forked from pool/openssl-1_1
Pedro Monreal Gonzalez
8f01c56ec8
- Update to 1.1.1w:
* Fix POLY1305 MAC implementation corrupting XMM registers on Windows.
The POLY1305 MAC (message authentication code) implementation in OpenSSL
does not save the contents of non-volatile XMM registers on Windows 64
platform when calculating the MAC of data larger than 64 bytes. Before
returning to the caller all the XMM registers are set to zero rather than
restoring their previous content. The vulnerable code is used only on newer
x86_64 processors supporting the AVX512-IFMA instructions.
The consequences of this kind of internal application state corruption can
be various - from no consequences, if the calling application does not
depend on the contents of non-volatile XMM registers at all, to the worst
consequences, where the attacker could get complete control of the
application process. However given the contents of the registers are just
zeroized so the attacker cannot put arbitrary values inside, the most likely
consequence, if any, would be an incorrect result of some application
dependent calculations or a crash leading to a denial of service.
(CVE-2023-4807)
- Add missing FIPS patches from SLE:
* Add patches:
- bsc1185319-FIPS-KAT-for-ECDSA.patch
- bsc1198207-FIPS-add-hash_hmac-drbg-kat.patch
- openssl-1.1.1-fips-fix-memory-leaks.patch
- openssl-1_1-FIPS-PBKDF2-KAT-requirements.patch
- openssl-1_1-FIPS_drbg-rewire.patch
- openssl-1_1-Zeroization.patch
- openssl-1_1-fips-drbg-selftest.patch
- openssl-1_1-fips-list-only-approved-digest-and-pubkey-algorithms.patch
- openssl-1_1-jitterentropy-3.4.0.patch
- openssl-1_1-ossl-sli-000-fix-build-error.patch
OBS-URL: https://build.opensuse.org/request/show/1111331
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=144
105 lines
2.9 KiB
Diff
105 lines
2.9 KiB
Diff
---
|
|
crypto/asn1/ameth_lib.c | 18 ++++++++++++++++++
|
|
crypto/asn1/standard_methods.h | 29 +++++++++++++++++++++++++++++
|
|
crypto/evp/c_alld.c | 6 +++++-
|
|
3 files changed, 52 insertions(+), 1 deletion(-)
|
|
|
|
--- a/crypto/asn1/ameth_lib.c
|
|
+++ b/crypto/asn1/ameth_lib.c
|
|
@@ -35,7 +35,11 @@ IMPLEMENT_OBJ_BSEARCH_CMP_FN(const EVP_P
|
|
|
|
int EVP_PKEY_asn1_get_count(void)
|
|
{
|
|
+#ifdef OPENSSL_FIPS
|
|
+ int num = FIPS_mode() ? OSSL_NELEM(standard_fips_methods) : OSSL_NELEM(standard_methods);
|
|
+#else
|
|
int num = OSSL_NELEM(standard_methods);
|
|
+#endif
|
|
if (app_methods)
|
|
num += sk_EVP_PKEY_ASN1_METHOD_num(app_methods);
|
|
return num;
|
|
@@ -43,11 +47,19 @@ int EVP_PKEY_asn1_get_count(void)
|
|
|
|
const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_get0(int idx)
|
|
{
|
|
+#ifdef OPENSSL_FIPS
|
|
+ int num = FIPS_mode() ? OSSL_NELEM(standard_fips_methods) : OSSL_NELEM(standard_methods);
|
|
+#else
|
|
int num = OSSL_NELEM(standard_methods);
|
|
+#endif
|
|
if (idx < 0)
|
|
return NULL;
|
|
if (idx < num)
|
|
+#ifdef OPENSSL_FIPS
|
|
+ return FIPS_mode() ? standard_fips_methods[idx] : standard_methods[idx];
|
|
+#else
|
|
return standard_methods[idx];
|
|
+#endif
|
|
idx -= num;
|
|
return sk_EVP_PKEY_ASN1_METHOD_value(app_methods, idx);
|
|
}
|
|
@@ -63,7 +75,13 @@ static const EVP_PKEY_ASN1_METHOD *pkey_
|
|
if (idx >= 0)
|
|
return sk_EVP_PKEY_ASN1_METHOD_value(app_methods, idx);
|
|
}
|
|
+#ifdef OPENSSL_FIPS
|
|
+ ret = FIPS_mode() ? \
|
|
+ OBJ_bsearch_ameth(&t, standard_fips_methods, OSSL_NELEM(standard_fips_methods)) : \
|
|
+ OBJ_bsearch_ameth(&t, standard_methods, OSSL_NELEM(standard_methods));
|
|
+#else
|
|
ret = OBJ_bsearch_ameth(&t, standard_methods, OSSL_NELEM(standard_methods));
|
|
+#endif
|
|
if (!ret || !*ret)
|
|
return NULL;
|
|
return *ret;
|
|
--- a/crypto/asn1/standard_methods.h
|
|
+++ b/crypto/asn1/standard_methods.h
|
|
@@ -59,3 +59,32 @@ static const EVP_PKEY_ASN1_METHOD *stand
|
|
#endif
|
|
};
|
|
|
|
+static const EVP_PKEY_ASN1_METHOD *standard_fips_methods[] = {
|
|
+#ifndef OPENSSL_NO_RSA
|
|
+ &rsa_asn1_meths[0],
|
|
+ &rsa_asn1_meths[1],
|
|
+#endif
|
|
+#ifndef OPENSSL_NO_DH
|
|
+ &dh_asn1_meth,
|
|
+#endif
|
|
+#ifndef OPENSSL_NO_DSA
|
|
+ &dsa_asn1_meths[0],
|
|
+ &dsa_asn1_meths[1],
|
|
+ &dsa_asn1_meths[2],
|
|
+ &dsa_asn1_meths[3],
|
|
+ &dsa_asn1_meths[4],
|
|
+#endif
|
|
+#ifndef OPENSSL_NO_EC
|
|
+ &eckey_asn1_meth,
|
|
+#endif
|
|
+ &hmac_asn1_meth,
|
|
+#ifndef OPENSSL_NO_CMAC
|
|
+ &cmac_asn1_meth,
|
|
+#endif
|
|
+#ifndef OPENSSL_NO_RSA
|
|
+ &rsa_pss_asn1_meth,
|
|
+#endif
|
|
+#ifndef OPENSSL_NO_DH
|
|
+ &dhx_asn1_meth,
|
|
+#endif
|
|
+};
|
|
--- a/crypto/evp/c_alld.c
|
|
+++ b/crypto/evp/c_alld.c
|
|
@@ -17,7 +17,11 @@
|
|
void openssl_add_all_digests_int(void)
|
|
{
|
|
#ifdef OPENSSL_FIPS
|
|
- if (!FIPS_mode()) {
|
|
+ /*
|
|
+ * This function is called from FIPS_selftest_ecdsa() before FIPS mode is
|
|
+ * turned on. That is the reason why we need to also check fips_in_post().
|
|
+ */
|
|
+ if (!FIPS_mode() && !fips_in_post()) {
|
|
#endif
|
|
#ifndef OPENSSL_NO_MD4
|
|
EVP_add_digest(EVP_md4());
|