From a33c0d811ad976561e5cb5bfc8431c1a286e796b Mon Sep 17 00:00:00 2001 From: Nirmoy Das Date: Fri, 23 Jun 2017 11:00:08 +0200 Subject: [PATCH] fips-140 Signed-off-by: Nirmoy Das --- src/openvpn/crypto.c | 2 +- src/openvpn/crypto_backend.h | 3 ++- src/openvpn/crypto_openssl.c | 6 +++++- src/openvpn/ntlm.c | 2 +- src/openvpn/options.c | 4 ++++ src/openvpn/ssl.c | 4 ++-- 6 files changed, 15 insertions(+), 6 deletions(-) --- src/openvpn/crypto.c.orig +++ src/openvpn/crypto.c @@ -849,7 +849,7 @@ init_key_ctx(struct key_ctx *ctx, const if (kt->digest && kt->hmac_length > 0) { ctx->hmac = hmac_ctx_new(); - hmac_ctx_init(ctx->hmac, key->hmac, kt->hmac_length, kt->digest); + hmac_ctx_init(ctx->hmac, key->hmac, kt->hmac_length, kt->digest, 0); msg(D_HANDSHAKE, "%s: Using %d bit message hash '%s' for HMAC authentication", --- src/openvpn/crypto_backend.h.orig +++ src/openvpn/crypto_backend.h @@ -634,10 +634,11 @@ void hmac_ctx_free(hmac_ctx_t *ctx); * @param key The key to use for the HMAC * @param key_len The key length to use * @param kt Static message digest parameters + * @param prf_use Intended use for PRF in TLS protocol * */ void hmac_ctx_init(hmac_ctx_t *ctx, const uint8_t *key, int key_length, - const md_kt_t *kt); + const md_kt_t *kt, bool prf_use); /* * Free the given HMAC context. --- src/openvpn/crypto_openssl.c.orig +++ src/openvpn/crypto_openssl.c @@ -1008,11 +1008,15 @@ hmac_ctx_free(HMAC_CTX *ctx) void hmac_ctx_init(HMAC_CTX *ctx, const uint8_t *key, int key_len, - const EVP_MD *kt) + const EVP_MD *kt, bool prf_use) { ASSERT(NULL != kt && NULL != ctx); HMAC_CTX_reset(ctx); + /* FIPS 140-2 explicitly allows MD5 for the use in PRF although it is not + * * to be used anywhere else */ + if(kt == EVP_md5() && prf_use) + HMAC_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); HMAC_Init_ex(ctx, key, key_len, kt, NULL); /* make sure we used a big enough key */ --- src/openvpn/ntlm.c.orig +++ src/openvpn/ntlm.c @@ -88,7 +88,7 @@ gen_hmac_md5(const uint8_t *data, int da const md_kt_t *md5_kt = md_kt_get("MD5"); hmac_ctx_t *hmac_ctx = hmac_ctx_new(); - hmac_ctx_init(hmac_ctx, key, key_len, md5_kt); + hmac_ctx_init(hmac_ctx, key, key_len, md5_kt, 0); hmac_ctx_update(hmac_ctx, data, data_len); hmac_ctx_final(hmac_ctx, result); hmac_ctx_cleanup(hmac_ctx); --- src/openvpn/options.c.orig +++ src/openvpn/options.c @@ -850,6 +850,10 @@ init_options(struct options *o, const bo o->tcp_queue_limit = 64; o->max_clients = 1024; o->max_routes_per_client = 256; +#ifdef OPENSSL_FIPS + if(FIPS_mode()) + o->ciphername = "AES-256-CBC"; +#endif o->stale_routes_check_interval = 0; o->ifconfig_pool_persist_refresh_freq = 600; #if P2MP @@ -3087,6 +3091,12 @@ options_postprocess_cipher(struct option if (!o->ciphername) { o->ciphername = "BF-CBC"; +#ifdef OPENSSL_FIPS + if (FIPS_mode()) + { + o->ciphername = "AES-256-CBC"; + } +#endif } return; } @@ -3109,6 +3119,12 @@ options_postprocess_cipher(struct option /* We still need to set the ciphername to BF-CBC since various other * parts of OpenVPN assert that the ciphername is set */ o->ciphername = "BF-CBC"; +#ifdef OPENSSL_FIPS + if (FIPS_mode()) + { + o->ciphername = "AES-256-CBC"; + } +#endif } else if (!o->enable_ncp_fallback && !tls_item_in_cipher_list(o->ciphername, o->ncp_ciphers)) --- src/openvpn/ssl.c.orig +++ src/openvpn/ssl.c @@ -1661,8 +1661,8 @@ tls1_P_hash(const md_kt_t *md_kt, int chunk = md_kt_size(md_kt); unsigned int A1_len = md_kt_size(md_kt); - hmac_ctx_init(ctx, sec, sec_len, md_kt); - hmac_ctx_init(ctx_tmp, sec, sec_len, md_kt); + hmac_ctx_init(ctx, sec, sec_len, md_kt, 1); + hmac_ctx_init(ctx_tmp, sec, sec_len, md_kt, 1); hmac_ctx_update(ctx,seed,seed_len); hmac_ctx_final(ctx, A1);