fips: Prohibit SHA1 in DH & ECDH exchange

author Dimitri John Ledkov <dimitri.ledkov@surgut.co.uk>

Mon, 23 Sep 2024 11:57:22 +0000 (12:57 +0100)

committer Tomas Mraz <tomas@openssl.org>

Fri, 27 Sep 2024 07:13:05 +0000 (09:13 +0200)
author Dimitri John Ledkov <dimitri.ledkov@surgut.co.uk>
Mon, 23 Sep 2024 11:57:22 +0000 (12:57 +0100)
committer Tomas Mraz <tomas@openssl.org>
Fri, 27 Sep 2024 07:13:05 +0000 (09:13 +0200)
diff --git a/CHANGES.md b/CHANGES.md

index 69f9620e865a1307f9aa1d789fa509037da96d2f..305296ac3edcd9aa0a9ce72c493b1281e881a71d 100644 (file)
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -83,7 +83,7 @@ OpenSSL 3.4
  
     [fips_module(7)]: https://docs.openssl.org/master/man7/fips_module/#FIPS indicators
  
-   *Shane Lontis, Paul Dale and Po-Hsing Wu*
+   *Shane Lontis, Paul Dale, Po-Hsing Wu and Dimitri John Ledkov*
  
   * Added support for hardware acceleration for HMAC on S390x architecture.
  
diff --git a/providers/common/securitycheck_fips.c b/providers/common/securitycheck_fips.c

index 76d95d179c2396cf329a0199bf41e7b4dca7bf74..c02fa960c096912cc7287963a31b16df66516943 100644 (file)
--- a/providers/common/securitycheck_fips.c
+++ b/providers/common/securitycheck_fips.c
@@ -78,11 +78,12 @@ int ossl_fips_ind_ec_key_check(OSSL_FIPS_IND *ind, int id,
  }
  #endif
  
-int ossl_fips_ind_digest_check(OSSL_FIPS_IND *ind, int id,
-                               OSSL_LIB_CTX *libctx,
-                               const EVP_MD *md, const char *desc)
+int ossl_fips_ind_digest_exch_check(OSSL_FIPS_IND *ind, int id,
+                                    OSSL_LIB_CTX *libctx,
+                                    const EVP_MD *md, const char *desc)
  {
-    int approved = (ossl_digest_get_approved_nid(md) != NID_undef);
+    int nid = ossl_digest_get_approved_nid(md);
+    int approved = (nid != NID_undef && nid != NID_sha1);
  
      if (!approved) {
          if (!ossl_FIPS_IND_on_unapproved(ind, id, libctx, desc, "Digest",
diff --git a/providers/fips/include/fips/fipsindicator.h b/providers/fips/include/fips/fipsindicator.h

index 405b800dbcfd841f95a9cfdfb22bb3474d5af7d4..045d2108d549a0ad528179e85a7d7959d7109253 100644 (file)
--- a/providers/fips/include/fips/fipsindicator.h
+++ b/providers/fips/include/fips/fipsindicator.h
@@ -129,8 +129,8 @@ int ossl_fips_ind_ec_key_check(OSSL_FIPS_IND *ind, int id, OSSL_LIB_CTX *libctx,
                                 const EC_GROUP *group, const char *desc,
                                 int protect);
  # endif
-int ossl_fips_ind_digest_check(OSSL_FIPS_IND *ind, int id, OSSL_LIB_CTX *libctx,
-                               const EVP_MD *md, const char *desc);
+int ossl_fips_ind_digest_exch_check(OSSL_FIPS_IND *ind, int id, OSSL_LIB_CTX *libctx,
+                                    const EVP_MD *md, const char *desc);
  int ossl_fips_ind_digest_sign_check(OSSL_FIPS_IND *ind, int id,
                                      OSSL_LIB_CTX *libctx,
                                      int nid, int sha1_allowed,
diff --git a/providers/implementations/exchange/dh_exch.c b/providers/implementations/exchange/dh_exch.c

index 19007cae9560cbb6862c7cbd9ac4ded56d59e646..b7fee87cc91a13d53e5f98ae88ff0eb0d0ec6629 100644 (file)
--- a/providers/implementations/exchange/dh_exch.c
+++ b/providers/implementations/exchange/dh_exch.c
@@ -113,9 +113,9 @@ static int dh_check_key(PROV_DH_CTX *ctx)
  
  static int digest_check(PROV_DH_CTX *ctx, const EVP_MD *md)
  {
-    return ossl_fips_ind_digest_check(OSSL_FIPS_IND_GET(ctx),
-                                      OSSL_FIPS_IND_SETTABLE1, ctx->libctx,
-                                      md, "DH Set Ctx");
+    return ossl_fips_ind_digest_exch_check(OSSL_FIPS_IND_GET(ctx),
+                                           OSSL_FIPS_IND_SETTABLE1, ctx->libctx,
+                                           md, "DH Set Ctx");
  }
  #endif
  
diff --git a/providers/implementations/exchange/ecdh_exch.c b/providers/implementations/exchange/ecdh_exch.c

index 409d047453600a1a9d5625c9e565bf0d5c7b879b..ee56c1c26c6e1ed4e85e9339636ec8dbb7ee1147 100644 (file)
--- a/providers/implementations/exchange/ecdh_exch.c
+++ b/providers/implementations/exchange/ecdh_exch.c
@@ -320,9 +320,9 @@ int ecdh_set_ctx_params(void *vpecdhctx, const OSSL_PARAM params[])
              return 0;
          }
  #ifdef FIPS_MODULE
-        if (!ossl_fips_ind_digest_check(OSSL_FIPS_IND_GET(pectx),
-                                        OSSL_FIPS_IND_SETTABLE1, pectx->libctx,
-                                        pectx->kdf_md, "ECDH Set Ctx")) {
+        if (!ossl_fips_ind_digest_exch_check(OSSL_FIPS_IND_GET(pectx),
+                                             OSSL_FIPS_IND_SETTABLE1, pectx->libctx,
+                                             pectx->kdf_md, "ECDH Set Ctx")) {
              EVP_MD_free(pectx->kdf_md);
              pectx->kdf_md = NULL;
              return 0;
diff --git a/test/recipes/80-test_cms.t b/test/recipes/80-test_cms.t

index f060f47c125601c1111f487a88afde9d3f00ca68..9ee474fd807bc615dd4844704d5bc928cfa01e8d 100644 (file)
--- a/test/recipes/80-test_cms.t
+++ b/test/recipes/80-test_cms.t
@@ -647,18 +647,24 @@ my @smime_cms_param_tests = (
        [ "{cmd2}", @defaultprov, "-decrypt", "-recip", catfile($smdir, "smec2.pem"),
          "-in", "{output}.cms", "-out", "{output}.txt" ],
        \&final_compare
-    ],
-
-    [ "enveloped content test streaming S/MIME format, X9.42 DH",
-      [ "{cmd1}", @prov, "-encrypt", "-in", $smcont,
-        "-stream", "-out", "{output}.cms",
-        "-recip", catfile($smdir, "smdh.pem"), "-aes128" ],
-      [ "{cmd2}", @prov, "-decrypt", "-recip", catfile($smdir, "smdh.pem"),
-        "-in", "{output}.cms", "-out", "{output}.txt" ],
-      \&final_compare
      ]
  );
  
+if ($no_fips || $old_fips) {
+    # Only SHA1 supported in dh_cms_encrypt()
+    push(@smime_cms_param_tests,
+
+        [ "enveloped content test streaming S/MIME format, X9.42 DH",
+          [ "{cmd1}", @prov, "-encrypt", "-in", $smcont,
+            "-stream", "-out", "{output}.cms",
+            "-recip", catfile($smdir, "smdh.pem"), "-aes128" ],
+          [ "{cmd2}", @prov, "-decrypt", "-recip", catfile($smdir, "smdh.pem"),
+            "-in", "{output}.cms", "-out", "{output}.txt" ],
+          \&final_compare
+        ]
+    );
+}
+
  my @smime_cms_param_tests_autodigestmax = (
      [ "signed content test streaming PEM format, RSA keys, PSS signature, saltlen=auto-digestmax, digestsize < maximum salt length",
        [ "{cmd1}", @prov, "-sign", "-in", $smcont, "-outform", "PEM", "-nodetach",
author	Dimitri John Ledkov <dimitri.ledkov@surgut.co.uk>
	Mon, 23 Sep 2024 11:57:22 +0000 (12:57 +0100)
committer	Tomas Mraz <tomas@openssl.org>
	Fri, 27 Sep 2024 07:13:05 +0000 (09:13 +0200)
CHANGES.md		patch \| blob \| blame \| history
providers/common/securitycheck_fips.c		patch \| blob \| blame \| history
providers/fips/include/fips/fipsindicator.h		patch \| blob \| blame \| history
providers/implementations/exchange/dh_exch.c		patch \| blob \| blame \| history
providers/implementations/exchange/ecdh_exch.c		patch \| blob \| blame \| history
test/recipes/80-test_cms.t		patch \| blob \| blame \| history