From: slontis Date: Thu, 1 Aug 2024 07:52:56 +0000 (+1000) Subject: Add "no-fips-post" configure option. X-Git-Tag: openssl-3.4.0-alpha1~180 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=250a7adbea455051da09c24fdb669ef6133e493a;p=thirdparty%2Fopenssl.git Add "no-fips-post" configure option. Using this option disables the OpenSSL FIPS provider self tests. This is intended for debugging purposes only, as it breaks FIPS compliance. Reviewed-by: Tomas Mraz Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/25063) --- diff --git a/Configure b/Configure index ef1dbca1a98..84d6dd8539f 100755 --- a/Configure +++ b/Configure @@ -471,6 +471,7 @@ my @disablables = ( "filenames", "fips", "fips-securitychecks", + "fips-post", "fuzz-afl", "fuzz-libfuzzer", "gost", @@ -688,7 +689,7 @@ my @disable_cascades = ( "cmp" => [ "crmf" ], - "fips" => [ "fips-securitychecks", "acvp-tests" ], + "fips" => [ "fips-securitychecks", "fips-post", "acvp-tests" ], "threads" => [ "thread-pool" ], "thread-pool" => [ "default-thread-pool" ], diff --git a/INSTALL.md b/INSTALL.md index cd221a79714..c25bec82250 100644 --- a/INSTALL.md +++ b/INSTALL.md @@ -834,6 +834,13 @@ Build (and install) the FIPS provider Don't perform FIPS module run-time checks related to enforcement of security parameters such as minimum security strength of keys. +### no-fips-post + +Don't perform FIPS module Power On Self Tests. + +This option MUST be used for debugging only as it makes the FIPS provider +non-compliant. It is useful when setting breakpoints in FIPS algorithms. + ### enable-fuzz-libfuzzer, enable-fuzz-afl Build with support for fuzzing using either libfuzzer or AFL. diff --git a/providers/fips/fipsprov.c b/providers/fips/fipsprov.c index 796ff106498..4041909ac35 100644 --- a/providers/fips/fipsprov.c +++ b/providers/fips/fipsprov.c @@ -28,6 +28,12 @@ #include "crypto/context.h" #include "internal/core.h" +#if defined(OPENSSL_NO_FIPS_POST) +# define OSSL_FIPS_PROV_NAME "OpenSSL non-compliant FIPS Provider" +#else +# define OSSL_FIPS_PROV_NAME "OpenSSL FIPS Provider" +#endif + static const char FIPS_DEFAULT_PROPERTIES[] = "provider=fips,fips=yes"; static const char FIPS_UNAPPROVED_PROPERTIES[] = "provider=fips,fips=no"; @@ -311,7 +317,7 @@ static int fips_get_params(void *provctx, OSSL_PARAM params[]) OSSL_LIB_CTX_FIPS_PROV_INDEX); p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_NAME); - if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, "OpenSSL FIPS Provider")) + if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, OSSL_FIPS_PROV_NAME)) return 0; p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_VERSION); if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, OPENSSL_VERSION_STR)) diff --git a/providers/fips/self_test.c b/providers/fips/self_test.c index b8dc9817b28..7f92bd61a5c 100644 --- a/providers/fips/self_test.c +++ b/providers/fips/self_test.c @@ -50,9 +50,12 @@ static int FIPS_conditional_error_check = 1; static CRYPTO_RWLOCK *self_test_lock = NULL; -static unsigned char fixed_key[32] = { FIPS_KEY_ELEMENTS }; static CRYPTO_ONCE fips_self_test_init = CRYPTO_ONCE_STATIC_INIT; +#if !defined(OPENSSL_NO_FIPS_POST) +static unsigned char fixed_key[32] = { FIPS_KEY_ELEMENTS }; +#endif + DEFINE_RUN_ONCE_STATIC(do_fips_self_test_init) { /* @@ -172,6 +175,7 @@ DEP_FINI_ATTRIBUTE void cleanup(void) } #endif +#if !defined(OPENSSL_NO_FIPS_POST) /* * We need an explicit HMAC-SHA-256 KAT even though it is also * checked as part of the KDF KATs. Refer IG 10.3. @@ -287,6 +291,7 @@ err: EVP_MAC_free(mac); return ret; } +#endif /* OPENSSL_NO_FIPS_POST */ static void set_fips_state(int state) { @@ -296,16 +301,18 @@ static void set_fips_state(int state) /* This API is triggered either on loading of the FIPS module or on demand */ int SELF_TEST_post(SELF_TEST_POST_PARAMS *st, int on_demand_test) { + int loclstate; +#if !defined(OPENSSL_NO_FIPS_POST) int ok = 0; int kats_already_passed = 0; long checksum_len; OSSL_CORE_BIO *bio_module = NULL, *bio_indicator = NULL; unsigned char *module_checksum = NULL; unsigned char *indicator_checksum = NULL; - int loclstate; OSSL_SELF_TEST *ev = NULL; EVP_RAND *testrand = NULL; EVP_RAND_CTX *rng; +#endif if (!RUN_ONCE(&fips_self_test_init, do_fips_self_test_init)) return 0; @@ -322,6 +329,8 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS *st, int on_demand_test) if (!CRYPTO_THREAD_write_lock(self_test_lock)) return 0; + +#if !defined(OPENSSL_NO_FIPS_POST) loclstate = tsan_load(&FIPS_state); if (loclstate == FIPS_STATE_RUNNING) { if (!on_demand_test) { @@ -434,6 +443,11 @@ end: CRYPTO_THREAD_unlock(self_test_lock); return ok; +#else + set_fips_state(FIPS_STATE_RUNNING); + CRYPTO_THREAD_unlock(self_test_lock); + return 1; +#endif /* !defined(OPENSSL_NO_FIPS_POST) */ } void SELF_TEST_disable_conditional_error_state(void) diff --git a/test/recipes/03-test_fipsinstall.t b/test/recipes/03-test_fipsinstall.t index 9c82bd7f0f4..7332a2a0705 100644 --- a/test/recipes/03-test_fipsinstall.t +++ b/test/recipes/03-test_fipsinstall.t @@ -134,114 +134,128 @@ ok(run(app(['openssl', 'fipsinstall', '-in', 'fips.cnf', '-module', $infile, '-section_name', 'fips_sect', '-verify'])), "fipsinstall verify"); -ok(replace_line_file('module-mac', '', 'fips_no_module_mac.cnf') - && !run(app(['openssl', 'fipsinstall', - '-in', 'fips_no_module_mac.cnf', - '-module', $infile, - '-provider_name', 'fips', '-mac_name', 'HMAC', - '-macopt', 'digest:SHA256', '-macopt', "hexkey:01", - '-section_name', 'fips_sect', '-verify'])), - "fipsinstall verify fail no module mac"); - -ok(replace_line_file('install-mac', '', 'fips_no_install_mac.cnf') - && !run(app(['openssl', 'fipsinstall', - '-in', 'fips_no_install_mac.cnf', - '-module', $infile, - '-provider_name', 'fips', '-mac_name', 'HMAC', - '-macopt', 'digest:SHA256', '-macopt', "hexkey:01", - '-section_name', 'fips_sect', '-verify'])), - "fipsinstall verify fail no install indicator mac"); - -ok(replace_line_file('module-mac', '00:00:00:00:00:00', - 'fips_bad_module_mac.cnf') - && !run(app(['openssl', 'fipsinstall', - '-in', 'fips_bad_module_mac.cnf', - '-module', $infile, - '-provider_name', 'fips', '-mac_name', 'HMAC', - '-macopt', 'digest:SHA256', '-macopt', "hexkey:01", - '-section_name', 'fips_sect', '-verify'])), - "fipsinstall verify fail if invalid module integrity value"); - -ok(replace_line_file('install-mac', '00:00:00:00:00:00', - 'fips_bad_install_mac.cnf') - && !run(app(['openssl', 'fipsinstall', - '-in', 'fips_bad_install_mac.cnf', - '-module', $infile, - '-provider_name', 'fips', '-mac_name', 'HMAC', - '-macopt', 'digest:SHA256', '-macopt', "hexkey:01", - '-section_name', 'fips_sect', '-verify'])), - "fipsinstall verify fail if invalid install indicator integrity value"); - -ok(replace_line_file('install-status', 'INCORRECT_STATUS_STRING', - 'fips_bad_indicator.cnf') - && !run(app(['openssl', 'fipsinstall', - '-in', 'fips_bad_indicator.cnf', - '-module', $infile, - '-provider_name', 'fips', '-mac_name', 'HMAC', - '-macopt', 'digest:SHA256', '-macopt', "hexkey:01", - '-section_name', 'fips_sect', '-verify'])), - "fipsinstall verify fail if invalid install indicator status"); - -# fail to verify the fips.cnf file if a different key is used -ok(!run(app(['openssl', 'fipsinstall', '-in', 'fips.cnf', '-module', $infile, - '-provider_name', 'fips', '-mac_name', 'HMAC', - '-macopt', 'digest:SHA256', '-macopt', "hexkey:01", - '-section_name', 'fips_sect', '-verify'])), - "fipsinstall verify fail bad key"); - -# fail to verify the fips.cnf file if a different mac digest is used -ok(!run(app(['openssl', 'fipsinstall', '-in', 'fips.cnf', '-module', $infile, - '-provider_name', 'fips', '-mac_name', 'HMAC', - '-macopt', 'digest:SHA512', '-macopt', "hexkey:$fipskey", - '-section_name', 'fips_sect', '-verify'])), - "fipsinstall verify fail incorrect digest"); - -# corrupt the module hmac -ok(!run(app(['openssl', 'fipsinstall', '-out', 'fips.cnf', '-module', $infile, - '-provider_name', 'fips', '-mac_name', 'HMAC', - '-macopt', 'digest:SHA256', '-macopt', "hexkey:$fipskey", - '-section_name', 'fips_sect', '-corrupt_desc', 'HMAC'])), - "fipsinstall fails when the module integrity is corrupted"); +# Skip Tests if POST is disabled +SKIP: { + skip "Skipping POST checks", 13 + if disabled("fips-post"); -# corrupt the first digest -ok(!run(app(['openssl', 'fipsinstall', '-out', 'fips_fail.cnf', '-module', $infile, - '-provider_name', 'fips', '-mac_name', 'HMAC', - '-macopt', 'digest:SHA256', '-macopt', "hexkey:$fipskey", - '-section_name', 'fips_sect', '-corrupt_desc', 'SHA1'])), - "fipsinstall fails when the digest result is corrupted"); + ok(replace_line_file('module-mac', '', 'fips_no_module_mac.cnf') + && !run(app(['openssl', 'fipsinstall', + '-in', 'fips_no_module_mac.cnf', + '-module', $infile, + '-provider_name', 'fips', '-mac_name', 'HMAC', + '-macopt', 'digest:SHA256', '-macopt', "hexkey:01", + '-section_name', 'fips_sect', '-verify'])), + "fipsinstall verify fail no module mac"); + + ok(replace_line_file('install-mac', '', 'fips_no_install_mac.cnf') + && !run(app(['openssl', 'fipsinstall', + '-in', 'fips_no_install_mac.cnf', + '-module', $infile, + '-provider_name', 'fips', '-mac_name', 'HMAC', + '-macopt', 'digest:SHA256', '-macopt', "hexkey:01", + '-section_name', 'fips_sect', '-verify'])), + "fipsinstall verify fail no install indicator mac"); + + ok(replace_line_file('module-mac', '00:00:00:00:00:00', + 'fips_bad_module_mac.cnf') + && !run(app(['openssl', 'fipsinstall', + '-in', 'fips_bad_module_mac.cnf', + '-module', $infile, + '-provider_name', 'fips', '-mac_name', 'HMAC', + '-macopt', 'digest:SHA256', '-macopt', "hexkey:01", + '-section_name', 'fips_sect', '-verify'])), + "fipsinstall verify fail if invalid module integrity value"); + + ok(replace_line_file('install-mac', '00:00:00:00:00:00', + 'fips_bad_install_mac.cnf') + && !run(app(['openssl', 'fipsinstall', + '-in', 'fips_bad_install_mac.cnf', + '-module', $infile, + '-provider_name', 'fips', '-mac_name', 'HMAC', + '-macopt', 'digest:SHA256', '-macopt', "hexkey:01", + '-section_name', 'fips_sect', '-verify'])), + "fipsinstall verify fail if invalid install indicator integrity value"); + + ok(replace_line_file('install-status', 'INCORRECT_STATUS_STRING', + 'fips_bad_indicator.cnf') + && !run(app(['openssl', 'fipsinstall', + '-in', 'fips_bad_indicator.cnf', + '-module', $infile, + '-provider_name', 'fips', '-mac_name', 'HMAC', + '-macopt', 'digest:SHA256', '-macopt', "hexkey:01", + '-section_name', 'fips_sect', '-verify'])), + "fipsinstall verify fail if invalid install indicator status"); + + # fail to verify the fips.cnf file if a different key is used + ok(!run(app(['openssl', 'fipsinstall', '-in', 'fips.cnf', + '-module', $infile, + '-provider_name', 'fips', '-mac_name', 'HMAC', + '-macopt', 'digest:SHA256', '-macopt', "hexkey:01", + '-section_name', 'fips_sect', '-verify'])), + "fipsinstall verify fail bad key"); + + # fail to verify the fips.cnf file if a different mac digest is used + ok(!run(app(['openssl', 'fipsinstall', '-in', 'fips.cnf', + '-module', $infile, + '-provider_name', 'fips', '-mac_name', 'HMAC', + '-macopt', 'digest:SHA512', '-macopt', "hexkey:$fipskey", + '-section_name', 'fips_sect', '-verify'])), + "fipsinstall verify fail incorrect digest"); + + # corrupt the module hmac + ok(!run(app(['openssl', 'fipsinstall', '-out', 'fips.cnf', + '-module', $infile, + '-provider_name', 'fips', '-mac_name', 'HMAC', + '-macopt', 'digest:SHA256', '-macopt', "hexkey:$fipskey", + '-section_name', 'fips_sect', '-corrupt_desc', 'HMAC'])), + "fipsinstall fails when the module integrity is corrupted"); + + # corrupt the first digest + ok(!run(app(['openssl', 'fipsinstall', '-out', 'fips_fail.cnf', + '-module', $infile, + '-provider_name', 'fips', '-mac_name', 'HMAC', + '-macopt', 'digest:SHA256', '-macopt', "hexkey:$fipskey", + '-section_name', 'fips_sect', '-corrupt_desc', 'SHA1'])), + "fipsinstall fails when the digest result is corrupted"); -# corrupt another digest -ok(!run(app(['openssl', 'fipsinstall', '-out', 'fips_fail.cnf', '-module', $infile, - '-provider_name', 'fips', '-mac_name', 'HMAC', - '-macopt', 'digest:SHA256', '-macopt', "hexkey:$fipskey", - '-section_name', 'fips_sect', '-corrupt_desc', 'SHA3'])), - "fipsinstall fails when the digest result is corrupted"); + # corrupt another digest + ok(!run(app(['openssl', 'fipsinstall', '-out', 'fips_fail.cnf', + '-module', $infile, + '-provider_name', 'fips', '-mac_name', 'HMAC', + '-macopt', 'digest:SHA256', '-macopt', "hexkey:$fipskey", + '-section_name', 'fips_sect', '-corrupt_desc', 'SHA3'])), + "fipsinstall fails when the digest result is corrupted"); -# corrupt cipher encrypt test -ok(!run(app(['openssl', 'fipsinstall', '-out', 'fips_fail.cnf', '-module', $infile, - '-provider_name', 'fips', '-mac_name', 'HMAC', - '-macopt', 'digest:SHA256', '-macopt', "hexkey:$fipskey", - '-section_name', 'fips_sect', '-corrupt_desc', 'AES_GCM'])), - "fipsinstall fails when the AES_GCM result is corrupted"); + # corrupt cipher encrypt test + ok(!run(app(['openssl', 'fipsinstall', '-out', 'fips_fail.cnf', + '-module', $infile, + '-provider_name', 'fips', '-mac_name', 'HMAC', + '-macopt', 'digest:SHA256', '-macopt', "hexkey:$fipskey", + '-section_name', 'fips_sect', '-corrupt_desc', 'AES_GCM'])), + "fipsinstall fails when the AES_GCM result is corrupted"); -# corrupt cipher decrypt test -ok(!run(app(['openssl', 'fipsinstall', '-out', 'fips_fail.cnf', '-module', $infile, - '-provider_name', 'fips', '-mac_name', 'HMAC', - '-macopt', 'digest:SHA256', '-macopt', "hexkey:$fipskey", - '-section_name', 'fips_sect', '-corrupt_desc', 'AES_ECB_Decrypt'])), - "fipsinstall fails when the AES_ECB result is corrupted"); + # corrupt cipher decrypt test + ok(!run(app(['openssl', 'fipsinstall', '-out', 'fips_fail.cnf', + '-module', $infile, + '-provider_name', 'fips', '-mac_name', 'HMAC', + '-macopt', 'digest:SHA256', '-macopt', "hexkey:$fipskey", + '-section_name', 'fips_sect', '-corrupt_desc', 'AES_ECB_Decrypt'])), + "fipsinstall fails when the AES_ECB result is corrupted"); -# corrupt DRBG -ok(!run(app(['openssl', 'fipsinstall', '-out', 'fips_fail.cnf', '-module', $infile, - '-provider_name', 'fips', '-mac_name', 'HMAC', - '-macopt', 'digest:SHA256', '-macopt', "hexkey:$fipskey", - '-section_name', 'fips_sect', '-corrupt_desc', 'CTR'])), - "fipsinstall fails when the DRBG CTR result is corrupted"); + # corrupt DRBG + ok(!run(app(['openssl', 'fipsinstall', '-out', 'fips_fail.cnf', + '-module', $infile, + '-provider_name', 'fips', '-mac_name', 'HMAC', + '-macopt', 'digest:SHA256', '-macopt', "hexkey:$fipskey", + '-section_name', 'fips_sect', '-corrupt_desc', 'CTR'])), + "fipsinstall fails when the DRBG CTR result is corrupted"); +} # corrupt a KAS test SKIP: { skip "Skipping KAS DH corruption test because of no dh in this build", 1 - if disabled("dh"); + if disabled("dh") || disabled("fips-post"); ok(!run(app(['openssl', 'fipsinstall', '-out', 'fips.cnf', '-module', $infile, '-provider_name', 'fips', '-mac_name', 'HMAC', @@ -255,7 +269,7 @@ SKIP: { # corrupt a Signature test - 140-3 requires a known answer test SKIP: { skip "Skipping Signature DSA corruption test because of no dsa in this build", 1 - if disabled("dsa"); + if disabled("dsa") || disabled("fips-post"); run(test(["fips_version_test", "-config", $provconf, ">=3.1.0"]), capture => 1, statusvar => \my $exit); @@ -273,7 +287,7 @@ SKIP: { # corrupt a Signature test - 140-2 allows a pairwise consistency test SKIP: { skip "Skipping Signature DSA corruption test because of no dsa in this build", 1 - if disabled("dsa"); + if disabled("dsa") || disabled("fips-post"); run(test(["fips_version_test", "-config", $provconf, "<3.1.0"]), capture => 1, statusvar => \my $exit); @@ -291,7 +305,7 @@ SKIP: { # corrupt an Asymmetric cipher test SKIP: { skip "Skipping Asymmetric RSA corruption test because of no rsa in this build", 1 - if disabled("rsa"); + if disabled("rsa") || disabled("fips-post"); ok(!run(app(['openssl', 'fipsinstall', '-out', 'fips.cnf', '-module', $infile, '-corrupt_desc', 'RSA_Encrypt', '-corrupt_type', 'KAT_AsymmetricCipher'])), diff --git a/test/recipes/30-test_defltfips.t b/test/recipes/30-test_defltfips.t index c8f145405b2..917147a4e00 100644 --- a/test/recipes/30-test_defltfips.t +++ b/test/recipes/30-test_defltfips.t @@ -24,7 +24,7 @@ use lib bldtop_dir('.'); plan skip_all => "Configuration loading is turned off" if disabled("autoload-config"); -my $no_fips = disabled('fips') || ($ENV{NO_FIPS} // 0); +my $no_fips = disabled('fips') || disabled('fips-post') || ($ENV{NO_FIPS} // 0); plan tests => ($no_fips ? 1 : 5); diff --git a/test/recipes/30-test_provider_status.t b/test/recipes/30-test_provider_status.t index 2b2e242a5fa..44686b75767 100644 --- a/test/recipes/30-test_provider_status.t +++ b/test/recipes/30-test_provider_status.t @@ -20,7 +20,7 @@ setup("test_provider_status"); use lib srctop_dir('Configurations'); use lib bldtop_dir('.'); -my $no_fips = disabled('fips') || ($ENV{NO_FIPS} // 0); +my $no_fips = disabled('fips') || disabled('fips-post') || ($ENV{NO_FIPS} // 0); plan tests => 5;