From: slontis Date: Mon, 30 Sep 2024 05:37:57 +0000 (+1000) Subject: Allow SHA256-192 to be used internally in the FIPS provider. X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=1c2fc7c3e04cc1334fa7a88454e5614e3b13dd6d;p=thirdparty%2Fopenssl.git Allow SHA256-192 to be used internally in the FIPS provider. Created an internal digest table that contains sha256_192. Also moved the KECCAK_KMAC_128/256 entries to this internal table since it is only used by KMAC. Reviewed-by: Viktor Dukhovni Reviewed-by: Matt Caswell Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/27885) --- diff --git a/doc/man7/OSSL_PROVIDER-FIPS.pod b/doc/man7/OSSL_PROVIDER-FIPS.pod index dbce55e3701..d979f9c722d 100644 --- a/doc/man7/OSSL_PROVIDER-FIPS.pod +++ b/doc/man7/OSSL_PROVIDER-FIPS.pod @@ -67,9 +67,11 @@ The OpenSSL FIPS provider supports these operations and algorithms: =item SHA3, see L +=item SHAKE, see L + =item KECCAK-KMAC, see L -=item SHAKE, see L +KECCAK-KMAC is only used internally as a sub algorithm of KMAC. =back diff --git a/providers/fips/fipsprov.c b/providers/fips/fipsprov.c index 756ca874bb7..15467a3deae 100644 --- a/providers/fips/fipsprov.c +++ b/providers/fips/fipsprov.c @@ -269,27 +269,33 @@ static int fips_self_test(void *provctx) * NIST uses, or that are used for ASN.1 OBJECT IDENTIFIERs, or names * we have used historically. */ -static const OSSL_ALGORITHM fips_digests[] = { - /* Our primary name:NiST name[:our older names] */ - { PROV_NAMES_SHA1, FIPS_DEFAULT_PROPERTIES, ossl_sha1_functions }, - { PROV_NAMES_SHA2_224, FIPS_DEFAULT_PROPERTIES, ossl_sha224_functions }, - { PROV_NAMES_SHA2_256, FIPS_DEFAULT_PROPERTIES, ossl_sha256_functions }, - { PROV_NAMES_SHA2_384, FIPS_DEFAULT_PROPERTIES, ossl_sha384_functions }, - { PROV_NAMES_SHA2_512, FIPS_DEFAULT_PROPERTIES, ossl_sha512_functions }, - { PROV_NAMES_SHA2_512_224, FIPS_DEFAULT_PROPERTIES, - ossl_sha512_224_functions }, - { PROV_NAMES_SHA2_512_256, FIPS_DEFAULT_PROPERTIES, - ossl_sha512_256_functions }, - - /* We agree with NIST here, so one name only */ - { PROV_NAMES_SHA3_224, FIPS_DEFAULT_PROPERTIES, ossl_sha3_224_functions }, - { PROV_NAMES_SHA3_256, FIPS_DEFAULT_PROPERTIES, ossl_sha3_256_functions }, - { PROV_NAMES_SHA3_384, FIPS_DEFAULT_PROPERTIES, ossl_sha3_384_functions }, - { PROV_NAMES_SHA3_512, FIPS_DEFAULT_PROPERTIES, ossl_sha3_512_functions }, - - { PROV_NAMES_SHAKE_128, FIPS_DEFAULT_PROPERTIES, ossl_shake_128_functions }, - { PROV_NAMES_SHAKE_256, FIPS_DEFAULT_PROPERTIES, ossl_shake_256_functions }, +#define FIPS_DIGESTS_COMMON() \ +{ PROV_NAMES_SHA1, FIPS_DEFAULT_PROPERTIES, ossl_sha1_functions }, \ +{ PROV_NAMES_SHA2_224, FIPS_DEFAULT_PROPERTIES, ossl_sha224_functions }, \ +{ PROV_NAMES_SHA2_256, FIPS_DEFAULT_PROPERTIES, ossl_sha256_functions }, \ +{ PROV_NAMES_SHA2_384, FIPS_DEFAULT_PROPERTIES, ossl_sha384_functions }, \ +{ PROV_NAMES_SHA2_512, FIPS_DEFAULT_PROPERTIES, ossl_sha512_functions }, \ +{ PROV_NAMES_SHA2_512_224, FIPS_DEFAULT_PROPERTIES, \ + ossl_sha512_224_functions }, \ +{ PROV_NAMES_SHA2_512_256, FIPS_DEFAULT_PROPERTIES, \ + ossl_sha512_256_functions }, \ +{ PROV_NAMES_SHA3_224, FIPS_DEFAULT_PROPERTIES, ossl_sha3_224_functions }, \ +{ PROV_NAMES_SHA3_256, FIPS_DEFAULT_PROPERTIES, ossl_sha3_256_functions }, \ +{ PROV_NAMES_SHA3_384, FIPS_DEFAULT_PROPERTIES, ossl_sha3_384_functions }, \ +{ PROV_NAMES_SHA3_512, FIPS_DEFAULT_PROPERTIES, ossl_sha3_512_functions }, \ +{ PROV_NAMES_SHAKE_128, FIPS_DEFAULT_PROPERTIES, ossl_shake_128_functions }, \ +{ PROV_NAMES_SHAKE_256, FIPS_DEFAULT_PROPERTIES, ossl_shake_256_functions } + +static const OSSL_ALGORITHM fips_digests[] = { + FIPS_DIGESTS_COMMON(), + { NULL, NULL, NULL } +}; +static const OSSL_ALGORITHM fips_digests_internal[] = { + FIPS_DIGESTS_COMMON(), + /* Used by LMS/HSS */ + { PROV_NAMES_SHA2_256_192, FIPS_DEFAULT_PROPERTIES, + ossl_sha256_192_functions }, /* * KECCAK-KMAC-128 and KECCAK-KMAC-256 as hashes are mostly useful for * KMAC128 and KMAC256. @@ -706,11 +712,14 @@ static const OSSL_ALGORITHM *fips_query(void *provctx, int operation_id, static const OSSL_ALGORITHM *fips_query_internal(void *provctx, int operation_id, int *no_cache) { - if (operation_id == OSSL_OP_MAC) { + int is_digest_op = (operation_id == OSSL_OP_DIGEST); + + if (is_digest_op + || operation_id == OSSL_OP_MAC) { *no_cache = 0; if (!ossl_prov_is_running()) return NULL; - return fips_macs_internal; + return is_digest_op ? fips_digests_internal : fips_macs_internal; } return fips_query(provctx, operation_id, no_cache); } diff --git a/providers/implementations/digests/sha2_prov.c b/providers/implementations/digests/sha2_prov.c index afe4851a408..d32152b7865 100644 --- a/providers/implementations/digests/sha2_prov.c +++ b/providers/implementations/digests/sha2_prov.c @@ -1,5 +1,5 @@ /* - * Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2024 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -71,12 +71,10 @@ IMPLEMENT_digest_functions(sha224, SHA256_CTX, IMPLEMENT_digest_functions(sha256, SHA256_CTX, SHA256_CBLOCK, SHA256_DIGEST_LENGTH, SHA2_FLAGS, SHA256_Init, SHA256_Update, SHA256_Final) -#ifndef FIPS_MODULE /* ossl_sha256_192_functions */ IMPLEMENT_digest_functions(sha256_192, SHA256_CTX, SHA256_CBLOCK, SHA256_192_DIGEST_LENGTH, SHA2_FLAGS, ossl_sha256_192_init, SHA256_Update, SHA256_Final) -#endif /* ossl_sha384_functions */ IMPLEMENT_digest_functions(sha384, SHA512_CTX, SHA512_CBLOCK, SHA384_DIGEST_LENGTH, SHA2_FLAGS,