buf, int
if (fips_rand_meth && fips_rand_meth->seed)
fips_rand_meth->seed(buf, num);
return 1;
+#else
+ RAND_seed(buf, num);
+ return 1;
+#endif
}
int FIPS_rand_bytes(unsigned char *buf, int num)
{
+#if 0
if (!fips_approved_rand_meth && FIPS_module_mode()) {
FIPSerr(FIPS_F_FIPS_RAND_BYTES, FIPS_R_NON_FIPS_METHOD);
return 0;
@@ -138,10 +144,14 @@ int FIPS_rand_bytes(unsigned char *buf,
if (fips_rand_meth && fips_rand_meth->bytes)
return fips_rand_meth->bytes(buf, num);
return 0;
+#else
+ return RAND_bytes(buf, num);
+#endif
}
int FIPS_rand_status(void)
{
+#if 0
if (!fips_approved_rand_meth && FIPS_module_mode()) {
FIPSerr(FIPS_F_FIPS_RAND_STATUS, FIPS_R_NON_FIPS_METHOD);
return 0;
@@ -149,6 +159,9 @@ int FIPS_rand_status(void)
if (fips_rand_meth && fips_rand_meth->status)
return fips_rand_meth->status();
return 0;
+#else
+ return RAND_status();
+#endif
}
/* Return instantiated strength of PRNG. For DRBG this is an internal
Index: openssl-1.1.1l/include/openssl/fips.h
===================================================================
--- openssl-1.1.1l.orig/include/openssl/fips.h
+++ openssl-1.1.1l/include/openssl/fips.h
@@ -64,6 +64,11 @@ extern "C" {
int FIPS_selftest(void);
int FIPS_selftest_failed(void);
+
+ /*
+ * This function is deprecated as it performs selftest of the old FIPS drbg
+ * implementation that is not validated.
+ */
int FIPS_selftest_drbg_all(void);
void NONFIPS_selftest_check(void);
Index: openssl-1.1.1l/include/openssl/fips_rand.h
===================================================================
--- openssl-1.1.1l.orig/include/openssl/fips_rand.h
+++ openssl-1.1.1l/include/openssl/fips_rand.h
@@ -60,6 +60,20 @@
# ifdef __cplusplus
extern "C" {
# endif
+
+/*
+ * IMPORTANT NOTE:
+ * All functions in this header file are deprecated and should not be used
+ * as they use the old FIPS_drbg implementation that is not FIPS validated
+ * anymore.
+ * To provide backwards compatibility for applications that need FIPS compliant
+ * RNG number generation and use FIPS_drbg_generate, this function was
+ * re-wired to call the FIPS validated DRBG instance instead through
+ * the RAND_bytes() call.
+ *
+ * All these functions will be removed in future.
+ */
+
typedef struct drbg_ctx_st DRBG_CTX;
/* DRBG external flags */
/* Flag for CTR mode only: use derivation function ctr_df */
Index: openssl-1.1.1l/crypto/fips/fips_post.c
===================================================================
--- openssl-1.1.1l.orig/crypto/fips/fips_post.c
+++ openssl-1.1.1l/crypto/fips/fips_post.c
@@ -72,8 +72,13 @@
int FIPS_selftest(void)
{
int rv = 1;
+#if 0
+ /* This selftest is deprecated as it uses the old FIPS_drbg
+ * implementation that is not FIPS validated.
+ */
if (!FIPS_selftest_drbg_all())
rv = 0;
+#endif
if (!FIPS_selftest_sha1())
rv = 0;
if (!FIPS_selftest_sha2())