Accepting request 390473 from Base:System
1 OBS-URL: https://build.opensuse.org/request/show/390473 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl?expand=0&rev=131
This commit is contained in:
parent
2ebd052507
commit
fa96b8cfdd
@ -1,13 +0,0 @@
|
||||
Index: openssl-1.0.2c/crypto/ec/Makefile
|
||||
===================================================================
|
||||
--- openssl-1.0.2c.orig/crypto/ec/Makefile
|
||||
+++ openssl-1.0.2c/crypto/ec/Makefile
|
||||
@@ -10,7 +10,7 @@ CFLAG=-g
|
||||
MAKEFILE= Makefile
|
||||
AR= ar r
|
||||
|
||||
-CFLAGS= $(INCLUDES) $(CFLAG)
|
||||
+CFLAGS= $(INCLUDES) $(CFLAG) -O0
|
||||
ASFLAGS= $(INCLUDES) $(ASFLAG)
|
||||
AFLAGS= $(ASFLAGS)
|
||||
|
12
openssl-fips-clearerror.patch
Normal file
12
openssl-fips-clearerror.patch
Normal file
@ -0,0 +1,12 @@
|
||||
Index: openssl-1.0.2g/crypto/o_init.c
|
||||
===================================================================
|
||||
--- openssl-1.0.2g.orig/crypto/o_init.c 2016-04-14 10:54:05.763929573 +0200
|
||||
+++ openssl-1.0.2g/crypto/o_init.c 2016-04-14 10:59:08.366168879 +0200
|
||||
@@ -91,6 +91,7 @@ static void init_fips_mode(void)
|
||||
NONFIPS_selftest_check();
|
||||
/* drop down to non-FIPS mode if it is not requested */
|
||||
FIPS_mode_set(0);
|
||||
+ ERR_clear_error();
|
||||
} else {
|
||||
/* abort if selftest failed */
|
||||
FIPS_selftest_check();
|
128
openssl-fips-dont-fall-back-to-default-digest.patch
Normal file
128
openssl-fips-dont-fall-back-to-default-digest.patch
Normal file
@ -0,0 +1,128 @@
|
||||
Index: openssl-1.0.2g/apps/dgst.c
|
||||
===================================================================
|
||||
--- openssl-1.0.2g.orig/apps/dgst.c 2016-03-01 14:35:53.000000000 +0100
|
||||
+++ openssl-1.0.2g/apps/dgst.c 2016-04-14 11:04:21.706558132 +0200
|
||||
@@ -147,7 +147,7 @@ int MAIN(int argc, char **argv)
|
||||
/* first check the program name */
|
||||
program_name(argv[0], pname, sizeof pname);
|
||||
|
||||
- md = EVP_get_digestbyname(pname);
|
||||
+ md = EVP_get_digestbyname_fips_disabled(pname);
|
||||
|
||||
argc--;
|
||||
argv++;
|
||||
@@ -235,7 +235,7 @@ int MAIN(int argc, char **argv)
|
||||
macopts = sk_OPENSSL_STRING_new_null();
|
||||
if (!macopts || !sk_OPENSSL_STRING_push(macopts, *(++argv)))
|
||||
break;
|
||||
- } else if ((m = EVP_get_digestbyname(&((*argv)[1]))) != NULL)
|
||||
+ } else if ((m = EVP_get_digestbyname_fips_disabled(&((*argv)[1]))) != NULL)
|
||||
md = m;
|
||||
else
|
||||
break;
|
||||
Index: openssl-1.0.2g/apps/apps.c
|
||||
===================================================================
|
||||
--- openssl-1.0.2g.orig/apps/apps.c 2016-03-01 14:35:53.000000000 +0100
|
||||
+++ openssl-1.0.2g/apps/apps.c 2016-04-14 11:04:21.707558145 +0200
|
||||
@@ -3226,3 +3226,45 @@ int raw_write_stdout(const void *buf, in
|
||||
return write(fileno(stdout), buf, siz);
|
||||
}
|
||||
#endif
|
||||
+
|
||||
+
|
||||
+const EVP_MD *EVP_get_digestbyname_fips_disabled(const char *name)
|
||||
+ {
|
||||
+ int saved_fips_mode = FIPS_mode();
|
||||
+ EVP_MD *md;
|
||||
+
|
||||
+ if (saved_fips_mode)
|
||||
+ FIPS_mode_set(0);
|
||||
+
|
||||
+ OpenSSL_add_all_digests();
|
||||
+ md=EVP_get_digestbyname(name);
|
||||
+
|
||||
+ if (saved_fips_mode && !FIPS_mode_set(saved_fips_mode)) {
|
||||
+ ERR_load_crypto_strings();
|
||||
+ ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE));
|
||||
+ EXIT(1);
|
||||
+ }
|
||||
+
|
||||
+ return md;
|
||||
+ }
|
||||
+
|
||||
+const EVP_CIPHER *EVP_get_cipherbyname_fips_disabled(const char *name)
|
||||
+ {
|
||||
+ int saved_fips_mode = FIPS_mode();
|
||||
+ EVP_CIPHER *ciph;
|
||||
+
|
||||
+ if (saved_fips_mode)
|
||||
+ FIPS_mode_set(0);
|
||||
+
|
||||
+ OpenSSL_add_all_ciphers();
|
||||
+ ciph=EVP_get_cipherbyname(name);
|
||||
+
|
||||
+ if (saved_fips_mode && !FIPS_mode_set(saved_fips_mode)) {
|
||||
+ ERR_load_crypto_strings();
|
||||
+ ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE));
|
||||
+ EXIT(1);
|
||||
+ }
|
||||
+
|
||||
+ return ciph;
|
||||
+ }
|
||||
+
|
||||
Index: openssl-1.0.2g/apps/apps.h
|
||||
===================================================================
|
||||
--- openssl-1.0.2g.orig/apps/apps.h 2016-03-01 14:35:53.000000000 +0100
|
||||
+++ openssl-1.0.2g/apps/apps.h 2016-04-14 11:04:21.707558145 +0200
|
||||
@@ -348,6 +348,9 @@ void print_cert_checks(BIO *bio, X509 *x
|
||||
|
||||
void store_setup_crl_download(X509_STORE *st);
|
||||
|
||||
+const EVP_MD *EVP_get_digestbyname_fips_disabled(const char *name);
|
||||
+const EVP_CIPHER *EVP_get_cipherbyname_fips_disabled(const char *name);
|
||||
+
|
||||
# define FORMAT_UNDEF 0
|
||||
# define FORMAT_ASN1 1
|
||||
# define FORMAT_TEXT 2
|
||||
Index: openssl-1.0.2g/apps/enc.c
|
||||
===================================================================
|
||||
--- openssl-1.0.2g.orig/apps/enc.c 2016-03-01 14:35:05.000000000 +0100
|
||||
+++ openssl-1.0.2g/apps/enc.c 2016-04-15 13:57:22.782628623 +0200
|
||||
@@ -150,7 +150,7 @@ int MAIN(int argc, char **argv)
|
||||
do_zlib = 1;
|
||||
#endif
|
||||
|
||||
- cipher = EVP_get_cipherbyname(pname);
|
||||
+ cipher = EVP_get_cipherbyname_fips_disabled(pname);
|
||||
#ifdef ZLIB
|
||||
if (!do_zlib && !base64 && (cipher == NULL)
|
||||
&& (strcmp(pname, "enc") != 0))
|
||||
@@ -269,7 +269,7 @@ int MAIN(int argc, char **argv)
|
||||
} else if (strcmp(*argv, "-non-fips-allow") == 0)
|
||||
non_fips_allow = 1;
|
||||
else if ((argv[0][0] == '-') &&
|
||||
- ((c = EVP_get_cipherbyname(&(argv[0][1]))) != NULL)) {
|
||||
+ ((c = EVP_get_cipherbyname_fips_disabled(&(argv[0][1]))) != NULL)) {
|
||||
cipher = c;
|
||||
} else if (strcmp(*argv, "-none") == 0)
|
||||
cipher = NULL;
|
||||
@@ -322,6 +322,10 @@ int MAIN(int argc, char **argv)
|
||||
argv++;
|
||||
}
|
||||
|
||||
+ /* drop out of fips mode if we should allow non-fips algos */
|
||||
+ if (non_fips_allow)
|
||||
+ FIPS_mode_set(0);
|
||||
+
|
||||
#ifndef OPENSSL_NO_ENGINE
|
||||
setup_engine(bio_err, engine, 0);
|
||||
#endif
|
||||
@@ -338,7 +342,7 @@ int MAIN(int argc, char **argv)
|
||||
goto end;
|
||||
}
|
||||
|
||||
- if (md && (dgst = EVP_get_digestbyname(md)) == NULL) {
|
||||
+ if (md && (dgst = EVP_get_digestbyname_fips_disabled(md)) == NULL) {
|
||||
BIO_printf(bio_err, "%s is an unsupported message digest type\n", md);
|
||||
goto end;
|
||||
}
|
14
openssl-fips-fix-odd-rsakeybits.patch
Normal file
14
openssl-fips-fix-odd-rsakeybits.patch
Normal file
@ -0,0 +1,14 @@
|
||||
Index: openssl-1.0.2g/crypto/rsa/rsa_gen.c
|
||||
===================================================================
|
||||
--- openssl-1.0.2g.orig/crypto/rsa/rsa_gen.c 2016-04-14 10:52:34.187646539 +0200
|
||||
+++ openssl-1.0.2g/crypto/rsa/rsa_gen.c 2016-04-14 10:53:39.335559301 +0200
|
||||
@@ -465,7 +465,8 @@ static int rsa_builtin_keygen(RSA *rsa,
|
||||
goto err;
|
||||
|
||||
bitsp = (bits + 1) / 2;
|
||||
- bitsq = bits - bitsp;
|
||||
+ /* Use the same number of bits for p and q, our checks assume it. */
|
||||
+ bitsq = bitsp;
|
||||
|
||||
/* prepare a maximum for p and q */
|
||||
/* 0xB504F334 is (sqrt(2)/2)*2^32 */
|
39
openssl-fips-rsagen-d-bits.patch
Normal file
39
openssl-fips-rsagen-d-bits.patch
Normal file
@ -0,0 +1,39 @@
|
||||
Index: openssl-1.0.2g/crypto/rsa/rsa_gen.c
|
||||
===================================================================
|
||||
--- openssl-1.0.2g.orig/crypto/rsa/rsa_gen.c 2016-04-14 10:23:50.941168136 +0200
|
||||
+++ openssl-1.0.2g/crypto/rsa/rsa_gen.c 2016-04-14 10:47:56.651757817 +0200
|
||||
@@ -237,6 +237,12 @@ static int FIPS_rsa_builtin_keygen(RSA *
|
||||
goto err;
|
||||
}
|
||||
|
||||
+ BN_copy(rsa->e, e_value);
|
||||
+
|
||||
+ if (!BN_is_zero(rsa->p) && !BN_is_zero(rsa->q))
|
||||
+ test = 1;
|
||||
+
|
||||
+retry:
|
||||
/* prepare approximate minimum p and q */
|
||||
if (!BN_set_word(r0, 0xB504F334))
|
||||
goto err;
|
||||
@@ -249,12 +255,6 @@ static int FIPS_rsa_builtin_keygen(RSA *
|
||||
if (!BN_lshift(r3, r3, pbits - 100))
|
||||
goto err;
|
||||
|
||||
- BN_copy(rsa->e, e_value);
|
||||
-
|
||||
- if (!BN_is_zero(rsa->p) && !BN_is_zero(rsa->q))
|
||||
- test = 1;
|
||||
-
|
||||
- retry:
|
||||
/* generate p and q */
|
||||
for (i = 0; i < 5 * pbits; i++) {
|
||||
ploop:
|
||||
@@ -384,6 +384,8 @@ static int FIPS_rsa_builtin_keygen(RSA *
|
||||
if (!BN_mod_inverse(rsa->d, rsa->e, lcm_p1_q1, ctx))
|
||||
goto err; /* d */
|
||||
|
||||
+ /* test 2^(bits/2) < d < LCM((p-1)*(q-1)) */
|
||||
+ /* the LCM part is covered due to the generation by modulo above */
|
||||
if (BN_num_bits(rsa->d) < pbits)
|
||||
goto retry; /* d is too small */
|
||||
|
74
openssl-fips-selftests_in_nonfips_mode.patch
Normal file
74
openssl-fips-selftests_in_nonfips_mode.patch
Normal file
@ -0,0 +1,74 @@
|
||||
Index: openssl-1.0.2g/crypto/fips/fips.c
|
||||
===================================================================
|
||||
--- openssl-1.0.2g.orig/crypto/fips/fips.c 2016-04-14 10:49:37.460170356 +0200
|
||||
+++ openssl-1.0.2g/crypto/fips/fips.c 2016-04-14 10:49:47.270307813 +0200
|
||||
@@ -448,6 +448,44 @@ int FIPS_module_mode_set(int onoff, cons
|
||||
return ret;
|
||||
}
|
||||
|
||||
+/* In non-FIPS mode, the selftests must succeed if the
|
||||
+ * checksum files are present
|
||||
+ */
|
||||
+void NONFIPS_selftest_check(void)
|
||||
+ {
|
||||
+ int rv;
|
||||
+ char *hmacpath;
|
||||
+ char path[PATH_MAX+1];
|
||||
+
|
||||
+ if (fips_selftest_fail)
|
||||
+ {
|
||||
+ /* check if the checksum files are installed */
|
||||
+ rv = get_library_path("libcrypto.so." SHLIB_VERSION_NUMBER, "FIPS_mode_set", path, sizeof(path));
|
||||
+ if (rv < 0)
|
||||
+ OpenSSLDie(__FILE__,__LINE__, "FATAL FIPS SELFTEST FAILURE");
|
||||
+
|
||||
+ hmacpath = make_hmac_path(path);
|
||||
+ if (hmacpath == NULL)
|
||||
+ OpenSSLDie(__FILE__,__LINE__, "FATAL FIPS SELFTEST FAILURE");
|
||||
+
|
||||
+ if (access(hmacpath, F_OK))
|
||||
+ {
|
||||
+ /* no hmac file is present, ignore the failed selftests */
|
||||
+ if (errno == ENOENT)
|
||||
+ {
|
||||
+ free(hmacpath);
|
||||
+ return;
|
||||
+ }
|
||||
+ /* we fail on any other error */
|
||||
+ }
|
||||
+ /* if the file exists, but the selftests failed
|
||||
+ (eg wrong checksum), we fail too */
|
||||
+ free(hmacpath);
|
||||
+ OpenSSLDie(__FILE__,__LINE__, "FATAL FIPS SELFTEST FAILURE");
|
||||
+ }
|
||||
+ /* otherwise ok, selftests were successful */
|
||||
+ }
|
||||
+
|
||||
static CRYPTO_THREADID fips_thread;
|
||||
static int fips_thread_set = 0;
|
||||
|
||||
Index: openssl-1.0.2g/crypto/fips/fips.h
|
||||
===================================================================
|
||||
--- openssl-1.0.2g.orig/crypto/fips/fips.h 2016-04-14 10:49:47.270307813 +0200
|
||||
+++ openssl-1.0.2g/crypto/fips/fips.h 2016-04-14 10:50:45.867128848 +0200
|
||||
@@ -107,6 +107,7 @@ extern "C" {
|
||||
int FIPS_selftest_drbg(void);
|
||||
int FIPS_selftest_drbg_all(void);
|
||||
int FIPS_selftest_cmac(void);
|
||||
+ void NONFIPS_selftest_check(void);
|
||||
|
||||
void FIPS_get_timevec(unsigned char *buf, unsigned long *pctr);
|
||||
|
||||
Index: openssl-1.0.2g/crypto/o_init.c
|
||||
===================================================================
|
||||
--- openssl-1.0.2g.orig/crypto/o_init.c 2016-04-14 10:49:47.270307813 +0200
|
||||
+++ openssl-1.0.2g/crypto/o_init.c 2016-04-14 10:51:31.634770112 +0200
|
||||
@@ -87,6 +87,8 @@ static void init_fips_mode(void)
|
||||
*/
|
||||
|
||||
if (buf[0] != '1') {
|
||||
+ /* abort if selftest failed and the module is complete */
|
||||
+ NONFIPS_selftest_check();
|
||||
/* drop down to non-FIPS mode if it is not requested */
|
||||
FIPS_mode_set(0);
|
||||
} else {
|
42
openssl-fips_RSA_compute_d_with_lcm.patch
Normal file
42
openssl-fips_RSA_compute_d_with_lcm.patch
Normal file
@ -0,0 +1,42 @@
|
||||
Index: openssl-1.0.2g/crypto/rsa/rsa_gen.c
|
||||
===================================================================
|
||||
--- openssl-1.0.2g.orig/crypto/rsa/rsa_gen.c 2016-04-13 15:07:34.371851679 +0200
|
||||
+++ openssl-1.0.2g/crypto/rsa/rsa_gen.c 2016-04-13 15:18:00.630306031 +0200
|
||||
@@ -177,6 +177,7 @@ static int FIPS_rsa_builtin_keygen(RSA *
|
||||
BIGNUM *r0 = NULL, *r1 = NULL, *r2 = NULL, *r3 = NULL, *tmp;
|
||||
BIGNUM local_r0, local_d, local_p;
|
||||
BIGNUM *pr0, *d, *p;
|
||||
+ BIGNUM *gcd_p1_q1 = NULL, *lcm_p1_q1 = NULL;
|
||||
BN_CTX *ctx = NULL;
|
||||
int ok = -1;
|
||||
int i;
|
||||
@@ -204,6 +205,8 @@ static int FIPS_rsa_builtin_keygen(RSA *
|
||||
r1 = BN_CTX_get(ctx);
|
||||
r2 = BN_CTX_get(ctx);
|
||||
r3 = BN_CTX_get(ctx);
|
||||
+ gcd_p1_q1 = BN_CTX_get(ctx);
|
||||
+ lcm_p1_q1 = BN_CTX_get(ctx);
|
||||
|
||||
if (r3 == NULL)
|
||||
goto err;
|
||||
@@ -372,12 +375,18 @@ static int FIPS_rsa_builtin_keygen(RSA *
|
||||
BN_with_flags(pr0, r0, BN_FLG_CONSTTIME);
|
||||
} else
|
||||
pr0 = r0;
|
||||
- if (!BN_mod_inverse(rsa->d, rsa->e, pr0, ctx))
|
||||
+
|
||||
+ /* calculate lcm(p-1,q-1) = (p-1)*(q-1) / gcd(p-1,q-1) */
|
||||
+ if (!BN_gcd(gcd_p1_q1, r1, r2, ctx))
|
||||
+ goto err; /* gcd(p-1,q-1) */
|
||||
+ if (!BN_div(lcm_p1_q1, NULL, pr0, gcd_p1_q1, ctx))
|
||||
+ goto err;
|
||||
+ if (!BN_mod_inverse(rsa->d, rsa->e, lcm_p1_q1, ctx))
|
||||
goto err; /* d */
|
||||
|
||||
if (BN_num_bits(rsa->d) < pbits)
|
||||
goto retry; /* d is too small */
|
||||
-
|
||||
+
|
||||
/* set up d for correct BN_FLG_CONSTTIME flag */
|
||||
if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
|
||||
d = &local_d;
|
16
openssl-fips_disallow_ENGINE_loading.patch
Normal file
16
openssl-fips_disallow_ENGINE_loading.patch
Normal file
@ -0,0 +1,16 @@
|
||||
Index: openssl-1.0.2g/crypto/engine/eng_all.c
|
||||
===================================================================
|
||||
--- openssl-1.0.2g.orig/crypto/engine/eng_all.c 2016-04-13 15:04:40.644190904 +0200
|
||||
+++ openssl-1.0.2g/crypto/engine/eng_all.c 2016-04-13 15:06:04.092468490 +0200
|
||||
@@ -70,11 +70,6 @@ void ENGINE_load_builtin_engines(void)
|
||||
#ifdef OPENSSL_FIPS
|
||||
OPENSSL_init_library();
|
||||
if (FIPS_mode()) {
|
||||
- /* We allow loading dynamic engine as a third party
|
||||
- engine might be FIPS validated.
|
||||
- User is disallowed to load non-validated engines
|
||||
- by security policy. */
|
||||
- ENGINE_load_dynamic();
|
||||
return;
|
||||
}
|
||||
#endif
|
13
openssl-fips_disallow_x931_rand_method.patch
Normal file
13
openssl-fips_disallow_x931_rand_method.patch
Normal file
@ -0,0 +1,13 @@
|
||||
Index: openssl-1.0.2g/crypto/fips/fips_rand_lib.c
|
||||
===================================================================
|
||||
--- openssl-1.0.2g.orig/crypto/fips/fips_rand_lib.c 2016-04-13 15:01:53.236630810 +0200
|
||||
+++ openssl-1.0.2g/crypto/fips/fips_rand_lib.c 2016-04-13 15:02:48.986482927 +0200
|
||||
@@ -73,8 +73,6 @@ int FIPS_rand_set_method(const RAND_METH
|
||||
if (!fips_rand_bits) {
|
||||
if (meth == FIPS_drbg_method())
|
||||
fips_approved_rand_meth = 1;
|
||||
- else if (meth == FIPS_x931_method())
|
||||
- fips_approved_rand_meth = 2;
|
||||
else {
|
||||
fips_approved_rand_meth = 0;
|
||||
if (FIPS_module_mode()) {
|
@ -1,7 +1,7 @@
|
||||
Index: crypto/bio/b_sock.c
|
||||
===================================================================
|
||||
--- crypto/bio/b_sock.c.orig 2015-12-05 00:04:11.291027369 +0100
|
||||
+++ crypto/bio/b_sock.c 2015-12-05 00:04:13.283055286 +0100
|
||||
--- crypto/bio/b_sock.c.orig 2016-04-14 11:01:01.957760118 +0200
|
||||
+++ crypto/bio/b_sock.c 2016-04-14 11:01:04.759799369 +0200
|
||||
@@ -723,7 +723,7 @@ int BIO_get_accept_socket(char *host, in
|
||||
}
|
||||
|
||||
@ -31,8 +31,8 @@ Index: crypto/bio/b_sock.c
|
||||
sa.len.i = (int)sa.len.s;
|
||||
Index: crypto/bio/bss_conn.c
|
||||
===================================================================
|
||||
--- crypto/bio/bss_conn.c.orig 2015-12-05 00:04:11.291027369 +0100
|
||||
+++ crypto/bio/bss_conn.c 2015-12-05 00:04:13.283055286 +0100
|
||||
--- crypto/bio/bss_conn.c.orig 2016-04-14 11:01:01.957760118 +0200
|
||||
+++ crypto/bio/bss_conn.c 2016-04-14 11:01:04.759799369 +0200
|
||||
@@ -195,7 +195,7 @@ static int conn_state(BIO *b, BIO_CONNEC
|
||||
c->them.sin_addr.s_addr = htonl(l);
|
||||
c->state = BIO_CONN_S_CREATE_SOCKET;
|
||||
@ -44,9 +44,9 @@ Index: crypto/bio/bss_conn.c
|
||||
ERR_add_error_data(4, "host=", c->param_hostname,
|
||||
Index: crypto/bio/bss_dgram.c
|
||||
===================================================================
|
||||
--- crypto/bio/bss_dgram.c.orig 2015-12-05 00:04:11.292027383 +0100
|
||||
+++ crypto/bio/bss_dgram.c 2015-12-05 00:04:13.284055300 +0100
|
||||
@@ -1177,7 +1177,7 @@ static int dgram_sctp_read(BIO *b, char
|
||||
--- crypto/bio/bss_dgram.c.orig 2016-04-14 11:01:01.958760132 +0200
|
||||
+++ crypto/bio/bss_dgram.c 2016-04-14 11:01:04.760799384 +0200
|
||||
@@ -1175,7 +1175,7 @@ static int dgram_sctp_read(BIO *b, char
|
||||
msg.msg_control = cmsgbuf;
|
||||
msg.msg_controllen = 512;
|
||||
msg.msg_flags = 0;
|
||||
@ -55,7 +55,7 @@ Index: crypto/bio/bss_dgram.c
|
||||
|
||||
if (n <= 0) {
|
||||
if (n < 0)
|
||||
@@ -1802,7 +1802,7 @@ int BIO_dgram_sctp_wait_for_dry(BIO *b)
|
||||
@@ -1800,7 +1800,7 @@ int BIO_dgram_sctp_wait_for_dry(BIO *b)
|
||||
msg.msg_controllen = 0;
|
||||
msg.msg_flags = 0;
|
||||
|
||||
@ -64,7 +64,7 @@ Index: crypto/bio/bss_dgram.c
|
||||
if (n <= 0) {
|
||||
if ((n < 0) && (get_last_socket_error() != EAGAIN)
|
||||
&& (get_last_socket_error() != EWOULDBLOCK))
|
||||
@@ -1824,7 +1824,7 @@ int BIO_dgram_sctp_wait_for_dry(BIO *b)
|
||||
@@ -1822,7 +1822,7 @@ int BIO_dgram_sctp_wait_for_dry(BIO *b)
|
||||
msg.msg_controllen = 0;
|
||||
msg.msg_flags = 0;
|
||||
|
||||
@ -73,7 +73,7 @@ Index: crypto/bio/bss_dgram.c
|
||||
if (n <= 0) {
|
||||
if ((n < 0) && (get_last_socket_error() != EAGAIN)
|
||||
&& (get_last_socket_error() != EWOULDBLOCK))
|
||||
@@ -1889,7 +1889,7 @@ int BIO_dgram_sctp_wait_for_dry(BIO *b)
|
||||
@@ -1887,7 +1887,7 @@ int BIO_dgram_sctp_wait_for_dry(BIO *b)
|
||||
fcntl(b->num, F_SETFL, O_NONBLOCK);
|
||||
}
|
||||
|
||||
@ -82,7 +82,7 @@ Index: crypto/bio/bss_dgram.c
|
||||
|
||||
if (is_dry) {
|
||||
fcntl(b->num, F_SETFL, sockflags);
|
||||
@@ -1931,7 +1931,7 @@ int BIO_dgram_sctp_msg_waiting(BIO *b)
|
||||
@@ -1929,7 +1929,7 @@ int BIO_dgram_sctp_msg_waiting(BIO *b)
|
||||
|
||||
sockflags = fcntl(b->num, F_GETFL, 0);
|
||||
fcntl(b->num, F_SETFL, O_NONBLOCK);
|
||||
@ -91,7 +91,7 @@ Index: crypto/bio/bss_dgram.c
|
||||
fcntl(b->num, F_SETFL, sockflags);
|
||||
|
||||
/* if notification, process and try again */
|
||||
@@ -1951,7 +1951,7 @@ int BIO_dgram_sctp_msg_waiting(BIO *b)
|
||||
@@ -1949,7 +1949,7 @@ int BIO_dgram_sctp_msg_waiting(BIO *b)
|
||||
msg.msg_control = NULL;
|
||||
msg.msg_controllen = 0;
|
||||
msg.msg_flags = 0;
|
||||
@ -102,8 +102,8 @@ Index: crypto/bio/bss_dgram.c
|
||||
data->handle_notifications(b, data->notification_context,
|
||||
Index: crypto/bio/bss_file.c
|
||||
===================================================================
|
||||
--- crypto/bio/bss_file.c.orig 2015-12-05 00:04:11.292027383 +0100
|
||||
+++ crypto/bio/bss_file.c 2015-12-05 00:04:49.780566910 +0100
|
||||
--- crypto/bio/bss_file.c.orig 2016-04-14 11:01:01.958760132 +0200
|
||||
+++ crypto/bio/bss_file.c 2016-04-14 11:01:04.760799384 +0200
|
||||
@@ -118,6 +118,10 @@ static BIO_METHOD methods_filep = {
|
||||
static FILE *file_fopen(const char *filename, const char *mode)
|
||||
{
|
||||
@ -143,21 +143,21 @@ Index: crypto/bio/bss_file.c
|
||||
SYSerr(SYS_F_FOPEN, get_last_sys_error());
|
||||
Index: crypto/rand/rand_unix.c
|
||||
===================================================================
|
||||
--- crypto/rand/rand_unix.c.orig 2015-12-05 00:04:11.292027383 +0100
|
||||
+++ crypto/rand/rand_unix.c 2015-12-05 00:04:13.285055314 +0100
|
||||
@@ -269,7 +269,7 @@ int RAND_poll(void)
|
||||
--- crypto/rand/rand_unix.c.orig 2016-04-14 11:01:04.761799398 +0200
|
||||
+++ crypto/rand/rand_unix.c 2016-04-14 11:02:13.950768594 +0200
|
||||
@@ -270,7 +270,7 @@ int RAND_poll(void)
|
||||
|
||||
for (i = 0; (i < sizeof(randomfiles) / sizeof(randomfiles[0])) &&
|
||||
(n < ENTROPY_NEEDED); i++) {
|
||||
(n < sizeof(tmpbuf)); i++) {
|
||||
- if ((fd = open(randomfiles[i], O_RDONLY
|
||||
+ if ((fd = open(randomfiles[i], O_RDONLY|O_CLOEXEC
|
||||
+ if ((fd = open(randomfiles[i], O_RDONLY | O_CLOEXEC
|
||||
# ifdef O_NONBLOCK
|
||||
| O_NONBLOCK
|
||||
# endif
|
||||
Index: crypto/rand/randfile.c
|
||||
===================================================================
|
||||
--- crypto/rand/randfile.c.orig 2015-12-05 00:04:11.293027397 +0100
|
||||
+++ crypto/rand/randfile.c 2015-12-05 00:04:13.285055314 +0100
|
||||
--- crypto/rand/randfile.c.orig 2016-04-14 11:01:01.959760146 +0200
|
||||
+++ crypto/rand/randfile.c 2016-04-14 11:01:04.761799398 +0200
|
||||
@@ -147,7 +147,7 @@ int RAND_load_file(const char *file, lon
|
||||
#ifdef OPENSSL_SYS_VMS
|
||||
in = vms_fopen(file, "rb", VMS_OPEN_ATTRS);
|
||||
|
65
openssl-rsakeygen-minimum-distance.patch
Normal file
65
openssl-rsakeygen-minimum-distance.patch
Normal file
@ -0,0 +1,65 @@
|
||||
Index: openssl-1.0.2g/crypto/rsa/rsa_gen.c
|
||||
===================================================================
|
||||
--- openssl-1.0.2g.orig/crypto/rsa/rsa_gen.c 2016-04-13 15:18:47.520016582 +0200
|
||||
+++ openssl-1.0.2g/crypto/rsa/rsa_gen.c 2016-04-13 15:36:32.309233030 +0200
|
||||
@@ -465,6 +465,19 @@ static int rsa_builtin_keygen(RSA *rsa,
|
||||
bitsp = (bits + 1) / 2;
|
||||
bitsq = bits - bitsp;
|
||||
|
||||
+ /* prepare a maximum for p and q */
|
||||
+ /* 0xB504F334 is (sqrt(2)/2)*2^32 */
|
||||
+ if (!BN_set_word(r0, 0xB504F334))
|
||||
+ goto err;
|
||||
+ if (!BN_lshift(r0, r0, bitsp - 32))
|
||||
+ goto err;
|
||||
+
|
||||
+ /* prepare minimum p and q difference */
|
||||
+ if (!BN_one(r3))
|
||||
+ goto err;
|
||||
+ if (!BN_lshift(r3, r3, bitsp - 100))
|
||||
+ goto err;
|
||||
+
|
||||
/* We need the RSA components non-NULL */
|
||||
if (!rsa->n && ((rsa->n = BN_new()) == NULL))
|
||||
goto err;
|
||||
@@ -489,6 +502,8 @@ static int rsa_builtin_keygen(RSA *rsa,
|
||||
for (;;) {
|
||||
if (!BN_generate_prime_ex(rsa->p, bitsp, 0, NULL, NULL, cb))
|
||||
goto err;
|
||||
+ if (BN_cmp(rsa->p, r0) < 0)
|
||||
+ continue;
|
||||
if (!BN_sub(r2, rsa->p, BN_value_one()))
|
||||
goto err;
|
||||
if (!BN_gcd(r1, r2, rsa->e, ctx))
|
||||
@@ -501,21 +516,17 @@ static int rsa_builtin_keygen(RSA *rsa,
|
||||
if (!BN_GENCB_call(cb, 3, 0))
|
||||
goto err;
|
||||
for (;;) {
|
||||
- /*
|
||||
- * When generating ridiculously small keys, we can get stuck
|
||||
- * continually regenerating the same prime values. Check for this and
|
||||
- * bail if it happens 3 times.
|
||||
- */
|
||||
- unsigned int degenerate = 0;
|
||||
- do {
|
||||
- if (!BN_generate_prime_ex(rsa->q, bitsq, 0, NULL, NULL, cb))
|
||||
- goto err;
|
||||
- } while ((BN_cmp(rsa->p, rsa->q) == 0) && (++degenerate < 3));
|
||||
- if (degenerate == 3) {
|
||||
- ok = 0; /* we set our own err */
|
||||
- RSAerr(RSA_F_RSA_BUILTIN_KEYGEN, RSA_R_KEY_SIZE_TOO_SMALL);
|
||||
+ /* This function will take care of setting the topmost bit via BN_rand(..,1,1), so
|
||||
+ * the maximum distance between p and q is less than 2^bitsq */
|
||||
+ if(!BN_generate_prime_ex(rsa->q, bitsq, 0, NULL, NULL, cb))
|
||||
+ goto err;
|
||||
+ if (BN_cmp(rsa->q, r0) < 0)
|
||||
+ continue;
|
||||
+ /* check for minimum distance between p and q, 2^(bitsp-100) */
|
||||
+ if (!BN_sub(r2, rsa->q, rsa->p))
|
||||
goto err;
|
||||
- }
|
||||
+ if (BN_ucmp(r2, r3) <= 0)
|
||||
+ continue;
|
||||
if (!BN_sub(r2, rsa->q, BN_value_one()))
|
||||
goto err;
|
||||
if (!BN_gcd(r1, r2, rsa->e, ctx))
|
100
openssl-urandom-reseeding.patch
Normal file
100
openssl-urandom-reseeding.patch
Normal file
@ -0,0 +1,100 @@
|
||||
Index: openssl-1.0.2g/crypto/rand/rand_unix.c
|
||||
===================================================================
|
||||
--- openssl-1.0.2g.orig/crypto/rand/rand_unix.c 2016-04-15 14:27:32.058784436 +0200
|
||||
+++ openssl-1.0.2g/crypto/rand/rand_unix.c 2016-04-15 14:27:32.711794567 +0200
|
||||
@@ -245,7 +245,8 @@ int RAND_poll(void)
|
||||
unsigned long l;
|
||||
pid_t curr_pid = getpid();
|
||||
# if defined(DEVRANDOM) || defined(DEVRANDOM_EGD)
|
||||
- unsigned char tmpbuf[ENTROPY_NEEDED];
|
||||
+ /* STATE_SIZE is 1023 ... but it was suggested to seed with 1024 bytes */
|
||||
+ unsigned char tmpbuf[1024];
|
||||
int n = 0;
|
||||
# endif
|
||||
# ifdef DEVRANDOM
|
||||
@@ -268,7 +269,7 @@ int RAND_poll(void)
|
||||
*/
|
||||
|
||||
for (i = 0; (i < sizeof(randomfiles) / sizeof(randomfiles[0])) &&
|
||||
- (n < ENTROPY_NEEDED); i++) {
|
||||
+ (n < sizeof(tmpbuf)); i++) {
|
||||
if ((fd = open(randomfiles[i], O_RDONLY
|
||||
# ifdef O_NONBLOCK
|
||||
| O_NONBLOCK
|
||||
@@ -355,7 +356,7 @@ int RAND_poll(void)
|
||||
|
||||
if (try_read) {
|
||||
r = read(fd, (unsigned char *)tmpbuf + n,
|
||||
- ENTROPY_NEEDED - n);
|
||||
+ sizeof(tmpbuf) - n);
|
||||
if (r > 0)
|
||||
n += r;
|
||||
# if defined(OPENSSL_SYS_BEOS_R5)
|
||||
@@ -376,7 +377,7 @@ int RAND_poll(void)
|
||||
}
|
||||
while ((r > 0 ||
|
||||
(errno == EINTR || errno == EAGAIN)) && usec != 0
|
||||
- && n < ENTROPY_NEEDED);
|
||||
+ && n < sizeof(tmpbuf));
|
||||
|
||||
close(fd);
|
||||
}
|
||||
@@ -389,12 +390,12 @@ int RAND_poll(void)
|
||||
* collecting daemon.
|
||||
*/
|
||||
|
||||
- for (egdsocket = egdsockets; *egdsocket && n < ENTROPY_NEEDED;
|
||||
+ for (egdsocket = egdsockets; *egdsocket && n < sizeof(tmpbuf);
|
||||
egdsocket++) {
|
||||
int r;
|
||||
|
||||
r = RAND_query_egd_bytes(*egdsocket, (unsigned char *)tmpbuf + n,
|
||||
- ENTROPY_NEEDED - n);
|
||||
+ sizeof(tmpbuf) - n);
|
||||
if (r > 0)
|
||||
n += r;
|
||||
}
|
||||
Index: openssl-1.0.2g/crypto/rand/md_rand.c
|
||||
===================================================================
|
||||
--- openssl-1.0.2g.orig/crypto/rand/md_rand.c 2016-04-15 14:27:32.711794567 +0200
|
||||
+++ openssl-1.0.2g/crypto/rand/md_rand.c 2016-04-15 14:28:18.865510438 +0200
|
||||
@@ -360,6 +360,10 @@ int ssleay_rand_bytes(unsigned char *buf
|
||||
if (num <= 0)
|
||||
return 1;
|
||||
|
||||
+ /* special rule for /dev/urandom seeding ... seed with as much bytes
|
||||
+ * from /dev/urandom as you get out */
|
||||
+ RAND_load_file("/dev/urandom", num);
|
||||
+
|
||||
EVP_MD_CTX_init(&m);
|
||||
/* round upwards to multiple of MD_DIGEST_LENGTH/2 */
|
||||
num_ceil =
|
||||
Index: openssl-1.0.2g/crypto/fips/fips_drbg_rand.c
|
||||
===================================================================
|
||||
--- openssl-1.0.2g.orig/crypto/fips/fips_drbg_rand.c 2016-04-15 14:27:32.712794583 +0200
|
||||
+++ openssl-1.0.2g/crypto/fips/fips_drbg_rand.c 2016-04-15 14:29:30.192616518 +0200
|
||||
@@ -77,6 +77,11 @@ static int fips_drbg_bytes(unsigned char
|
||||
int rv = 0;
|
||||
unsigned char *adin = NULL;
|
||||
size_t adinlen = 0;
|
||||
+
|
||||
+ /* add entropy in 1:1 relation (number pulled bytes / number pushed from /dev/urandom) */
|
||||
+ if (count > dctx->min_entropy)
|
||||
+ RAND_load_file("/dev/urandom", count - dctx->min_entropy);
|
||||
+
|
||||
CRYPTO_w_lock(CRYPTO_LOCK_RAND);
|
||||
do {
|
||||
size_t rcnt;
|
||||
Index: openssl-1.0.2g/crypto/rand/rand_lib.c
|
||||
===================================================================
|
||||
--- openssl-1.0.2g.orig/crypto/rand/rand_lib.c 2016-04-15 14:27:32.712794583 +0200
|
||||
+++ openssl-1.0.2g/crypto/rand/rand_lib.c 2016-04-15 14:30:45.074777402 +0200
|
||||
@@ -238,7 +238,7 @@ static int drbg_rand_add(DRBG_CTX *ctx,
|
||||
RAND_SSLeay()->add(in, inlen, entropy);
|
||||
if (FIPS_rand_status()) {
|
||||
CRYPTO_w_lock(CRYPTO_LOCK_RAND);
|
||||
- FIPS_drbg_reseed(ctx, NULL, 0);
|
||||
+ FIPS_drbg_reseed(ctx, in, inlen);
|
||||
CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
|
||||
}
|
||||
return 1;
|
@ -1,3 +1,30 @@
|
||||
-------------------------------------------------------------------
|
||||
Fri Apr 15 16:55:05 UTC 2016 - dvaleev@suse.com
|
||||
|
||||
- Remove a hack for bsc#936563
|
||||
- Drop bsc936563_hack.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Apr 15 11:59:48 UTC 2016 - vcizek@suse.com
|
||||
|
||||
- import fips patches from SLE-12
|
||||
* openssl-fips-clearerror.patch
|
||||
* openssl-fips-dont-fall-back-to-default-digest.patch
|
||||
* openssl-fips-fix-odd-rsakeybits.patch
|
||||
* openssl-fips-rsagen-d-bits.patch
|
||||
* openssl-fips-selftests_in_nonfips_mode.patch
|
||||
* openssl-fips_RSA_compute_d_with_lcm.patch
|
||||
* openssl-fips_disallow_ENGINE_loading.patch
|
||||
* openssl-fips_disallow_x931_rand_method.patch
|
||||
* openssl-rsakeygen-minimum-distance.patch
|
||||
* openssl-urandom-reseeding.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Mar 8 12:50:28 UTC 2016 - vcizek@suse.com
|
||||
|
||||
- add support for "ciphers" providing no encryption (bsc#937085)
|
||||
* don't build with -DSSL_FORBID_ENULL
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Mar 1 14:40:18 UTC 2016 - vcizek@suse.com
|
||||
|
||||
|
27
openssl.spec
27
openssl.spec
@ -73,7 +73,17 @@ Patch34: openssl-fips-hidden.patch
|
||||
Patch35: openssl-1.0.1e-add-suse-default-cipher.patch
|
||||
Patch37: openssl-1.0.1e-add-test-suse-default-cipher-suite.patch
|
||||
Patch38: openssl-missing_FIPS_ec_group_new_by_curve_name.patch
|
||||
Patch40: bsc936563_hack.patch
|
||||
# FIPS patches from SLE-12
|
||||
Patch50: openssl-fips_disallow_x931_rand_method.patch
|
||||
Patch51: openssl-fips_disallow_ENGINE_loading.patch
|
||||
Patch52: openssl-fips_RSA_compute_d_with_lcm.patch
|
||||
Patch53: openssl-rsakeygen-minimum-distance.patch
|
||||
Patch54: openssl-urandom-reseeding.patch
|
||||
Patch55: openssl-fips-rsagen-d-bits.patch
|
||||
Patch56: openssl-fips-selftests_in_nonfips_mode.patch
|
||||
Patch57: openssl-fips-fix-odd-rsakeybits.patch
|
||||
Patch58: openssl-fips-clearerror.patch
|
||||
Patch59: openssl-fips-dont-fall-back-to-default-digest.patch
|
||||
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||
|
||||
@ -184,15 +194,21 @@ this package's base documentation.
|
||||
%patch35 -p1
|
||||
%patch37 -p1
|
||||
%patch38 -p1
|
||||
%patch50 -p1
|
||||
%patch51 -p1
|
||||
%patch52 -p1
|
||||
%patch53 -p1
|
||||
%patch54 -p1
|
||||
%patch55 -p1
|
||||
%patch56 -p1
|
||||
%patch57 -p1
|
||||
%patch58 -p1
|
||||
%patch59 -p1
|
||||
%if 0%{?suse_version} >= 1120
|
||||
%patch3
|
||||
%endif
|
||||
%patch8 -p1
|
||||
%patch14 -p1
|
||||
#workaround https://gcc.gnu.org/bugzilla/show_bug.cgi?id=66728
|
||||
%ifarch ppc64le
|
||||
%patch40 -p1
|
||||
%endif
|
||||
cp -p %{S:10} .
|
||||
cp -p %{S:11} .
|
||||
echo "adding/overwriting some entries in the 'table' hash in Configure"
|
||||
@ -264,7 +280,6 @@ $RPM_OPT_FLAGS -O3 -std=gnu99 \
|
||||
-fno-common \
|
||||
-DTERMIO \
|
||||
-DPURIFY \
|
||||
-DSSL_FORBID_ENULL \
|
||||
-D_GNU_SOURCE \
|
||||
-DOPENSSL_NO_BUF_FREELISTS \
|
||||
$(getconf LFS_CFLAGS) \
|
||||
|
Loading…
Reference in New Issue
Block a user