From ffa5465e544704e56aaa895b0890a9fc7c917021 Mon Sep 17 00:00:00 2001 From: slontis Date: Mon, 30 Sep 2024 11:20:08 +1000 Subject: [PATCH] Exclude EVP_DigestSign and EVP_DigestVerify related APIs from the FIPS provider. Revert changes to m_sigver.c related to #ifdef FIPS_MODULE and exclude the file using build.info instead. Also exclude these calls inside EVP_DigestUpdate() within the FIPS provider since this API should only be used for self testing digests. Reviewed-by: Matt Caswell Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/25570) --- crypto/evp/build.info | 4 +-- crypto/evp/digest.c | 2 ++ crypto/evp/m_sigver.c | 60 ------------------------------------------- 3 files changed, 4 insertions(+), 62 deletions(-) diff --git a/crypto/evp/build.info b/crypto/evp/build.info index 95fea31226b..f2d9621e855 100644 --- a/crypto/evp/build.info +++ b/crypto/evp/build.info @@ -1,7 +1,7 @@ LIBS=../../libcrypto $COMMON=digest.c evp_enc.c evp_lib.c evp_fetch.c evp_utils.c \ mac_lib.c mac_meth.c keymgmt_meth.c keymgmt_lib.c kdf_lib.c kdf_meth.c \ - m_sigver.c pmeth_lib.c signature.c p_lib.c pmeth_gn.c exchange.c \ + pmeth_lib.c signature.c p_lib.c pmeth_gn.c exchange.c \ evp_rand.c asymcipher.c kem.c dh_support.c ec_support.c pmeth_check.c SOURCE[../../libcrypto]=$COMMON\ @@ -16,7 +16,7 @@ SOURCE[../../libcrypto]=$COMMON\ e_aes_cbc_hmac_sha1.c e_aes_cbc_hmac_sha256.c e_rc4_hmac_md5.c \ e_chacha20_poly1305.c \ legacy_sha.c ctrl_params_translate.c \ - cmeth_lib.c + cmeth_lib.c m_sigver.c # Diverse type specific ctrl functions. They are kinda sorta legacy, kinda # sorta not. diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c index 9f7d6c928df..0fdd545306d 100644 --- a/crypto/evp/digest.c +++ b/crypto/evp/digest.c @@ -395,6 +395,7 @@ int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t count) if (ctx->pctx != NULL && EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx->pctx) && ctx->pctx->op.sig.algctx != NULL) { +#ifndef FIPS_MODULE /* * Prior to OpenSSL 3.0 EVP_DigestSignUpdate() and * EVP_DigestVerifyUpdate() were just macros for EVP_DigestUpdate(). @@ -407,6 +408,7 @@ int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t count) return EVP_DigestSignUpdate(ctx, data, count); if (ctx->pctx->operation == EVP_PKEY_OP_VERIFYCTX) return EVP_DigestVerifyUpdate(ctx, data, count); +#endif ERR_raise(ERR_LIB_EVP, EVP_R_UPDATE_ERROR); return 0; } diff --git a/crypto/evp/m_sigver.c b/crypto/evp/m_sigver.c index 88451481761..f6a6810615e 100644 --- a/crypto/evp/m_sigver.c +++ b/crypto/evp/m_sigver.c @@ -16,13 +16,11 @@ #include "internal/numbers.h" /* includes SIZE_MAX */ #include "evp_local.h" -#ifndef FIPS_MODULE static int update(EVP_MD_CTX *ctx, const void *data, size_t datalen) { ERR_raise(ERR_LIB_EVP, EVP_R_ONLY_ONESHOT_SUPPORTED); return 0; } -#endif /* * If we get the "NULL" md then the name comes back as "UNDEF". We want to use @@ -58,10 +56,8 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, reinit = 0; if (e == NULL) ctx->pctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, props); -#ifndef FIPS_MODULE else ctx->pctx = EVP_PKEY_CTX_new(pkey, e); -#endif } if (ctx->pctx == NULL) return 0; @@ -243,11 +239,6 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, if (ctx->fetched_digest != NULL) { ctx->digest = ctx->reqdigest = ctx->fetched_digest; } else { -#ifdef FIPS_MODULE - (void)ERR_clear_last_mark(); - ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR); - goto err; -#else /* legacy engine support : remove the mark when this is deleted */ ctx->reqdigest = ctx->digest = EVP_get_digestbyname(mdname); if (ctx->digest == NULL) { @@ -255,7 +246,6 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR); goto err; } -#endif } (void)ERR_pop_to_mark(); } @@ -301,9 +291,6 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, EVP_KEYMGMT_free(tmp_keymgmt); tmp_keymgmt = NULL; -#ifdef FIPS_MODULE - return 0; -#else if (type == NULL && mdname != NULL) type = evp_get_digestbyname_ex(locpctx->libctx, mdname); @@ -366,12 +353,9 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, ctx->pctx->flag_call_digest_custom = 1; ret = 1; -#endif end: -#ifndef FIPS_MODULE if (ret > 0) ret = evp_pkey_ctx_use_cached_data(locpctx); -#endif EVP_KEYMGMT_free(tmp_keymgmt); return ret > 0 ? 1 : 0; @@ -386,14 +370,12 @@ int EVP_DigestSignInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, params); } -#ifndef FIPS_MODULE int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey) { return do_sigver_init(ctx, pctx, type, NULL, NULL, NULL, e, pkey, 0, NULL); } -#endif int EVP_DigestVerifyInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const char *mdname, OSSL_LIB_CTX *libctx, @@ -404,14 +386,12 @@ int EVP_DigestVerifyInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, params); } -#ifndef FIPS_MODULE int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey) { return do_sigver_init(ctx, pctx, type, NULL, NULL, NULL, e, pkey, 1, NULL); } -#endif /* FIPS_MODULE */ int EVP_DigestSignUpdate(EVP_MD_CTX *ctx, const void *data, size_t dsize) { @@ -437,10 +417,6 @@ int EVP_DigestSignUpdate(EVP_MD_CTX *ctx, const void *data, size_t dsize) data, dsize); legacy: -#ifdef FIPS_MODULE - ERR_raise(ERR_LIB_EVP, EVP_R_UPDATE_ERROR); - return 0; -#else if (pctx != NULL) { /* do_sigver_init() checked that |digest_custom| is non-NULL */ if (pctx->flag_call_digest_custom @@ -450,7 +426,6 @@ int EVP_DigestSignUpdate(EVP_MD_CTX *ctx, const void *data, size_t dsize) } return EVP_DigestUpdate(ctx, data, dsize); -#endif } int EVP_DigestVerifyUpdate(EVP_MD_CTX *ctx, const void *data, size_t dsize) @@ -477,10 +452,6 @@ int EVP_DigestVerifyUpdate(EVP_MD_CTX *ctx, const void *data, size_t dsize) data, dsize); legacy: -#ifdef FIPS_MODULE - ERR_raise(ERR_LIB_EVP, EVP_R_UPDATE_ERROR); - return 0; -#else if (pctx != NULL) { /* do_sigver_init() checked that |digest_custom| is non-NULL */ if (pctx->flag_call_digest_custom @@ -490,15 +461,12 @@ int EVP_DigestVerifyUpdate(EVP_MD_CTX *ctx, const void *data, size_t dsize) } return EVP_DigestUpdate(ctx, data, dsize); -#endif } int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen) { -#ifndef FIPS_MODULE int sctx = 0; -#endif int r = 0; EVP_PKEY_CTX *dctx = NULL, *pctx = ctx->pctx; @@ -513,14 +481,12 @@ int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, || pctx->op.sig.signature == NULL) goto legacy; -#ifndef FIPS_MODULE if (sigret != NULL && (ctx->flags & EVP_MD_CTX_FLAG_FINALISE) == 0) { /* try dup */ dctx = EVP_PKEY_CTX_dup(pctx); if (dctx != NULL) pctx = dctx; } -#endif r = pctx->op.sig.signature->digest_sign_final(pctx->op.sig.algctx, sigret, siglen, sigret == NULL ? 0 : *siglen); @@ -531,10 +497,6 @@ int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, return r; legacy: -#ifdef FIPS_MODULE - ERR_raise(ERR_LIB_EVP, EVP_R_UPDATE_ERROR); - return 0; -#else if (pctx == NULL || pctx->pmeth == NULL) { ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR); return 0; @@ -606,7 +568,6 @@ int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, } } return 1; -#endif } int EVP_DigestSign(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen, @@ -631,11 +592,6 @@ int EVP_DigestSign(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen, sigret == NULL ? 0 : *siglen, tbs, tbslen); } -#ifdef FIPS_MODULE - } - ERR_raise(ERR_LIB_EVP, EVP_R_FINAL_ERROR); - return 0; -#else } else { /* legacy */ if (ctx->pctx->pmeth != NULL && ctx->pctx->pmeth->digestsign != NULL) @@ -645,17 +601,14 @@ int EVP_DigestSign(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen, if (sigret != NULL && EVP_DigestSignUpdate(ctx, tbs, tbslen) <= 0) return 0; return EVP_DigestSignFinal(ctx, sigret, siglen); -#endif } int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sig, size_t siglen) { -#ifndef FIPS_MODULE int vctx = 0; unsigned int mdlen = 0; unsigned char md[EVP_MAX_MD_SIZE]; -#endif int r = 0; EVP_PKEY_CTX *dctx = NULL, *pctx = ctx->pctx; @@ -670,14 +623,12 @@ int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sig, || pctx->op.sig.signature == NULL) goto legacy; -#ifndef FIPS_MODULE if ((ctx->flags & EVP_MD_CTX_FLAG_FINALISE) == 0) { /* try dup */ dctx = EVP_PKEY_CTX_dup(pctx); if (dctx != NULL) pctx = dctx; } -#endif r = pctx->op.sig.signature->digest_verify_final(pctx->op.sig.algctx, sig, siglen); if (dctx == NULL) @@ -687,10 +638,6 @@ int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sig, return r; legacy: -#ifdef FIPS_MODULE - ERR_raise(ERR_LIB_EVP, EVP_R_UPDATE_ERROR); - return 0; -#else if (pctx == NULL || pctx->pmeth == NULL) { ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR); return 0; @@ -730,7 +677,6 @@ int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sig, if (vctx || !r) return r; return EVP_PKEY_verify(pctx, sig, siglen, md, mdlen); -#endif } int EVP_DigestVerify(EVP_MD_CTX *ctx, const unsigned char *sigret, @@ -753,11 +699,6 @@ int EVP_DigestVerify(EVP_MD_CTX *ctx, const unsigned char *sigret, sigret, siglen, tbs, tbslen); } -#ifdef FIPS_MODULE - } - ERR_raise(ERR_LIB_EVP, EVP_R_FINAL_ERROR); - return 0; -#else } else { /* legacy */ if (ctx->pctx->pmeth != NULL && ctx->pctx->pmeth->digestverify != NULL) @@ -766,5 +707,4 @@ int EVP_DigestVerify(EVP_MD_CTX *ctx, const unsigned char *sigret, if (EVP_DigestVerifyUpdate(ctx, tbs, tbslen) <= 0) return -1; return EVP_DigestVerifyFinal(ctx, sigret, siglen); -#endif } -- 2.47.2