openvpn/openvpn-fips140-2.3.2.patch

97 lines
3.5 KiB
Diff

diff --git a/src/openvpn/crypto.c b/src/openvpn/crypto.c
index 4b54279..09659aa 100644
--- a/src/openvpn/crypto.c
+++ b/src/openvpn/crypto.c
@@ -877,7 +877,7 @@ init_key_ctx(struct key_ctx *ctx, struct key *key,
if (kt->digest && kt->hmac_length > 0)
{
ALLOC_OBJ(ctx->hmac, hmac_ctx_t);
- hmac_ctx_init(ctx->hmac, key->hmac, kt->hmac_length, kt->digest);
+ hmac_ctx_init(ctx->hmac, key->hmac, kt->hmac_length, kt->digest, 0);
msg(D_HANDSHAKE,
"%s: Using %d bit message hash '%s' for HMAC authentication",
diff --git a/src/openvpn/crypto_backend.h b/src/openvpn/crypto_backend.h
index 2c79baa..81848c9 100644
--- a/src/openvpn/crypto_backend.h
+++ b/src/openvpn/crypto_backend.h
@@ -557,10 +557,11 @@ void md_ctx_final(md_ctx_t *ctx, uint8_t *dst);
* @param key The key to use for the HMAC
* @param key_len The key length to use
* @param kt Static message digest parameters
+ * @param prf_use Intended use for PRF in TLS protocol
*
*/
void hmac_ctx_init(hmac_ctx_t *ctx, const uint8_t *key, int key_length,
- const md_kt_t *kt);
+ const md_kt_t *kt, bool prf_use);
/*
* Free the given HMAC context.
diff --git a/src/openvpn/crypto_openssl.c b/src/openvpn/crypto_openssl.c
index 881a2d1..deb41c7 100644
--- a/src/openvpn/crypto_openssl.c
+++ b/src/openvpn/crypto_openssl.c
@@ -891,13 +891,17 @@ md_ctx_final(EVP_MD_CTX *ctx, uint8_t *dst)
void
hmac_ctx_init(HMAC_CTX *ctx, const uint8_t *key, int key_len,
- const EVP_MD *kt)
+ const EVP_MD *kt, bool prf_use)
{
ASSERT(NULL != kt && NULL != ctx);
CLEAR(*ctx);
HMAC_CTX_init(ctx);
+ /* FIPS 140-2 explicitly allows MD5 for the use in PRF although it is not
+ * to be used anywhere else */
+ if(kt == EVP_md5() && prf_use)
+ HMAC_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
HMAC_Init_ex(ctx, key, key_len, kt, NULL);
/* make sure we used a big enough key */
diff --git a/src/openvpn/ntlm.c b/src/openvpn/ntlm.c
index 0c43681..c3d5613 100644
--- a/src/openvpn/ntlm.c
+++ b/src/openvpn/ntlm.c
@@ -89,7 +89,7 @@ gen_hmac_md5(const char *data, int data_len, const char *key, int key_len,char *
hmac_ctx_t hmac_ctx;
CLEAR(hmac_ctx);
- hmac_ctx_init(&hmac_ctx, key, key_len, md5_kt);
+ hmac_ctx_init(&hmac_ctx, key, key_len, md5_kt, 0);
hmac_ctx_update(&hmac_ctx, (const unsigned char *)data, data_len);
hmac_ctx_final(&hmac_ctx, (unsigned char *)result);
hmac_ctx_cleanup(&hmac_ctx);
diff --git a/src/openvpn/options.c b/src/openvpn/options.c
index 9fef394..6b52dec 100644
--- a/src/openvpn/options.c
+++ b/src/openvpn/options.c
@@ -850,6 +850,10 @@ init_options(struct options *o, const bool init_gc)
#endif
#ifdef ENABLE_CRYPTO
o->ciphername = "BF-CBC";
+#ifdef OPENSSL_FIPS
+ if(FIPS_mode())
+ o->ciphername = "AES-256-CBC";
+#endif
#ifdef HAVE_AEAD_CIPHER_MODES /* IV_NCP=2 requires GCM support */
o->ncp_enabled = true;
#else
diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c
index 51c7b95..2f89df7 100644
--- a/src/openvpn/ssl.c
+++ b/src/openvpn/ssl.c
@@ -1626,8 +1626,8 @@ tls1_P_hash(const md_kt_t *md_kt,
chunk = md_kt_size(md_kt);
A1_len = md_kt_size(md_kt);
- hmac_ctx_init(&ctx, sec, sec_len, md_kt);
- hmac_ctx_init(&ctx_tmp, sec, sec_len, md_kt);
+ hmac_ctx_init(&ctx, sec, sec_len, md_kt, 1);
+ hmac_ctx_init(&ctx_tmp, sec, sec_len, md_kt, 1);
hmac_ctx_update(&ctx,seed,seed_len);
hmac_ctx_final(&ctx, A1);