From 02e631496831ccf8be1f65de0786216c61c42958 Mon Sep 17 00:00:00 2001 From: konglidong Date: Fri, 5 Dec 2025 18:29:03 +0800 Subject: [PATCH] fix some failed test case in check phase Signed-off-by: konglidong --- 0028-TMP-KTLS-test-skip.patch | 31 ++ 0029-FIPS-RSA-size-mode-restrictions.patch | 442 ++++++++++++++++++ ...Mark-x931-as-not-approved-by-default.patch | 27 ++ ...FIPS-TLS-Enforce-EMS-in-TLS-1.2-NOTE.patch | 193 ++++++++ ...PS-Fix-encoder-decoder-negative-test.patch | 36 ++ ...e-tests-due-to-our-versioning-change.patch | 107 +++++ 0034-FIPS-KDF-key-lenght-errors.patch | 176 +++++++ 0035-FIPS-fix-disallowed-digests-tests.patch | 52 +++ ...able-testing-of-composite-signature-.patch | 48 ++ ....c-Support-more-signature-algorithms.patch | 143 ++++++ ...kip-build-of-non-installable-program.patch | 159 +++++++ ...ypt-with-padding-NONE-is-not-support.patch | 28 ++ openssl.spec | 19 +- 13 files changed, 1459 insertions(+), 2 deletions(-) create mode 100644 0028-TMP-KTLS-test-skip.patch create mode 100644 0029-FIPS-RSA-size-mode-restrictions.patch create mode 100644 0030-FIPS-RSA-Mark-x931-as-not-approved-by-default.patch create mode 100644 0031-FIPS-TLS-Enforce-EMS-in-TLS-1.2-NOTE.patch create mode 100644 0032-FIPS-Fix-encoder-decoder-negative-test.patch create mode 100644 0033-FIPS-Fix-some-tests-due-to-our-versioning-change.patch create mode 100644 0034-FIPS-KDF-key-lenght-errors.patch create mode 100644 0035-FIPS-fix-disallowed-digests-tests.patch create mode 100644 0036-apps-speed.c-Disable-testing-of-composite-signature-.patch create mode 100644 0037-apps-speed.c-Support-more-signature-algorithms.patch create mode 100644 0038-Add-targets-to-skip-build-of-non-installable-program.patch create mode 100644 0039-RSA_encrypt-decrypt-with-padding-NONE-is-not-support.patch diff --git a/0028-TMP-KTLS-test-skip.patch b/0028-TMP-KTLS-test-skip.patch new file mode 100644 index 0000000..b4b65c0 --- /dev/null +++ b/0028-TMP-KTLS-test-skip.patch @@ -0,0 +1,31 @@ +From 10e7b2643772ca1c4ee069a625754bfeb971d965 Mon Sep 17 00:00:00 2001 +From: Simo Sorce +Date: Thu, 13 Feb 2025 18:11:19 -0500 +Subject: [PATCH 15/59] RH: TMP KTLS test skip + +From-dist-git-commit: 83382cc2a09dfcc55d5740fd08fd95c2333a56c9 +--- + test/sslapitest.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/test/sslapitest.c b/test/sslapitest.c +index fbe284b9ff..05c5ab256f 100644 +--- a/test/sslapitest.c ++++ b/test/sslapitest.c +@@ -1033,9 +1033,10 @@ static int execute_test_large_message(const SSL_METHOD *smeth, + /* sock must be connected */ + static int ktls_chk_platform(int sock) + { +- if (!ktls_enable(sock)) ++/* if (!ktls_enable(sock)) + return 0; +- return 1; ++ return 1; */ ++ return 0; + } + + static int ping_pong_query(SSL *clientssl, SSL *serverssl) +-- +2.51.0 + + diff --git a/0029-FIPS-RSA-size-mode-restrictions.patch b/0029-FIPS-RSA-size-mode-restrictions.patch new file mode 100644 index 0000000..2a1bd67 --- /dev/null +++ b/0029-FIPS-RSA-size-mode-restrictions.patch @@ -0,0 +1,442 @@ +From 564140b9980fba626d7b52c6072b1d9cb87150da Mon Sep 17 00:00:00 2001 +From: Simo Sorce +Date: Fri, 7 Mar 2025 18:20:30 -0500 +Subject: [PATCH 27/59] FIPS: RSA: size/mode restrictions + +Signed-off-by: Simo Sorce +--- + providers/implementations/signature/rsa_sig.c | 26 +++++++++ + ssl/ssl_ciph.c | 3 ++ + test/recipes/30-test_evp_data/evppkey_rsa.txt | 53 +++++++++++++++++++ + .../30-test_evp_data/evppkey_rsa_common.txt | 8 +-- + 4 files changed, 86 insertions(+), 4 deletions(-) + +diff --git a/providers/implementations/signature/rsa_sig.c b/providers/implementations/signature/rsa_sig.c +index 670125464e..664c59d2ef 100644 +--- a/providers/implementations/signature/rsa_sig.c ++++ b/providers/implementations/signature/rsa_sig.c +@@ -939,6 +939,19 @@ static int rsa_verify_recover(void *vprsactx, + { + PROV_RSA_CTX *prsactx = (PROV_RSA_CTX *)vprsactx; + int ret; ++# ifdef FIPS_MODULE ++ size_t rsabits = RSA_bits(prsactx->rsa); ++ ++ if (rsabits < 2048) { ++ if (rsabits != 1024 ++ && rsabits != 1280 ++ && rsabits != 1536 ++ && rsabits != 1792) { ++ ERR_raise(ERR_LIB_FIPS, PROV_R_INVALID_KEY_LENGTH); ++ return 0; ++ } ++ } ++# endif + + if (!ossl_prov_is_running()) + return 0; +@@ -1033,6 +1046,19 @@ static int rsa_verify_directly(PROV_RSA_CTX *prsactx, + const unsigned char *tbs, size_t tbslen) + { + size_t rslen; ++# ifdef FIPS_MODULE ++ size_t rsabits = RSA_bits(prsactx->rsa); ++ ++ if (rsabits < 2048) { ++ if (rsabits != 1024 ++ && rsabits != 1280 ++ && rsabits != 1536 ++ && rsabits != 1792) { ++ ERR_raise(ERR_LIB_FIPS, PROV_R_INVALID_KEY_LENGTH); ++ return 0; ++ } ++ } ++# endif + + if (!ossl_prov_is_running()) + return 0; +diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c +index 19420d6c6a..5ab1ccee93 100644 +--- a/ssl/ssl_ciph.c ++++ b/ssl/ssl_ciph.c +@@ -350,6 +350,9 @@ int ssl_load_ciphers(SSL_CTX *ctx) + ctx->disabled_mkey_mask = 0; + ctx->disabled_auth_mask = 0; + ++ if (EVP_default_properties_is_fips_enabled(ctx->libctx)) ++ ctx->disabled_mkey_mask |= SSL_kRSA | SSL_kRSAPSK; ++ + /* + * We ignore any errors from the fetches below. They are expected to fail + * if these algorithms are not available. +diff --git a/test/recipes/30-test_evp_data/evppkey_rsa.txt b/test/recipes/30-test_evp_data/evppkey_rsa.txt +index f1dc5dd2a2..6ae973eaac 100644 +--- a/test/recipes/30-test_evp_data/evppkey_rsa.txt ++++ b/test/recipes/30-test_evp_data/evppkey_rsa.txt +@@ -268,8 +268,19 @@ TwIDAQAB + + PrivPubKeyPair = RSA-PSS:RSA-PSS-DEFAULT + ++# Wrong MGF1 digest ++Availablein = default ++Verify = RSA-2048 ++Ctrl = rsa_padding_mode:pss ++Ctrl = rsa_pss_saltlen:0 ++Ctrl = digest:sha256 ++Ctrl = rsa_mgf1_md:sha1 ++Input="0123456789ABCDEF0123456789ABCDEF" ++Output=4DE433D5844043EF08D354DA03CB29068780D52706D7D1E4D50EFB7D58C9D547D83A747DDD0635A96B28F854E50145518482CB49E963054621B53C60C498D07C16E9C2789C893CF38D4D86900DE71BDE463BD2761D1271E358C7480A1AC0BAB930DDF39602AD1BC165B5D7436B516B7A7858E8EB7AB1C420EEB482F4D207F0E462B1724959320A084E13848D11D10FB593E66BF680BF6D3F345FC3E9C3DE60ABBAC37E1C6EC80A268C8D9FC49626C679097AA690BC1AA662B95EB8DB70390861AA0898229F9349B4B5FDD030D4928C47084708A933144BE23BD3C6E661B85B2C0EF9ED36D498D5B7320E8194D363D4AD478C059BAE804181965E0B81B663158A ++Result = VERIFY_ERROR + + # Wrong MGF1 digest ++Availablein = fips + Verify = RSA-2048 + Ctrl = rsa_padding_mode:pss + Ctrl = rsa_pss_saltlen:0 +@@ -280,6 +291,7 @@ Output=4DE433D5844043EF08D354DA03CB29068780D52706D7D1E4D50EFB7D58C9D547D83A747DD + Result = VERIFY_ERROR + + # Verify using default parameters ++Availablein = default + Verify = RSA-PSS-DEFAULT + Input="0123456789ABCDEF0123" + Output = 3EFE09D88509027D837BFA5F8471CF7B69E6DF395DD999BB9CA42021F15722D9AC76670507C6BCFB73F64FB2211B611B8F140E76EBDB064BD762FDBA89D019E304A0D6B274E1C2FE1DF50005598A0306AF805416094E2A5BA60BC72BDE38CE061E853ED40F14967A8B9CA4DC739B462F89558F12FDF2D8D19FBEF16AD66FE2DDDA8BEE983ECBD873064244849D8D94B5B33F45E076871A47ED653E73257A2BE2DB3C0878094B0D2B6B682C8007DFD989425FB39A1FEEC9EED5876414601A49176EC344F5E3EDEE81CA2DDD29B7364F4638112CB3A547E2BC170E28CB66BDABE863754BE8AD5BA230567B575266F4B6B4CF81F28310ABF05351CC9E2DB85D00BF +@@ -303,36 +315,42 @@ fc6CnohE9iWxFeXpxKWc+PgRO2g0M2ov0mibRyy7Xlyr5nQ1DFm2wX4XaHT7Qvj8 + PRdqAX7cYf0ybEszyQIDAQAB + -----END PUBLIC KEY----- + ++Availablein = default + Verify=RSA-PSS-2 + Ctrl = rsa_padding_mode:pss + Ctrl = rsa_mgf1_md:sha1 + Input=5c81a3e2a658246628cd0ee8b00bb4c012bc9739 + Output=014c5ba5338328ccc6e7a90bf1c0ab3fd606ff4796d3c12e4b639ed9136a5fec6c16d8884bdd99cfdc521456b0742b736868cf90de099adb8d5ffd1deff39ba4007ab746cefdb22d7df0e225f54627dc65466131721b90af445363a8358b9f607642f78fab0ab0f43b7168d64bae70d8827848d8ef1e421c5754ddf42c2589b5b3 + ++Availablein = default + Verify=RSA-PSS-2 + Ctrl = rsa_padding_mode:pss + Ctrl = rsa_mgf1_md:sha1 + Input=27f71611446aa6eabf037f7dedeede3203244991 + Output=010991656cca182b7f29d2dbc007e7ae0fec158eb6759cb9c45c5ff87c7635dd46d150882f4de1e9ae65e7f7d9018f6836954a47c0a81a8a6b6f83f2944d6081b1aa7c759b254b2c34b691da67cc0226e20b2f18b42212761dcd4b908a62b371b5918c5742af4b537e296917674fb914194761621cc19a41f6fb953fbcbb649dea + ++Availablein = default + Verify=RSA-PSS-2 + Ctrl = rsa_padding_mode:pss + Ctrl = rsa_mgf1_md:sha1 + Input=03ecc2c33e93f05fc7224fcc0d461356cb897217 + Output=007f0030018f53cdc71f23d03659fde54d4241f758a750b42f185f87578520c30742afd84359b6e6e8d3ed959dc6fe486bedc8e2cf001f63a7abe16256a1b84df0d249fc05d3194ce5f0912742dbbf80dd174f6c51f6bad7f16cf3364eba095a06267dc3793803ac7526aebe0a475d38b8c2247ab51c4898df7047dc6adf52c6c4 + ++Availablein = default + Verify=RSA-PSS-2 + Ctrl = rsa_padding_mode:pss + Ctrl = rsa_mgf1_md:sha1 + Input=246c727b4b9494849dddb068d582e179ac20999c + Output=009cd2f4edbe23e12346ae8c76dd9ad3230a62076141f16c152ba18513a48ef6f010e0e37fd3df10a1ec629a0cb5a3b5d2893007298c30936a95903b6ba85555d9ec3673a06108fd62a2fda56d1ce2e85c4db6b24a81ca3b496c36d4fd06eb7c9166d8e94877c42bea622b3bfe9251fdc21d8d5371badad78a488214796335b40b + ++Availablein = default + Verify=RSA-PSS-2 + Ctrl = rsa_padding_mode:pss + Ctrl = rsa_mgf1_md:sha1 + Input=e8617ca3ea66ce6a58ede2d11af8c3ba8a6ba912 + Output=00ec430824931ebd3baa43034dae98ba646b8c36013d1671c3cf1cf8260c374b19f8e1cc8d965012405e7e9bf7378612dfcc85fce12cda11f950bd0ba8876740436c1d2595a64a1b32efcfb74a21c873b3cc33aaf4e3dc3953de67f0674c0453b4fd9f604406d441b816098cb106fe3472bc251f815f59db2e4378a3addc181ecf + ++Availablein = default + Verify=RSA-PSS-2 + Ctrl = rsa_padding_mode:pss + Ctrl = rsa_mgf1_md:sha1 +@@ -348,36 +366,42 @@ nQ6tsIdYbKSJM9o8yVPZW9DtUN4Q3ctnNhB9bIMcf2Y+gzykwJfnAM4PuUX4j7hf + 6OWncxclZbkUpHGkQwIDAQAB + -----END PUBLIC KEY----- + ++Availablein = default + Verify=RSA-PSS-3 + Ctrl = rsa_padding_mode:pss + Ctrl = rsa_mgf1_md:sha1 + Input=3552be69dd74bdc56d2cf8c38ef7bafe269040fe + Output=0088b135fb1794b6b96c4a3e678197f8cac52b64b2fe907d6f27de761124964a99a01a882740ecfaed6c01a47464bb05182313c01338a8cd097214cd68ca103bd57d3bc9e816213e61d784f182467abf8a01cf253e99a156eaa8e3e1f90e3c6e4e3aa2d83ed0345b89fafc9c26077c14b6ac51454fa26e446e3a2f153b2b16797f + ++Availablein = default + Verify=RSA-PSS-3 + Ctrl = rsa_padding_mode:pss + Ctrl = rsa_mgf1_md:sha1 + Input=609143ff7240e55c062aba8b9e4426a781919bc9 + Output=02a5f0a858a0864a4f65017a7d69454f3f973a2999839b7bbc48bf78641169179556f595fa41f6ff18e286c2783079bc0910ee9cc34f49ba681124f923dfa88f426141a368a5f5a930c628c2c3c200e18a7644721a0cbec6dd3f6279bde3e8f2be5e2d4ee56f97e7ceaf33054be7042bd91a63bb09f897bd41e81197dee99b11af + ++Availablein = default + Verify=RSA-PSS-3 + Ctrl = rsa_padding_mode:pss + Ctrl = rsa_mgf1_md:sha1 + Input=0afd22f879a9cda7c584f4135f8f1c961db114c0 + Output=0244bcd1c8c16955736c803be401272e18cb990811b14f72db964124d5fa760649cbb57afb8755dbb62bf51f466cf23a0a1607576e983d778fceffa92df7548aea8ea4ecad2c29dd9f95bc07fe91ecf8bee255bfe8762fd7690aa9bfa4fa0849ef728c2c42c4532364522df2ab7f9f8a03b63f7a499175828668f5ef5a29e3802c + ++Availablein = default + Verify=RSA-PSS-3 + Ctrl = rsa_padding_mode:pss + Ctrl = rsa_mgf1_md:sha1 + Input=405dd56d395ef0f01b555c48f748cc32b210650b + Output=0196f12a005b98129c8df13c4cb16f8aa887d3c40d96df3a88e7532ef39cd992f273abc370bc1be6f097cfebbf0118fd9ef4b927155f3df22b904d90702d1f7ba7a52bed8b8942f412cd7bd676c9d18e170391dcd345c06a730964b3f30bcce0bb20ba106f9ab0eeb39cf8a6607f75c0347f0af79f16afa081d2c92d1ee6f836b8 + ++Availablein = default + Verify=RSA-PSS-3 + Ctrl = rsa_padding_mode:pss + Ctrl = rsa_mgf1_md:sha1 + Input=a2c313b0440c8a0c47233b87f0a160c61af3eae7 + Output=021eca3ab4892264ec22411a752d92221076d4e01c0e6f0dde9afd26ba5acf6d739ef987545d16683e5674c9e70f1de649d7e61d48d0caeb4fb4d8b24fba84a6e3108fee7d0705973266ac524b4ad280f7ae17dc59d96d3351586b5a3bdb895d1e1f7820ac6135d8753480998382ba32b7349559608c38745290a85ef4e9f9bd83 + ++Availablein = default + Verify=RSA-PSS-3 + Ctrl = rsa_padding_mode:pss + Ctrl = rsa_mgf1_md:sha1 +@@ -393,36 +417,42 @@ MAz5u2xTrR3IoXi4FdtCNamp2gwG3k5hXqEnfOVZ6cEI3ljBSoGqd/Wm+NEzVJRJ + iEjIuVlAdAvnv3w3BQIDAQAB + -----END PUBLIC KEY----- + ++Availablein = default + Verify=RSA-PSS-4 + Ctrl = rsa_padding_mode:pss + Ctrl = rsa_mgf1_md:sha1 + Input=f8b0abf70fec0bca74f0accbc24f75e6e90d3bfd + Output=0323d5b7bf20ba4539289ae452ae4297080feff4518423ff4811a817837e7d82f1836cdfab54514ff0887bddeebf40bf99b047abc3ecfa6a37a3ef00f4a0c4a88aae0904b745c846c4107e8797723e8ac810d9e3d95dfa30ff4966f4d75d13768d20857f2b1406f264cfe75e27d7652f4b5ed3575f28a702f8c4ed9cf9b2d44948 + ++Availablein = default + Verify=RSA-PSS-4 + Ctrl = rsa_padding_mode:pss + Ctrl = rsa_mgf1_md:sha1 + Input=04a10944bfe11ab801e77889f3fd3d7f4ff0b629 + Output=049d0185845a264d28feb1e69edaec090609e8e46d93abb38371ce51f4aa65a599bdaaa81d24fba66a08a116cb644f3f1e653d95c89db8bbd5daac2709c8984000178410a7c6aa8667ddc38c741f710ec8665aa9052be929d4e3b16782c1662114c5414bb0353455c392fc28f3db59054b5f365c49e1d156f876ee10cb4fd70598 + ++Availablein = default + Verify=RSA-PSS-4 + Ctrl = rsa_padding_mode:pss + Ctrl = rsa_mgf1_md:sha1 + Input=ba01243db223eb97fb86d746c3148adaaa0ca344 + Output=03fbc410a2ced59500fb99f9e2af2781ada74e13145624602782e2994813eefca0519ecd253b855fb626a90d771eae028b0c47a199cbd9f8e3269734af4163599090713a3fa910fa0960652721432b971036a7181a2bc0cab43b0b598bc6217461d7db305ff7e954c5b5bb231c39e791af6bcfa76b147b081321f72641482a2aad + ++Availablein = default + Verify=RSA-PSS-4 + Ctrl = rsa_padding_mode:pss + Ctrl = rsa_mgf1_md:sha1 + Input=934bb0d38d6836daec9de82a9648d4593da67cd2 + Output=0486644bc66bf75d28335a6179b10851f43f09bded9fac1af33252bb9953ba4298cd6466b27539a70adaa3f89b3db3c74ab635d122f4ee7ce557a61e59b82ffb786630e5f9db53c77d9a0c12fab5958d4c2ce7daa807cd89ba2cc7fcd02ff470ca67b229fcce814c852c73cc93bea35be68459ce478e9d4655d121c8472f371d4f + ++Availablein = default + Verify=RSA-PSS-4 + Ctrl = rsa_padding_mode:pss + Ctrl = rsa_mgf1_md:sha1 + Input=ec35d81abd1cceac425a935758b683465c8bd879 + Output=022a80045353904cb30cbb542d7d4990421a6eec16a8029a8422adfd22d6aff8c4cc0294af110a0c067ec86a7d364134459bb1ae8ff836d5a8a2579840996b320b19f13a13fad378d931a65625dae2739f0c53670b35d9d3cbac08e733e4ec2b83af4b9196d63e7c4ff1ddeae2a122791a125bfea8deb0de8ccf1f4ffaf6e6fb0a + ++Availablein = default + Verify=RSA-PSS-4 + Ctrl = rsa_padding_mode:pss + Ctrl = rsa_mgf1_md:sha1 +@@ -438,18 +468,21 @@ pLDMjaMl7YqmdrDQ9ibgp38HaSFwrKyAgvQvqn3HzRI+cw4xqHmFIEyry+ZnDUOi + 3Sst3vXgU5L8ITvFBwIDAQAB + -----END PUBLIC KEY----- + ++Availablein = default + Verify=RSA-PSS-5 + Ctrl = rsa_padding_mode:pss + Ctrl = rsa_mgf1_md:sha1 + Input=d98b7061943510bc3dd9162f7169aabdbdcd0222 + Output=0ba373f76e0921b70a8fbfe622f0bf77b28a3db98e361051c3d7cb92ad0452915a4de9c01722f6823eeb6adf7e0ca8290f5de3e549890ac2a3c5950ab217ba58590894952de96f8df111b2575215da6c161590c745be612476ee578ed384ab33e3ece97481a252f5c79a98b5532ae00cdd62f2ecc0cd1baefe80d80b962193ec1d + ++Availablein = default + Verify=RSA-PSS-5 + Ctrl = rsa_padding_mode:pss + Ctrl = rsa_mgf1_md:sha1 + Input=7ae8e699f754988f4fd645e463302e49a2552072 + Output=08180de825e4b8b014a32da8ba761555921204f2f90d5f24b712908ff84f3e220ad17997c0dd6e706630ba3e84add4d5e7ab004e58074b549709565d43ad9e97b5a7a1a29e85b9f90f4aafcdf58321de8c5974ef9abf2d526f33c0f2f82e95d158ea6b81f1736db8d1af3d6ac6a83b32d18bae0ff1b2fe27de4c76ed8c7980a34e + ++Availablein = default + Verify=RSA-PSS-5 + Ctrl = rsa_padding_mode:pss + Ctrl = rsa_mgf1_md:sha1 +@@ -463,12 +496,14 @@ Ctrl = rsa_mgf1_md:sha1 + Input=ee3de96783fd0a157c8b20bf5566124124dcfe65 + Output=0bc989853bc2ea86873271ce183a923ab65e8a53100e6df5d87a24c4194eb797813ee2a187c097dd872d591da60c568605dd7e742d5af4e33b11678ccb63903204a3d080b0902c89aba8868f009c0f1c0cb85810bbdd29121abb8471ff2d39e49fd92d56c655c8e037ad18fafbdc92c95863f7f61ea9efa28fea401369d19daea1 + ++Availablein = default + Verify=RSA-PSS-5 + Ctrl = rsa_padding_mode:pss + Ctrl = rsa_mgf1_md:sha1 + Input=1204df0b03c2724e2709c23fc71789a21b00ae4c + Output=0aefa943b698b9609edf898ad22744ac28dc239497cea369cbbd84f65c95c0ad776b594740164b59a739c6ff7c2f07c7c077a86d95238fe51e1fcf33574a4ae0684b42a3f6bf677d91820ca89874467b2c23add77969c80717430d0efc1d3695892ce855cb7f7011630f4df26def8ddf36fc23905f57fa6243a485c770d5681fcd + ++Availablein = default + Verify=RSA-PSS-5 + Ctrl = rsa_padding_mode:pss + Ctrl = rsa_mgf1_md:sha1 +@@ -484,36 +519,42 @@ Kl8QsJwxGvjA/7W3opfy78Y7jWsFEJMfC5jki/X8bsTnuNsf+usIw44CrbjwOkgi + nJnpaUMfYcuMTcaY0QIDAQAB + -----END PUBLIC KEY----- + ++Availablein = default + Verify=RSA-PSS-6 + Ctrl = rsa_padding_mode:pss + Ctrl = rsa_mgf1_md:sha1 + Input=ab464e8cb65ae5fdea47a53fa84b234d6bfd52f6 + Output=04c0cfacec04e5badbece159a5a1103f69b3f32ba593cb4cc4b1b7ab455916a96a27cd2678ea0f46ba37f7fc9c86325f29733b389f1d97f43e7201c0f348fc45fe42892335362eee018b5b161f2f9393031225c713012a576bc88e23052489868d9010cbf033ecc568e8bc152bdc59d560e41291915d28565208e22aeec9ef85d1 + ++Availablein = default + Verify=RSA-PSS-6 + Ctrl = rsa_padding_mode:pss + Ctrl = rsa_mgf1_md:sha1 + Input=92d0bcae82b641f578f040f5151be8eda6d42299 + Output=0a2314250cf52b6e4e908de5b35646bcaa24361da8160fb0f9257590ab3ace42b0dc3e77ad2db7c203a20bd952fbb56b1567046ecfaa933d7b1000c3de9ff05b7d989ba46fd43bc4c2d0a3986b7ffa13471d37eb5b47d64707bd290cfd6a9f393ad08ec1e3bd71bb5792615035cdaf2d8929aed3be098379377e777ce79aaa4773 + ++Availablein = default + Verify=RSA-PSS-6 + Ctrl = rsa_padding_mode:pss + Ctrl = rsa_mgf1_md:sha1 + Input=3569bd8fd2e28f2443375efa94f186f6911ffc2b + Output=086df6b500098c120f24ff8423f727d9c61a5c9007d3b6a31ce7cf8f3cbec1a26bb20e2bd4a046793299e03e37a21b40194fb045f90b18bf20a47992ccd799cf9c059c299c0526854954aade8a6ad9d97ec91a1145383f42468b231f4d72f23706d9853c3fa43ce8ace8bfe7484987a1ec6a16c8daf81f7c8bf42774707a9df456 + ++Availablein = default + Verify=RSA-PSS-6 + Ctrl = rsa_padding_mode:pss + Ctrl = rsa_mgf1_md:sha1 + Input=7abbb7b42de335730a0b641f1e314b6950b84f98 + Output=0b5b11ad549863ffa9c51a14a1106c2a72cc8b646e5c7262509786105a984776534ca9b54c1cc64bf2d5a44fd7e8a69db699d5ea52087a4748fd2abc1afed1e5d6f7c89025530bdaa2213d7e030fa55df6f34bcf1ce46d2edf4e3ae4f3b01891a068c9e3a44bbc43133edad6ecb9f35400c4252a5762d65744b99cb9f4c559329f + ++Availablein = default + Verify=RSA-PSS-6 + Ctrl = rsa_padding_mode:pss + Ctrl = rsa_mgf1_md:sha1 + Input=55b7eb27be7a787a59eb7e5fac468db8917a7725 + Output=02d71fa9b53e4654fefb7f08385cf6b0ae3a817942ebf66c35ac67f0b069952a3ce9c7e1f1b02e480a9500836de5d64cdb7ecde04542f7a79988787e24c2ba05f5fd482c023ed5c30e04839dc44bed2a3a3a4fee01113c891a47d32eb8025c28cb050b5cdb576c70fe76ef523405c08417faf350b037a43c379339fcb18d3a356b + ++Availablein = default + Verify=RSA-PSS-6 + Ctrl = rsa_padding_mode:pss + Ctrl = rsa_mgf1_md:sha1 +@@ -529,36 +570,42 @@ MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgTfJ2kpmyMQIuNon0MnXn4zLHq/B + 2LXF01SAItcGTqKaswIDAQAB + -----END PUBLIC KEY----- + ++Availablein = default + Verify=RSA-PSS-7 + Ctrl = rsa_padding_mode:pss + Ctrl = rsa_mgf1_md:sha1 + Input=8be4afbdd76bd8d142c5f4f46dba771ee5d6d29d + Output=187f390723c8902591f0154bae6d4ecbffe067f0e8b795476ea4f4d51ccc810520bb3ca9bca7d0b1f2ea8a17d873fa27570acd642e3808561cb9e975ccfd80b23dc5771cdb3306a5f23159dacbd3aa2db93d46d766e09ed15d900ad897a8d274dc26b47e994a27e97e2268a766533ae4b5e42a2fcaf755c1c4794b294c60555823 + ++Availablein = default + Verify=RSA-PSS-7 + Ctrl = rsa_padding_mode:pss + Ctrl = rsa_mgf1_md:sha1 + Input=402140dc605b2f5c5ec0d15bce9f9ba8857fe117 + Output=10fd89768a60a67788abb5856a787c8561f3edcf9a83e898f7dc87ab8cce79429b43e56906941a886194f137e591fe7c339555361fbbe1f24feb2d4bcdb80601f3096bc9132deea60ae13082f44f9ad41cd628936a4d51176e42fc59cb76db815ce5ab4db99a104aafea68f5d330329ebf258d4ede16064bd1d00393d5e1570eb8 + ++Availablein = default + Verify=RSA-PSS-7 + Ctrl = rsa_padding_mode:pss + Ctrl = rsa_mgf1_md:sha1 + Input=3e885205892ff2b6b37c2c4eb486c4bf2f9e7f20 + Output=2b31fde99859b977aa09586d8e274662b25a2a640640b457f594051cb1e7f7a911865455242926cf88fe80dfa3a75ba9689844a11e634a82b075afbd69c12a0df9d25f84ad4945df3dc8fe90c3cefdf26e95f0534304b5bdba20d3e5640a2ebfb898aac35ae40f26fce5563c2f9f24f3042af76f3c7072d687bbfb959a88460af1 + ++Availablein = default + Verify=RSA-PSS-7 + Ctrl = rsa_padding_mode:pss + Ctrl = rsa_mgf1_md:sha1 + Input=1fc2201d0c442a4736cd8b2cd00c959c47a3bf42 + Output=32c7ca38ff26949a15000c4ba04b2b13b35a3810e568184d7ecabaa166b7ffabddf2b6cf4ba07124923790f2e5b1a5be040aea36fe132ec130e1f10567982d17ac3e89b8d26c3094034e762d2e031264f01170beecb3d1439e05846f25458367a7d9c02060444672671e64e877864559ca19b2074d588a281b5804d23772fbbe19 + ++Availablein = default + Verify=RSA-PSS-7 + Ctrl = rsa_padding_mode:pss + Ctrl = rsa_mgf1_md:sha1 + Input=e4351b66819e5a31501f89acc7faf57030e9aac5 + Output=07eb651d75f1b52bc263b2e198336e99fbebc4f332049a922a10815607ee2d989db3a4495b7dccd38f58a211fb7e193171a3d891132437ebca44f318b280509e52b5fa98fcce8205d9697c8ee4b7ff59d4c59c79038a1970bd2a0d451ecdc5ef11d9979c9d35f8c70a6163717607890d586a7c6dc01c79f86a8f28e85235f8c2f1 + ++Availablein = default + Verify=RSA-PSS-7 + Ctrl = rsa_padding_mode:pss + Ctrl = rsa_mgf1_md:sha1 +@@ -574,36 +621,42 @@ R1PbPO4O4Gx9+uix1TtZUyGPnM7qaVsIZo7eqtztlGOx15DV6/J+kRW0bK1NmiuO + +rBWGwgQNEc5raBzPwIDAQAB + -----END PUBLIC KEY----- + ++Availablein = default + Verify=RSA-PSS-8 + Ctrl = rsa_padding_mode:pss + Ctrl = rsa_mgf1_md:sha1 + Input=a1dd230d8ead860199b6277c2ecfe3d95f6d9160 + Output=0262ac254bfa77f3c1aca22c5179f8f040422b3c5bafd40a8f21cf0fa5a667ccd5993d42dbafb409c520e25fce2b1ee1e716577f1efa17f3da28052f40f0419b23106d7845aaf01125b698e7a4dfe92d3967bb00c4d0d35ba3552ab9a8b3eef07c7fecdbc5424ac4db1e20cb37d0b2744769940ea907e17fbbca673b20522380c5 + ++Availablein = default + Verify=RSA-PSS-8 + Ctrl = rsa_padding_mode:pss + Ctrl = rsa_mgf1_md:sha1 + Input=f6e68e53c602c5c65fa67b5aa6d786e5524b12ab + Output=2707b9ad5115c58c94e932e8ec0a280f56339e44a1b58d4ddcff2f312e5f34dcfe39e89c6a94dcee86dbbdae5b79ba4e0819a9e7bfd9d982e7ee6c86ee68396e8b3a14c9c8f34b178eb741f9d3f121109bf5c8172fada2e768f9ea1433032c004a8aa07eb990000a48dc94c8bac8aabe2b09b1aa46c0a2aa0e12f63fbba775ba7e + ++Availablein = default + Verify=RSA-PSS-8 + Ctrl = rsa_padding_mode:pss + Ctrl = rsa_mgf1_md:sha1 + Input=d6f9fcd3ae27f32bb2c7c93536782eba52af1f76 + Output=2ad20509d78cf26d1b6c406146086e4b0c91a91c2bd164c87b966b8faa42aa0ca446022323ba4b1a1b89706d7f4c3be57d7b69702d168ab5955ee290356b8c4a29ed467d547ec23cbadf286ccb5863c6679da467fc9324a151c7ec55aac6db4084f82726825cfe1aa421bc64049fb42f23148f9c25b2dc300437c38d428aa75f96 + ++Availablein = default + Verify=RSA-PSS-8 + Ctrl = rsa_padding_mode:pss + Ctrl = rsa_mgf1_md:sha1 + Input=7ff2a53ce2e2d900d468e498f230a5f5dd0020de + Output=1e24e6e58628e5175044a9eb6d837d48af1260b0520e87327de7897ee4d5b9f0df0be3e09ed4dea8c1454ff3423bb08e1793245a9df8bf6ab3968c8eddc3b5328571c77f091cc578576912dfebd164b9de5454fe0be1c1f6385b328360ce67ec7a05f6e30eb45c17c48ac70041d2cab67f0a2ae7aafdcc8d245ea3442a6300ccc7 + ++Availablein = default + Verify=RSA-PSS-8 + Ctrl = rsa_padding_mode:pss + Ctrl = rsa_mgf1_md:sha1 + Input=4eb309f7022ba0b03bb78601b12931ec7c1be8d3 + Output=33341ba3576a130a50e2a5cf8679224388d5693f5accc235ac95add68e5eb1eec31666d0ca7a1cda6f70a1aa762c05752a51950cdb8af3c5379f18cfe6b5bc55a4648226a15e912ef19ad77adeea911d67cfefd69ba43fa4119135ff642117ba985a7e0100325e9519f1ca6a9216bda055b5785015291125e90dcd07a2ca9673ee + ++Availablein = default + Verify=RSA-PSS-8 + Ctrl = rsa_padding_mode:pss + Ctrl = rsa_mgf1_md:sha1 +diff --git a/test/recipes/30-test_evp_data/evppkey_rsa_common.txt b/test/recipes/30-test_evp_data/evppkey_rsa_common.txt +index 17ceb59148..972e90f32f 100644 +--- a/test/recipes/30-test_evp_data/evppkey_rsa_common.txt ++++ b/test/recipes/30-test_evp_data/evppkey_rsa_common.txt +@@ -285,7 +285,7 @@ FIPSversion = >=3.4.0 + Decrypt = RSA-2048 + Ctrl = rsa_padding_mode:none + Input = 0000000000000000000000000000000000000000 +-Result = KEYOP_ERROR ++Result = KEYOP_LENGTH_ERROR + + # RSADP Ciphertext = 1 should fail + Availablein = fips +@@ -293,7 +293,7 @@ FIPSversion = >=3.4.0 + Decrypt = RSA-2048 + Ctrl = rsa_padding_mode:none + Input = 0000000000000000000000000000000000000001 +-Result = KEYOP_ERROR ++Result = KEYOP_LENGTH_ERROR + + # RSADP Ciphertext = 2 should pass + Availablein = default +@@ -315,7 +315,7 @@ FIPSversion = >=3.4.0 + Decrypt = RSA-2048 + Ctrl = rsa_padding_mode:none + Input = cd0081ea7b2ae1ea06d59f7c73d9ffb94a09615c2e4ba7c636cef08dd3533ec3185525b015c769b99a77d6725bf9c3532a9b6e5f6627d5fb85160768d3dda9cbd35974511717dc3d309d2fc47ee41f97e32adb7f9dd864a1c4767a666ecd71bc1aacf5e7517f4b38594fea9b05e42d5ada9912008013e45316a4d9bb8ed086b88d28758bacaf922d46a868b485d239c9baeb0e2b64592710f42b2d1ea0a4b4802c0becab328f8a68b0073bdb546feea9809d2849912b390c1532bc7e29c7658f8175fae46f34332ff87bcab3e40649b98577869da0ea718353f0722754886913648760d122be676e0fc483dd20ffc31bda96a31966c9aa2e75ad03de47e1c44e +-Result = KEYOP_ERROR ++Result = KEYOP_LENGTH_ERROR + + # RSADP Ciphertext = n should fail + Availablein = default +@@ -2074,7 +2074,7 @@ Securitycheck = 1 + Unapproved = 1 + CtrlInit = key-check:0 + Input = 550AF55A2904E7B9762352F8FB7FA235 +-Result = KEYOP_MISMATCH ++Result = KEYOP_LENGTH_ERROR + + # Signing with SHA1 is not allowed in fips mode + Availablein = fips +-- +2.51.0 + + diff --git a/0030-FIPS-RSA-Mark-x931-as-not-approved-by-default.patch b/0030-FIPS-RSA-Mark-x931-as-not-approved-by-default.patch new file mode 100644 index 0000000..185b990 --- /dev/null +++ b/0030-FIPS-RSA-Mark-x931-as-not-approved-by-default.patch @@ -0,0 +1,27 @@ +From 84323511d9558acb40614ca7cd19436901b02629 Mon Sep 17 00:00:00 2001 +From: Simo Sorce +Date: Mon, 24 Mar 2025 11:03:45 -0400 +Subject: [PATCH 28/59] FIPS: RSA: Mark x931 as not approved by default + +Signed-off-by: Simo Sorce +--- + providers/fips/include/fips_indicator_params.inc | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/providers/fips/include/fips_indicator_params.inc b/providers/fips/include/fips_indicator_params.inc +index 6bd783eb0a..c1b029de86 100644 +--- a/providers/fips/include/fips_indicator_params.inc ++++ b/providers/fips/include/fips_indicator_params.inc +@@ -15,7 +15,7 @@ OSSL_FIPS_PARAM(dsa_sign_disallowed, DSA_SIGN_DISABLED, 0) + OSSL_FIPS_PARAM(tdes_encrypt_disallowed, TDES_ENCRYPT_DISABLED, 0) + OSSL_FIPS_PARAM(rsa_pkcs15_padding_disabled, RSA_PKCS15_PAD_DISABLED, 1) + OSSL_FIPS_PARAM(rsa_pss_saltlen_check, RSA_PSS_SALTLEN_CHECK, 0) +-OSSL_FIPS_PARAM(rsa_sign_x931_disallowed, RSA_SIGN_X931_PAD_DISABLED, 0) ++OSSL_FIPS_PARAM(rsa_sign_x931_disallowed, RSA_SIGN_X931_PAD_DISABLED, 1) + OSSL_FIPS_PARAM(hkdf_key_check, HKDF_KEY_CHECK, 0) + OSSL_FIPS_PARAM(kbkdf_key_check, KBKDF_KEY_CHECK, 0) + OSSL_FIPS_PARAM(tls13_kdf_key_check, TLS13_KDF_KEY_CHECK, 0) +-- +2.51.0 + + diff --git a/0031-FIPS-TLS-Enforce-EMS-in-TLS-1.2-NOTE.patch b/0031-FIPS-TLS-Enforce-EMS-in-TLS-1.2-NOTE.patch new file mode 100644 index 0000000..5fb8402 --- /dev/null +++ b/0031-FIPS-TLS-Enforce-EMS-in-TLS-1.2-NOTE.patch @@ -0,0 +1,193 @@ +From 9c9716b7a631ef8e3087a3ddec967b18d5c46a1f Mon Sep 17 00:00:00 2001 +From: rpm-build +Date: Wed, 6 Mar 2024 19:17:17 +0100 +Subject: [PATCH 37/59] FIPS: TLS: Enforce EMS in TLS 1.2 - NOTE + +NOTE: Enforcement of EMS in non-FIPS mode has been dropped due to code +change the option to enforce it seem to be available only in FIPS build + +Patch-name: 0114-FIPS-enforce-EMS-support.patch +Patch-id: 114 +Patch-status: | + # # We believe that some changes present in CentOS are not necessary + # # because ustream has a check for FIPS version +From-dist-git-commit: 4334bc837fbc64d14890fdc51679a80770d498ce +--- + doc/man3/SSL_CONF_cmd.pod | 3 +++ + doc/man5/fips_config.pod | 13 +++++++++++++ + include/openssl/ssl.h.in | 1 + + providers/fips/include/fips_indicator_params.inc | 2 +- + ssl/ssl_conf.c | 1 + + ssl/statem/extensions_srvr.c | 8 +++++++- + ssl/t1_enc.c | 11 +++++++++-- + test/recipes/30-test_evp_data/evpkdf_tls12_prf.txt | 10 ++++++++++ + test/sslapitest.c | 2 +- + 9 files changed, 46 insertions(+), 5 deletions(-) + +diff --git a/doc/man3/SSL_CONF_cmd.pod b/doc/man3/SSL_CONF_cmd.pod +index 9338ffc01d..911ea21a68 100644 +--- a/doc/man3/SSL_CONF_cmd.pod ++++ b/doc/man3/SSL_CONF_cmd.pod +@@ -621,6 +621,9 @@ B: use extended master secret extension, enabled by + default. Inverse of B: that is, + B<-ExtendedMasterSecret> is the same as setting B. + ++B: allow establishing connections without EMS in FIPS mode. ++This is a RedHat-based OS specific option, and normally it should be set up via crypto policies. ++ + B: use CA names extension, enabled by + default. Inverse of B: that is, + B<-CANames> is the same as setting B. +diff --git a/doc/man5/fips_config.pod b/doc/man5/fips_config.pod +index 2505938c13..3887c54f0e 100644 +--- a/doc/man5/fips_config.pod ++++ b/doc/man5/fips_config.pod +@@ -11,6 +11,19 @@ automatically loaded when the system is booted in FIPS mode, or when the + environment variable B is set. See the documentation + for more information. + ++Linux uses a supplementary config for FIPS module located in ++OpenSSL configuration directory and managed by crypto policies. If present, it ++should have format ++ ++ [fips_sect] ++ tls1-prf-ems-check = 0 ++ activate = 1 ++ ++The B option specifies whether FIPS module will require the ++presence of extended master secret or not. ++ ++The B option enforces FIPS provider activation. ++ + =head1 COPYRIGHT + + Copyright 2019-2025 The OpenSSL Project Authors. All Rights Reserved. +diff --git a/include/openssl/ssl.h.in b/include/openssl/ssl.h.in +index d1b00e8454..b815f25dae 100644 +--- a/include/openssl/ssl.h.in ++++ b/include/openssl/ssl.h.in +@@ -417,6 +417,7 @@ typedef int (*SSL_async_callback_fn)(SSL *s, void *arg); + * interoperability with CryptoPro CSP 3.x + */ + # define SSL_OP_CRYPTOPRO_TLSEXT_BUG SSL_OP_BIT(31) ++# define SSL_OP_RH_PERMIT_NOEMS_FIPS SSL_OP_BIT(48) + /* + * Disable RFC8879 certificate compression + * SSL_OP_NO_TX_CERTIFICATE_COMPRESSION: don't send compressed certificates, +diff --git a/providers/fips/include/fips_indicator_params.inc b/providers/fips/include/fips_indicator_params.inc +index c1b029de86..47d1cf2d01 100644 +--- a/providers/fips/include/fips_indicator_params.inc ++++ b/providers/fips/include/fips_indicator_params.inc +@@ -1,5 +1,5 @@ + OSSL_FIPS_PARAM(security_checks, SECURITY_CHECKS, 1) +-OSSL_FIPS_PARAM(tls1_prf_ems_check, TLS1_PRF_EMS_CHECK, 0) ++OSSL_FIPS_PARAM(tls1_prf_ems_check, TLS1_PRF_EMS_CHECK, 1) + OSSL_FIPS_PARAM(no_short_mac, NO_SHORT_MAC, 1) + OSSL_FIPS_PARAM(hmac_key_check, HMAC_KEY_CHECK, 0) + OSSL_FIPS_PARAM(kmac_key_check, KMAC_KEY_CHECK, 0) +diff --git a/ssl/ssl_conf.c b/ssl/ssl_conf.c +index 946d20be52..b52c1675fd 100644 +--- a/ssl/ssl_conf.c ++++ b/ssl/ssl_conf.c +@@ -394,6 +394,7 @@ static int cmd_Options(SSL_CONF_CTX *cctx, const char *value) + SSL_FLAG_TBL("ClientRenegotiation", + SSL_OP_ALLOW_CLIENT_RENEGOTIATION), + SSL_FLAG_TBL_INV("EncryptThenMac", SSL_OP_NO_ENCRYPT_THEN_MAC), ++ SSL_FLAG_TBL("RHNoEnforceEMSinFIPS", SSL_OP_RH_PERMIT_NOEMS_FIPS), + SSL_FLAG_TBL("NoRenegotiation", SSL_OP_NO_RENEGOTIATION), + SSL_FLAG_TBL("AllowNoDHEKEX", SSL_OP_ALLOW_NO_DHE_KEX), + SSL_FLAG_TBL("PreferNoDHEKEX", SSL_OP_PREFER_NO_DHE_KEX), +diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c +index 1a09913ad6..936be81819 100644 +--- a/ssl/statem/extensions_srvr.c ++++ b/ssl/statem/extensions_srvr.c +@@ -12,6 +12,7 @@ + #include "statem_local.h" + #include "internal/cryptlib.h" + #include "internal/ssl_unwrap.h" ++#include + + #define COOKIE_STATE_FORMAT_VERSION 1 + +@@ -1886,8 +1887,13 @@ EXT_RETURN tls_construct_stoc_ems(SSL_CONNECTION *s, WPACKET *pkt, + unsigned int context, + X509 *x, size_t chainidx) + { +- if ((s->s3.flags & TLS1_FLAGS_RECEIVED_EXTMS) == 0) ++ if ((s->s3.flags & TLS1_FLAGS_RECEIVED_EXTMS) == 0) { ++ if (FIPS_mode() && !(SSL_get_options(SSL_CONNECTION_GET_SSL(s)) & SSL_OP_RH_PERMIT_NOEMS_FIPS) ) { ++ SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, ERR_R_UNSUPPORTED); ++ return EXT_RETURN_FAIL; ++ } + return EXT_RETURN_NOT_SENT; ++ } + + if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_extended_master_secret) + || !WPACKET_put_bytes_u16(pkt, 0)) { +diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c +index 474ea7bf5b..e0e595e989 100644 +--- a/ssl/t1_enc.c ++++ b/ssl/t1_enc.c +@@ -21,6 +21,7 @@ + #include + #include + #include ++#include + + /* seed1 through seed5 are concatenated */ + static int tls1_PRF(SSL_CONNECTION *s, +@@ -78,8 +79,14 @@ static int tls1_PRF(SSL_CONNECTION *s, + } + + err: +- if (fatal) +- SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); ++ if (fatal) { ++ /* The calls to this function are local so it's safe to implement the check */ ++ if (FIPS_mode() && seed1_len >= TLS_MD_MASTER_SECRET_CONST_SIZE ++ && memcmp(seed1, TLS_MD_MASTER_SECRET_CONST, TLS_MD_MASTER_SECRET_CONST_SIZE) == 0) ++ SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, ERR_R_UNSUPPORTED); ++ else ++ SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); ++ } + else + ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR); + EVP_KDF_CTX_free(kctx); +diff --git a/test/recipes/30-test_evp_data/evpkdf_tls12_prf.txt b/test/recipes/30-test_evp_data/evpkdf_tls12_prf.txt +index 50944328cb..edb2e81273 100644 +--- a/test/recipes/30-test_evp_data/evpkdf_tls12_prf.txt ++++ b/test/recipes/30-test_evp_data/evpkdf_tls12_prf.txt +@@ -22,6 +22,16 @@ Ctrl.client_random = hexseed:36c129d01a3200894b9179faac589d9835d58775f9b5ea3587c + Ctrl.server_random = hexseed:f6c9575ed7ddd73e1f7d16eca115415812a43c2b747daaaae043abfb50053fce + Output = 202c88c00f84a17a20027079604787461176455539e705be730890602c289a5001e34eeb3a043e5d52a65e66125188bf + ++Availablein = fips ++KDF = TLS1-PRF ++Ctrl.digest = digest:SHA256 ++Ctrl.Secret = hexsecret:f8938ecc9edebc5030c0c6a441e213cd24e6f770a50dda07876f8d55da062bcadb386b411fd4fe4313a604fce6c17fbc ++Ctrl.label = seed:master secret ++Ctrl.client_random = hexseed:36c129d01a3200894b9179faac589d9835d58775f9b5ea3587cb8fd0364cae8c ++Ctrl.server_random = hexseed:f6c9575ed7ddd73e1f7d16eca115415812a43c2b747daaaae043abfb50053fce ++Output = 202c88c00f84a17a20027079604787461176455539e705be730890602c289a5001e34eeb3a043e5d52a65e66125188bf ++Result = KDF_DERIVE_ERROR ++ + FIPSversion = <=3.1.0 + KDF = TLS1-PRF + Ctrl.digest = digest:SHA256 +diff --git a/test/sslapitest.c b/test/sslapitest.c +index 05c5ab256f..4373bc2865 100644 +--- a/test/sslapitest.c ++++ b/test/sslapitest.c +@@ -585,7 +585,7 @@ static int test_client_cert_verify_cb(void) + STACK_OF(X509) *server_chain; + SSL_CTX *cctx = NULL, *sctx = NULL; + SSL *clientssl = NULL, *serverssl = NULL; +- int testresult = 0; ++ int testresult = 0, status; + + if (!TEST_true(create_ssl_ctx_pair(libctx, TLS_server_method(), + TLS_client_method(), TLS1_VERSION, 0, +-- +2.51.0 + + diff --git a/0032-FIPS-Fix-encoder-decoder-negative-test.patch b/0032-FIPS-Fix-encoder-decoder-negative-test.patch new file mode 100644 index 0000000..0498e69 --- /dev/null +++ b/0032-FIPS-Fix-encoder-decoder-negative-test.patch @@ -0,0 +1,36 @@ +From 4691661243060cc6ad88902f422f058c547264f6 Mon Sep 17 00:00:00 2001 +From: Simo Sorce +Date: Wed, 5 Mar 2025 13:22:03 -0500 +Subject: [PATCH 40/59] FIPS: Fix encoder/decoder negative test + +Signed-off-by: Simo Sorce +--- + test/recipes/04-test_encoder_decoder.t | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + mode change 100644 => 100755 test/recipes/04-test_encoder_decoder.t + +diff --git a/test/recipes/04-test_encoder_decoder.t b/test/recipes/04-test_encoder_decoder.t +old mode 100644 +new mode 100755 +index 2acc980e90..660d4e1115 +--- a/test/recipes/04-test_encoder_decoder.t ++++ b/test/recipes/04-test_encoder_decoder.t +@@ -75,10 +75,10 @@ SKIP: { + } + my $no_des = disabled("des"); + SKIP: { +- skip "MD5 disabled", 2 if disabled("md5"); +- ok(run(app([ 'openssl', 'genrsa', '-aes128', '-out', 'epki.pem', +- '-traditional', '-passout', 'pass:pass' ])), +- "rsa encrypted using a non fips algorithm MD5 in pbe"); ++ skip "DES disabled", 2 if disabled("des3"); ++ ok(run(app([ 'openssl', 'genrsa', '-des3', '-out', 'epki.pem', ++ '-traditional', '-passout', 'pass:pass'])), ++ "rsa encrypted using a non fips algorithm DES3 in pbe"); + + my $conf2 = srctop_file("test", "default-and-fips.cnf"); + ok(run(test(['decoder_propq_test', '-config', $conf2, +-- +2.51.0 + + diff --git a/0033-FIPS-Fix-some-tests-due-to-our-versioning-change.patch b/0033-FIPS-Fix-some-tests-due-to-our-versioning-change.patch new file mode 100644 index 0000000..70a8c2d --- /dev/null +++ b/0033-FIPS-Fix-some-tests-due-to-our-versioning-change.patch @@ -0,0 +1,107 @@ +From 552dec327a579572ca17a560bb415d8f407ce990 Mon Sep 17 00:00:00 2001 +From: Simo Sorce +Date: Mon, 10 Mar 2025 13:52:50 -0400 +Subject: [PATCH 46/59] FIPS: Fix some tests due to our versioning change + +Signed-off-by: Simo Sorce +--- + test/ssl-tests/13-fragmentation.cnf.in | 4 ++-- + test/ssl-tests/17-renegotiate.cnf.in | 4 ++-- + test/ssl-tests/18-dtls-renegotiate.cnf.in | 2 +- + test/ssl-tests/19-mac-then-encrypt.cnf.in | 2 +- + test/ssl-tests/20-cert-select.cnf.in | 6 +++--- + 5 files changed, 9 insertions(+), 9 deletions(-) + +diff --git a/test/ssl-tests/13-fragmentation.cnf.in b/test/ssl-tests/13-fragmentation.cnf.in +index 318fd65960..87ec08ee5b 100644 +--- a/test/ssl-tests/13-fragmentation.cnf.in ++++ b/test/ssl-tests/13-fragmentation.cnf.in +@@ -14,7 +14,7 @@ use warnings; + + package ssltests; + +-our $fips_3_4; ++our $fips_mode; + + our @tests = ( + # Default fragment size is 512. +@@ -273,4 +273,4 @@ my @tests_rsa = ( + ); + + push @tests, @tests_rsa +- unless $fips_3_4; ++ unless $fips_mode; +diff --git a/test/ssl-tests/17-renegotiate.cnf.in b/test/ssl-tests/17-renegotiate.cnf.in +index 2812e4c38b..9cbd972eba 100644 +--- a/test/ssl-tests/17-renegotiate.cnf.in ++++ b/test/ssl-tests/17-renegotiate.cnf.in +@@ -15,7 +15,7 @@ use warnings; + package ssltests; + use OpenSSL::Test::Utils; + +-our $fips_3_4; ++our $fips_mode; + + our @tests = ( + { +@@ -318,5 +318,5 @@ our @tests_tls1_2 = ( + } + ); + +-push @tests, @tests_tls1_2_rsa unless disabled("tls1_2") or $fips_3_4; ++push @tests, @tests_tls1_2_rsa unless disabled("tls1_2") or $fips_mode; + push @tests, @tests_tls1_2 unless disabled("tls1_2"); +diff --git a/test/ssl-tests/18-dtls-renegotiate.cnf.in b/test/ssl-tests/18-dtls-renegotiate.cnf.in +index 8996849a2c..415dc2978d 100644 +--- a/test/ssl-tests/18-dtls-renegotiate.cnf.in ++++ b/test/ssl-tests/18-dtls-renegotiate.cnf.in +@@ -133,7 +133,7 @@ foreach my $sctp ("No", "Yes") + ); + push @tests, @tests_basic; + +- next if disabled("dtls1_2") || $fips_3_4; ++ next if disabled("dtls1_2") || $fips_mode; + our @tests_dtls1_2 = ( + { + name => "renegotiate-aead-to-non-aead".$suffix, +diff --git a/test/ssl-tests/19-mac-then-encrypt.cnf.in b/test/ssl-tests/19-mac-then-encrypt.cnf.in +index 32bcec4be4..2f8a123c20 100644 +--- a/test/ssl-tests/19-mac-then-encrypt.cnf.in ++++ b/test/ssl-tests/19-mac-then-encrypt.cnf.in +@@ -17,7 +17,7 @@ our $fips_mode; + our $fips_3_4; + + # Nothing to test with newer fips providers +-return if $fips_3_4; ++return if $fips_mode; + + our @tests = ( + { +diff --git a/test/ssl-tests/20-cert-select.cnf.in b/test/ssl-tests/20-cert-select.cnf.in +index af47842fd8..21c75033e8 100644 +--- a/test/ssl-tests/20-cert-select.cnf.in ++++ b/test/ssl-tests/20-cert-select.cnf.in +@@ -266,7 +266,7 @@ our @tests = ( + }, + test => { + "ExpectedServerCertType" =>, "RSA", +- "ExpectedResult" => $fips_3_4 ? "ClientFail" : "Success" ++ "ExpectedResult" => $fips_mode ? "ClientFail" : "Success" + }, + }, + { +@@ -1005,8 +1005,8 @@ my @tests_dsa_tls_1_3 = ( + ); + + if (!disabled("dsa")) { +- push @tests, @tests_dsa_tls_1_2 unless disabled("dh") || $fips_3_4; +- push @tests, @tests_dsa_tls_1_3 unless disabled("tls1_3"); ++ push @tests, @tests_dsa_tls_1_2 unless disabled("dh") || $fips_mode; ++ push @tests, @tests_dsa_tls_1_3 unless disabled("tls1_3") || $fips_mode; + } + + my @tests_mldsa_tls_1_3 = ( +-- +2.51.0 + + diff --git a/0034-FIPS-KDF-key-lenght-errors.patch b/0034-FIPS-KDF-key-lenght-errors.patch new file mode 100644 index 0000000..4a81a08 --- /dev/null +++ b/0034-FIPS-KDF-key-lenght-errors.patch @@ -0,0 +1,176 @@ +From 284c64f2ad8f104b15983f7ff37e90486847c5b1 Mon Sep 17 00:00:00 2001 +From: Simo Sorce +Date: Mon, 14 Apr 2025 15:25:40 -0400 +Subject: [PATCH 48/59] FIPS: KDF key lenght errors + +Signed-off-by: Simo Sorce +--- + test/recipes/30-test_evp_data/evpkdf_ss.txt | 8 ++++---- + test/recipes/30-test_evp_data/evpkdf_tls12_prf.txt | 6 +++--- + test/recipes/30-test_evp_data/evpkdf_tls13_kdf.txt | 11 ++++++----- + test/recipes/30-test_evp_data/evpkdf_x942.txt | 3 +-- + test/recipes/30-test_evp_data/evpkdf_x963.txt | 6 ++---- + test/recipes/30-test_evp_data/evpmac_common.txt | 2 +- + test/recipes/30-test_evp_data/evppkey_kdf_hkdf.txt | 2 +- + 7 files changed, 18 insertions(+), 20 deletions(-) + +diff --git a/test/recipes/30-test_evp_data/evpkdf_ss.txt b/test/recipes/30-test_evp_data/evpkdf_ss.txt +index 4503af711f..7ef2894ae6 100644 +--- a/test/recipes/30-test_evp_data/evpkdf_ss.txt ++++ b/test/recipes/30-test_evp_data/evpkdf_ss.txt +@@ -1189,8 +1189,8 @@ KDF = SSKDF + Ctrl.digest = digest:SHA1 + Ctrl.hexsecret = hexsecret:d7e6 + Ctrl.hexinfo = hexinfo:0bbe1fa8722023d7c3da4fff +-Result = KDF_CTRL_ERROR +-Reason = invalid key length ++Result = KDF_DERIVE_ERROR ++#Reason = invalid key length + + Availablein = fips + FIPSversion = >=3.4.0 +@@ -1200,8 +1200,8 @@ Ctrl.digest = digest:SHA224 + Ctrl.salt = hexsalt:00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 + Ctrl.hexsecret = hexsecret:40B6E03711EBEBA14011ACE96C + Ctrl.hexinfo = hexinfo:5D437C2F1035A4F1F751E59CF10650171EF5769FCFBE438DFBC5BD8EA724100076447AB804F91DFA680E592FE2621A45DAB4C6A77B678059FC29E572DE4424EB5459F53523002ED38AAB1D9DD96C3523D1907C5EFBAE93DFFE680F716498720110D2A3B9CE9B66DB2884C83E9BEB546754874C0CA1967AF000000400 +-Result = KDF_CTRL_ERROR +-Reason = invalid key length ++Result = KDF_DERIVE_ERROR ++#Reason = invalid key length + + Availablein = fips + FIPSversion = >=3.4.0 +diff --git a/test/recipes/30-test_evp_data/evpkdf_tls12_prf.txt b/test/recipes/30-test_evp_data/evpkdf_tls12_prf.txt +index edb2e81273..d663e5e5a5 100644 +--- a/test/recipes/30-test_evp_data/evpkdf_tls12_prf.txt ++++ b/test/recipes/30-test_evp_data/evpkdf_tls12_prf.txt +@@ -104,8 +104,8 @@ Ctrl.Secret = hexsecret:f8938ecc9edebc5030c0c6a441e213cd24e6f770a50dda07876f8d55 + Ctrl.label = seed:extended master secret + Ctrl.client_random = hexseed:36c129d01a3200894b9179faac589d9835d58775f9b5ea3587cb8fd0364cae8c + Ctrl.server_random = hexseed:f6c9575ed7ddd73e1f7d16eca115415812a43c2b747daaaae043abfb50053fce +-Result = KDF_CTRL_ERROR +-Reason = digest not allowed ++Result = KDF_DERIVE_ERROR ++Reason = invalid key length + + # Test that the operation with unapproved digest function is is reported as + # unapproved +@@ -131,7 +131,7 @@ Ctrl.Secret = hexsecret:0102030405060708090a0b + Ctrl.label = seed:extended master secret + Ctrl.client_random = hexseed:36c129d01a3200894b9179faac589d9835d58775f9b5ea3587cb8fd0364cae8c + Ctrl.server_random = hexseed:f6c9575ed7ddd73e1f7d16eca115415812a43c2b747daaaae043abfb50053fce +-Result = KDF_CTRL_ERROR ++Result = KDF_DERIVE_ERROR + Reason = invalid key length + + # Test that the key whose length is shorter than 112 bits is reported as +diff --git a/test/recipes/30-test_evp_data/evpkdf_tls13_kdf.txt b/test/recipes/30-test_evp_data/evpkdf_tls13_kdf.txt +index f2ea9ac44a..0f2f6e3904 100644 +--- a/test/recipes/30-test_evp_data/evpkdf_tls13_kdf.txt ++++ b/test/recipes/30-test_evp_data/evpkdf_tls13_kdf.txt +@@ -4963,7 +4963,7 @@ KDF = TLS13-KDF + Ctrl.mode = mode:EXTRACT_ONLY + Ctrl.digest = digest:SHA512-256 + Ctrl.key = hexkey:f8af6aea2d397baf2948a25b2834200692cff17eee9165e4e27babee9edefd05 +-Result = KDF_CTRL_ERROR ++Result = KDF_DERIVE_ERROR + + # Test that the operation with unapproved digest function is is reported as + # unapproved +@@ -4985,20 +4985,21 @@ KDF = TLS13-KDF + Ctrl.mode = mode:EXTRACT_ONLY + Ctrl.digest = digest:SHA2-256 + Ctrl.key = hexkey:0102030405060708090a0b +-Result = KDF_CTRL_ERROR +-Reason = invalid key length ++Result = KDF_DERIVE_ERROR ++Reason = wrong output buffer size + + Availablein = fips + FIPSversion = >=3.4.0 + KDF = TLS13-KDF ++Unapproved = 1 + Ctrl.mode = mode:EXPAND_ONLY + Ctrl.digest = digest:SHA2-256 + Ctrl.key = hexkey:0102030405060708090a0b + Ctrl.data = hexdata:7c92f68bd5bf3638ea338a6494722e1b44127e1b7e8aad535f2322a644ff22b3 + Ctrl.prefix = hexprefix:746c73313320 + Ctrl.label = hexlabel:6320652074726166666963 +-Result = KDF_CTRL_ERROR +-Reason = invalid key length ++Result = KDF_MISMATCH ++#Reason = invalid key length + + # Test that the key whose length is shorter than 112 bits is reported as + # unapproved +diff --git a/test/recipes/30-test_evp_data/evpkdf_x942.txt b/test/recipes/30-test_evp_data/evpkdf_x942.txt +index b1774592e9..6869fd0f20 100644 +--- a/test/recipes/30-test_evp_data/evpkdf_x942.txt ++++ b/test/recipes/30-test_evp_data/evpkdf_x942.txt +@@ -124,11 +124,10 @@ Reason = xof digests not allowed + Availablein = fips + FIPSversion = >=3.4.0 + KDF = X942KDF-ASN1 ++Unapproved = 1 + Ctrl.digest = digest:SHA256 + Ctrl.hexsecret = hexsecret:6B + Ctrl.use-keybits = use-keybits:0 + Ctrl.cekalg = cekalg:id-aes128-wrap + Ctrl.hexacvp-info = hexacvp-info:a020299D468D60BC6A257E0B6523D691A3FC1602453B35F308C762FBBAC6069A88BCa12080D49BFE5BE01C7D56489AB017663C22B8CBB34C3174D1D71F00CB7505AC759Aa2203C21A5EA5988562C007986E0503D039E7231D9F152FE72A231A1FD98C59BCA6Aa320FD47477542989B51E4A0845DFABD6EEAA465F69B3D75349B2520051782C7F3FC + Output = C2E6A0978C24AF3932F478583ADBFB5F57D491822592EAD3C538875F46EB057A +-Result = KDF_CTRL_ERROR +-Reason = invalid key length +diff --git a/test/recipes/30-test_evp_data/evpkdf_x963.txt b/test/recipes/30-test_evp_data/evpkdf_x963.txt +index b8f3cff3d3..74524c4694 100644 +--- a/test/recipes/30-test_evp_data/evpkdf_x963.txt ++++ b/test/recipes/30-test_evp_data/evpkdf_x963.txt +@@ -148,8 +148,7 @@ KDF = X963KDF + Ctrl.digest = digest:SHA1 + Ctrl.hexsecret = hexsecret:fd17198b89ab39c4ab5d7cca363b82f9fd7e23c3984dc8a2 + Ctrl.hexinfo = hexinfo:856a53f3e36a26bbc5792879f307cce2 +-Result = KDF_CTRL_ERROR +-Reason = digest not allowed ++Result = KDF_DERIVE_ERROR + + # Test that the operation with unapproved digest function is is reported as + # unapproved +@@ -170,8 +169,7 @@ KDF = X963KDF + Ctrl.digest = digest:SHA224 + Ctrl.hexsecret = hexsecret:0102030405060908090a0b + Ctrl.hexinfo = hexinfo:0102030405060708090a0b0c0d0e0f10 +-Result = KDF_CTRL_ERROR +-Reason = invalid key length ++Result = KDF_DERIVE_ERROR + + # Test that the key whose length is shorter than 112 bits is reported as + # unapproved +diff --git a/test/recipes/30-test_evp_data/evpmac_common.txt b/test/recipes/30-test_evp_data/evpmac_common.txt +index af92ceea98..a1541bf226 100644 +--- a/test/recipes/30-test_evp_data/evpmac_common.txt ++++ b/test/recipes/30-test_evp_data/evpmac_common.txt +@@ -271,7 +271,7 @@ MAC = HMAC + Algorithm = SHA256 + Input = "Test Input" + Key = 0001020304 +-Result = MAC_INIT_ERROR ++Output = db70da6176d87813b059879ccc27bc53e295c6eca74db8bdc4e77d7e951d894b + + Title = HMAC FIPS short key indicator test + +diff --git a/test/recipes/30-test_evp_data/evppkey_kdf_hkdf.txt b/test/recipes/30-test_evp_data/evppkey_kdf_hkdf.txt +index 1fb2472001..93c07ede7c 100644 +--- a/test/recipes/30-test_evp_data/evppkey_kdf_hkdf.txt ++++ b/test/recipes/30-test_evp_data/evppkey_kdf_hkdf.txt +@@ -216,7 +216,7 @@ Ctrl.digest = digest:SHA1 + Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b + Ctrl.salt = hexsalt:000102030405060708090a0b0c + Ctrl.info = hexinfo:f0f1f2f3f4f5f6f7f8f9 +-Result = PKEY_CTRL_ERROR ++Result = KDF_DERIVE_ERROR + Reason = invalid key length + + # Test that the key whose length is shorter than 112 bits is reported as +-- +2.51.0 + + diff --git a/0035-FIPS-fix-disallowed-digests-tests.patch b/0035-FIPS-fix-disallowed-digests-tests.patch new file mode 100644 index 0000000..295c784 --- /dev/null +++ b/0035-FIPS-fix-disallowed-digests-tests.patch @@ -0,0 +1,52 @@ +From 4373bb2644892e1d788ca2bdd37d7281221c0385 Mon Sep 17 00:00:00 2001 +From: Simo Sorce +Date: Tue, 15 Apr 2025 13:41:42 -0400 +Subject: [PATCH 49/59] FIPS: fix disallowed digests tests + +Signed-off-by: Simo Sorce +--- + test/recipes/30-test_evp_data/evpkdf_ssh.txt | 10 ++++++---- + 1 file changed, 6 insertions(+), 4 deletions(-) + +diff --git a/test/recipes/30-test_evp_data/evpkdf_ssh.txt b/test/recipes/30-test_evp_data/evpkdf_ssh.txt +index 6688c217aa..8347f773e6 100644 +--- a/test/recipes/30-test_evp_data/evpkdf_ssh.txt ++++ b/test/recipes/30-test_evp_data/evpkdf_ssh.txt +@@ -4894,13 +4894,14 @@ Title = FIPS indicator tests + Availablein = fips + FIPSversion = >=3.4.0 + KDF = SSHKDF ++Unapproved = 1 + Ctrl.digest = digest:SHA512-256 + Ctrl.hexkey = hexkey:0000008055bae931c07fd824bf10add1902b6fbc7c665347383498a686929ff5a25f8e40cb6645ea814fb1a5e0a11f852f86255641e5ed986e83a78bc8269480eac0b0dfd770cab92e7a28dd87ff452466d6ae867cead63b366b1c286e6c4811a9f14c27aea14c5171d49b78c06e3735d36e6a3be321dd5fc82308f34ee1cb17fba94a59 + Ctrl.hexxcghash = hexxcghash:a4ebd45934f56792b5112dcd75a1075fdc889245 + Ctrl.hexsession_id = hexsession_id:a4ebd45934f56792b5112dcd75a1075fdc889245 + Ctrl.type = type:A +-Result = KDF_CTRL_ERROR +-Reason = digest not allowed ++Result = KDF_MISMATCH ++#Reason = digest not allowed + + # Test that the operation with unapproved digest function is is reported as + # unapproved +@@ -4920,13 +4921,14 @@ Output = d37ea221cbcc026d95e8c10b7d28a1b41e4ec1b497bae0e4cdbc1446e5bd59e2 + Availablein = fips + FIPSversion = >=3.4.0 + KDF = SSHKDF ++Unapproved = 1 + Ctrl.digest = digest:SHA1 + Ctrl.hexkey = hexkey:0102030405060708090a0b + Ctrl.hexxcghash = hexxcghash:a4ebd45934f56792b5112dcd75a1075fdc889245 + Ctrl.hexsession_id = hexsession_id:a4ebd45934f56792b5112dcd75a1075fdc889245 + Ctrl.type = type:A +-Result = KDF_CTRL_ERROR +-Reason = invalid key length ++Result = KDF_MISMATCH ++#Reason = invalid key length + + # Test that the key whose length is shorter than 112 bits is reported as + # unapproved +-- +2.51.0 + + diff --git a/0036-apps-speed.c-Disable-testing-of-composite-signature-.patch b/0036-apps-speed.c-Disable-testing-of-composite-signature-.patch new file mode 100644 index 0000000..7c52756 --- /dev/null +++ b/0036-apps-speed.c-Disable-testing-of-composite-signature-.patch @@ -0,0 +1,48 @@ +From bd015ab1f56008f17404ac9511025812646e5e2d Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Pavol=20=C5=BD=C3=A1=C4=8Dik?= +Date: Mon, 11 Aug 2025 12:02:03 +0200 +Subject: [PATCH 56/59] apps/speed.c: Disable testing of composite signature + algorithms +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Creating public key context from name would always fail +for composite signature algorithms (such as RSA-SHA256) +because the public key algorithm name (e.g., RSA) does +not match the name of the composite algorithm. + +Relates to #27855. + +Signed-off-by: Pavol Žáčik + +Reviewed-by: Tomas Mraz +Reviewed-by: Dmitry Belyavskiy +(Merged from https://github.com/openssl/openssl/pull/28224) +--- + apps/speed.c | 8 +++++--- + 1 file changed, 5 insertions(+), 3 deletions(-) + +diff --git a/apps/speed.c b/apps/speed.c +index ae2f166d24..a51d6a57d4 100644 +--- a/apps/speed.c ++++ b/apps/speed.c +@@ -2275,9 +2275,11 @@ int speed_main(int argc, char **argv) + } + #endif /* OPENSSL_NO_DSA */ + /* skipping these algs as tested elsewhere - and b/o setup is a pain */ +- else if (strcmp(sig_name, "ED25519") && +- strcmp(sig_name, "ED448") && +- strcmp(sig_name, "ECDSA") && ++ else if (strncmp(sig_name, "RSA", 3) && ++ strncmp(sig_name, "DSA", 3) && ++ strncmp(sig_name, "ED25519", 7) && ++ strncmp(sig_name, "ED448", 5) && ++ strncmp(sig_name, "ECDSA", 5) && + strcmp(sig_name, "HMAC") && + strcmp(sig_name, "SIPHASH") && + strcmp(sig_name, "POLY1305") && +-- +2.51.0 + + diff --git a/0037-apps-speed.c-Support-more-signature-algorithms.patch b/0037-apps-speed.c-Support-more-signature-algorithms.patch new file mode 100644 index 0000000..7c467f1 --- /dev/null +++ b/0037-apps-speed.c-Support-more-signature-algorithms.patch @@ -0,0 +1,143 @@ +From eeb05d8b4b63fdda732fb49201c6769082922c11 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Pavol=20=C5=BD=C3=A1=C4=8Dik?= +Date: Mon, 11 Aug 2025 12:19:59 +0200 +Subject: [PATCH 57/59] apps/speed.c: Support more signature algorithms +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Some signature algorithms (e.g., ML-DSA-65) cannot be initialized +via EVP_PKEY_sign_init, so try also EVP_PKEY_sign_message_init +before reporting an error. + +Fixes #27108. + +Signed-off-by: Pavol Žáčik + +Reviewed-by: Tomas Mraz +Reviewed-by: Dmitry Belyavskiy +(Merged from https://github.com/openssl/openssl/pull/28224) +--- + apps/speed.c | 69 ++++++++++++++++++++++++++++++++++++++++------------ + 1 file changed, 53 insertions(+), 16 deletions(-) + +diff --git a/apps/speed.c b/apps/speed.c +index a51d6a57d4..4050f46bce 100644 +--- a/apps/speed.c ++++ b/apps/speed.c +@@ -4248,6 +4248,7 @@ int speed_main(int argc, char **argv) + EVP_PKEY_CTX *sig_gen_ctx = NULL; + EVP_PKEY_CTX *sig_sign_ctx = NULL; + EVP_PKEY_CTX *sig_verify_ctx = NULL; ++ EVP_SIGNATURE *alg = NULL; + unsigned char md[SHA256_DIGEST_LENGTH]; + unsigned char *sig; + char sfx[MAX_ALGNAME_SUFFIX]; +@@ -4308,21 +4309,48 @@ int speed_main(int argc, char **argv) + sig_name); + goto sig_err_break; + } ++ ++ /* ++ * Try explicitly fetching the signature algoritm implementation to ++ * use in case the algorithm does not support EVP_PKEY_sign_init ++ */ ++ ERR_set_mark(); ++ alg = EVP_SIGNATURE_fetch(app_get0_libctx(), sig_name, app_get0_propq()); ++ ERR_pop_to_mark(); ++ + /* Now prepare signature data structs */ + sig_sign_ctx = EVP_PKEY_CTX_new_from_pkey(app_get0_libctx(), + pkey, + app_get0_propq()); +- if (sig_sign_ctx == NULL +- || EVP_PKEY_sign_init(sig_sign_ctx) <= 0 +- || (use_params == 1 +- && (EVP_PKEY_CTX_set_rsa_padding(sig_sign_ctx, +- RSA_PKCS1_PADDING) <= 0)) +- || EVP_PKEY_sign(sig_sign_ctx, NULL, &max_sig_len, +- md, md_len) <= 0) { +- BIO_printf(bio_err, +- "Error while initializing signing data structs for %s.\n", +- sig_name); +- goto sig_err_break; ++ if (sig_sign_ctx == NULL) { ++ BIO_printf(bio_err, ++ "Error while initializing signing ctx for %s.\n", ++ sig_name); ++ goto sig_err_break; ++ } ++ ERR_set_mark(); ++ if (EVP_PKEY_sign_init(sig_sign_ctx) <= 0 ++ && (alg == NULL ++ || EVP_PKEY_sign_message_init(sig_sign_ctx, alg, NULL) <= 0)) { ++ ERR_clear_last_mark(); ++ BIO_printf(bio_err, ++ "Error while initializing signing data structs for %s.\n", ++ sig_name); ++ goto sig_err_break; ++ } ++ ERR_pop_to_mark(); ++ if (use_params == 1 && ++ EVP_PKEY_CTX_set_rsa_padding(sig_sign_ctx, RSA_PKCS1_PADDING) <= 0) { ++ BIO_printf(bio_err, ++ "Error while initializing padding for %s.\n", ++ sig_name); ++ goto sig_err_break; ++ } ++ if (EVP_PKEY_sign(sig_sign_ctx, NULL, &max_sig_len, md, md_len) <= 0) { ++ BIO_printf(bio_err, ++ "Error while obtaining signature bufffer length for %s.\n", ++ sig_name); ++ goto sig_err_break; + } + sig = app_malloc(sig_len = max_sig_len, "signature buffer"); + if (sig == NULL) { +@@ -4338,16 +4366,23 @@ int speed_main(int argc, char **argv) + sig_verify_ctx = EVP_PKEY_CTX_new_from_pkey(app_get0_libctx(), + pkey, + app_get0_propq()); +- if (sig_verify_ctx == NULL +- || EVP_PKEY_verify_init(sig_verify_ctx) <= 0 +- || (use_params == 1 +- && (EVP_PKEY_CTX_set_rsa_padding(sig_verify_ctx, +- RSA_PKCS1_PADDING) <= 0))) { ++ if (sig_verify_ctx == NULL) { ++ BIO_printf(bio_err, ++ "Error while initializing verify ctx for %s.\n", ++ sig_name); ++ goto sig_err_break; ++ } ++ ERR_set_mark(); ++ if (EVP_PKEY_verify_init(sig_verify_ctx) <= 0 ++ && (alg == NULL ++ || EVP_PKEY_verify_message_init(sig_verify_ctx, alg, NULL) <= 0)) { ++ ERR_clear_last_mark(); + BIO_printf(bio_err, + "Error while initializing verify data structs for %s.\n", + sig_name); + goto sig_err_break; + } ++ ERR_pop_to_mark(); + if (EVP_PKEY_verify(sig_verify_ctx, sig, sig_len, md, md_len) <= 0) { + BIO_printf(bio_err, "Verify error for %s.\n", sig_name); + goto sig_err_break; +@@ -4363,12 +4398,14 @@ int speed_main(int argc, char **argv) + loopargs[i].sig_act_sig_len[testnum] = sig_len; + loopargs[i].sig_sig[testnum] = sig; + EVP_PKEY_free(pkey); ++ EVP_SIGNATURE_free(alg); + pkey = NULL; + continue; + + sig_err_break: + dofail(); + EVP_PKEY_free(pkey); ++ EVP_SIGNATURE_free(alg); + op_count = 1; + sig_checks = 0; + break; +-- +2.51.0 + + diff --git a/0038-Add-targets-to-skip-build-of-non-installable-program.patch b/0038-Add-targets-to-skip-build-of-non-installable-program.patch new file mode 100644 index 0000000..c625500 --- /dev/null +++ b/0038-Add-targets-to-skip-build-of-non-installable-program.patch @@ -0,0 +1,159 @@ +From f320da46f706a8013de532ee1a34703bd814be06 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Pavol=20=C5=BD=C3=A1=C4=8Dik?= +Date: Tue, 19 Aug 2025 14:26:07 +0200 +Subject: [PATCH 58/59] Add targets to skip build of non-installable programs + +These make it possible to split the build into two +parts, e.g., when tests should be built with different +compiler flags than installed software. + +Also use these as dependecies where appropriate. + +Reviewed-by: Paul Yang +Reviewed-by: Dmitry Belyavskiy +Reviewed-by: Neil Horman +(Merged from https://github.com/openssl/openssl/pull/28302) +--- + Configurations/descrip.mms.tmpl | 7 +++++-- + Configurations/unix-Makefile.tmpl | 9 ++++++--- + Configurations/windows-makefile.tmpl | 8 ++++++-- + util/help.pl | 2 +- + 4 files changed, 18 insertions(+), 8 deletions(-) + +diff --git a/Configurations/descrip.mms.tmpl b/Configurations/descrip.mms.tmpl +index db6a1b1799..bc7fc36b46 100644 +--- a/Configurations/descrip.mms.tmpl ++++ b/Configurations/descrip.mms.tmpl +@@ -491,6 +491,8 @@ NODEBUG=@ + {- dependmagic('build_libs'); -} : build_libs_nodep + {- dependmagic('build_modules'); -} : build_modules_nodep + {- dependmagic('build_programs'); -} : build_programs_nodep ++{- dependmagic('build_inst_sw'); -} : build_libs_nodep, build_modules_nodep, build_inst_programs_nodep ++{- dependmagic('build_inst_programs'); -} : build_inst_programs_nodep + + build_generated_pods : $(GENERATED_PODS) + build_docs : build_html_docs +@@ -500,6 +502,7 @@ build_generated : $(GENERATED_MANDATORY) + build_libs_nodep : $(LIBS), $(SHLIBS) + build_modules_nodep : $(MODULES) + build_programs_nodep : $(PROGRAMS), $(SCRIPTS) ++build_inst_programs_nodep : $(INSTALL_PROGRAMS), $(SCRIPTS) + + # Kept around for backward compatibility + build_apps build_tests : build_programs +@@ -606,7 +609,7 @@ install_docs : install_html_docs + uninstall_docs : uninstall_html_docs + + {- output_off() if $disabled{fips}; "" -} +-install_fips : build_sw $(INSTALL_FIPSMODULECONF) ++install_fips : build_inst_sw $(INSTALL_FIPSMODULECONF) + @ WRITE SYS$OUTPUT "*** Installing FIPS module" + - CREATE/DIR ossl_installroot:[MODULES{- $target{pointer_size} -}.'arch'] + - CREATE/DIR/PROT=(S:RWED,O:RWE,G:RE,W:RE) OSSL_DATAROOT:[000000] +@@ -687,7 +690,7 @@ install_runtime_libs : check_INSTALLTOP build_libs + @install_shlibs) -} + @ {- output_on() if $disabled{shared}; "" -} ! + +-install_programs : check_INSTALLTOP install_runtime_libs build_programs ++install_programs : check_INSTALLTOP install_runtime_libs build_inst_programs + @ {- output_off() if $disabled{apps}; "" -} ! + @ ! Install the main program + - CREATE/DIR ossl_installroot:[EXE.'arch'] +diff --git a/Configurations/unix-Makefile.tmpl b/Configurations/unix-Makefile.tmpl +index 74139ec228..16aab9cd76 100644 +--- a/Configurations/unix-Makefile.tmpl ++++ b/Configurations/unix-Makefile.tmpl +@@ -547,7 +547,9 @@ LANG=C + {- dependmagic('build_sw', 'Build all the software (default target)'); -}: build_libs_nodep build_modules_nodep build_programs_nodep link-utils + {- dependmagic('build_libs', 'Build the libraries libssl and libcrypto'); -}: build_libs_nodep + {- dependmagic('build_modules', 'Build the modules (i.e. providers and engines)'); -}: build_modules_nodep +-{- dependmagic('build_programs', 'Build the openssl executables and scripts'); -}: build_programs_nodep ++{- dependmagic('build_programs', 'Build the openssl executables, scripts and all other programs as configured (e.g. tests or demos)'); -}: build_programs_nodep ++{- dependmagic('build_inst_sw', 'Build all the software to be installed'); -}: build_libs_nodep build_modules_nodep build_inst_programs_nodep link-utils ++{- dependmagic('build_inst_programs', 'Build only the installable openssl executables and scripts'); -}: build_inst_programs_nodep + + all: build_sw {- "build_docs" if !$disabled{docs}; -} ## Build software and documentation + debuginfo: $(SHLIBS) +@@ -566,6 +568,7 @@ build_generated: $(GENERATED_MANDATORY) + build_libs_nodep: $(LIBS) {- join(" ",map { platform->sharedlib_simple($_) // platform->sharedlib_import($_) // platform->sharedlib($_) // () } @{$unified_info{libraries}}) -} + build_modules_nodep: $(MODULES) + build_programs_nodep: $(PROGRAMS) $(SCRIPTS) ++build_inst_programs_nodep: $(INSTALL_PROGRAMS) $(SCRIPTS) + + # Kept around for backward compatibility + build_apps build_tests: build_programs +@@ -680,7 +683,7 @@ uninstall_docs: uninstall_man_docs uninstall_html_docs ## Uninstall manpages and + $(RM) -r "$(DESTDIR)$(DOCDIR)" + + {- output_off() if $disabled{fips}; "" -} +-install_fips: build_sw $(INSTALL_FIPSMODULECONF) ++install_fips: build_inst_sw $(INSTALL_FIPSMODULECONF) + @[ -n "$(INSTALLTOP)" ] || (echo INSTALLTOP should not be empty; exit 1) + @$(PERL) $(SRCDIR)/util/mkdir-p.pl "$(DESTDIR)$(MODULESDIR)" + @$(PERL) $(SRCDIR)/util/mkdir-p.pl "$(DESTDIR)$(OPENSSLDIR)" +@@ -965,7 +968,7 @@ install_runtime_libs: build_libs + : {- output_on() if windowsdll(); "" -}; \ + done + +-install_programs: install_runtime_libs build_programs ++install_programs: install_runtime_libs build_inst_programs + @[ -n "$(INSTALLTOP)" ] || (echo INSTALLTOP should not be empty; exit 1) + @$(PERL) $(SRCDIR)/util/mkdir-p.pl "$(DESTDIR)$(bindir)" + @$(ECHO) "*** Installing runtime programs" +diff --git a/Configurations/windows-makefile.tmpl b/Configurations/windows-makefile.tmpl +index 894834cfb7..b5872124de 100644 +--- a/Configurations/windows-makefile.tmpl ++++ b/Configurations/windows-makefile.tmpl +@@ -418,6 +418,8 @@ PROCESSOR= {- $config{processor} -} + {- dependmagic('build_libs'); -}: build_libs_nodep + {- dependmagic('build_modules'); -}: build_modules_nodep + {- dependmagic('build_programs'); -}: build_programs_nodep ++{- dependmagic('build_inst_sw'); -}: build_libs_nodep build_modules_nodep build_inst_programs_nodep copy-utils ++{- dependmagic('build_inst_programs'); -}: build_inst_programs_nodep + + build_docs: build_html_docs + build_html_docs: $(HTMLDOCS1) $(HTMLDOCS3) $(HTMLDOCS5) $(HTMLDOCS7) +@@ -430,6 +432,8 @@ build_modules_nodep: $(MODULES) + @ + build_programs_nodep: $(PROGRAMS) $(SCRIPTS) + @ ++build_inst_programs_nodep: $(INSTALL_PROGRAMS) $(SCRIPTS) ++ @ + + # Kept around for backward compatibility + build_apps build_tests: build_programs +@@ -507,7 +511,7 @@ install_docs: install_html_docs + uninstall_docs: uninstall_html_docs + + {- output_off() if $disabled{fips}; "" -} +-install_fips: build_sw $(INSTALL_FIPSMODULECONF) ++install_fips: build_inst_sw $(INSTALL_FIPSMODULECONF) + # @[ -n "$(INSTALLTOP)" ] || (echo INSTALLTOP should not be empty; exit 1) + @"$(PERL)" "$(SRCDIR)\util\mkdir-p.pl" "$(MODULESDIR)" + @"$(PERL)" "$(SRCDIR)\util\mkdir-p.pl" "$(OPENSSLDIR)" +@@ -607,7 +611,7 @@ install_runtime_libs: build_libs + "$(PERL)" "$(SRCDIR)\util\copy.pl" $(INSTALL_SHLIBPDBS) \ + "$(INSTALLTOP)\bin" + +-install_programs: install_runtime_libs build_programs ++install_programs: install_runtime_libs build_inst_programs + @if "$(INSTALLTOP)"=="" ( $(ECHO) "INSTALLTOP should not be empty" & exit 1 ) + @$(ECHO) "*** Installing runtime programs" + @if not "$(INSTALL_PROGRAMS)"=="" \ +diff --git a/util/help.pl b/util/help.pl +index a1614fe8a9..e88ff4bae1 100755 +--- a/util/help.pl ++++ b/util/help.pl +@@ -14,7 +14,7 @@ while (<>) { + chomp; # strip record separator + @Fld = split($FS, $_, -1); + if (/^[a-zA-Z0-9_\-]+:.*?##/) { +- printf " \033[36m%-15s\033[0m %s\n", $Fld[0], $Fld[1] ++ printf " \033[36m%-19s\033[0m %s\n", $Fld[0], $Fld[1] + } + if (/^##@/) { + printf "\n\033[1m%s\033[0m\n", substr($Fld[$_], (5)-1); +-- +2.51.0 + + diff --git a/0039-RSA_encrypt-decrypt-with-padding-NONE-is-not-support.patch b/0039-RSA_encrypt-decrypt-with-padding-NONE-is-not-support.patch new file mode 100644 index 0000000..fb426de --- /dev/null +++ b/0039-RSA_encrypt-decrypt-with-padding-NONE-is-not-support.patch @@ -0,0 +1,28 @@ +From 4b91d0604643eff849a480f37b22f3bd7029d897 Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Fri, 17 Oct 2025 17:45:48 +0200 +Subject: [PATCH 59/59] RSA_encrypt/decrypt with padding NONE is not supported + +--- + providers/fips/self_test_kats.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/providers/fips/self_test_kats.c b/providers/fips/self_test_kats.c +index acb0b85f73..c69c81bc9c 100644 +--- a/providers/fips/self_test_kats.c ++++ b/providers/fips/self_test_kats.c +@@ -1190,8 +1190,8 @@ int SELF_TEST_kats(OSSL_SELF_TEST *st, OSSL_LIB_CTX *libctx) + ret = 0; + if (!self_test_kems(st, libctx)) + ret = 0; +- if (!self_test_asym_ciphers(st, libctx)) +- ret = 0; ++/* if (!self_test_asym_ciphers(st, libctx)) ++ ret = 0; */ + + RAND_set0_private(libctx, saved_rand); + return ret; +-- +2.51.0 + + diff --git a/openssl.spec b/openssl.spec index ddf53d3..1a8345a 100644 --- a/openssl.spec +++ b/openssl.spec @@ -1,4 +1,4 @@ -%define anolis_release 2 +%define anolis_release 3 %global soversion 3 %define srpmhash() %{lua: @@ -61,6 +61,18 @@ Patch24: 0024-FIPS-RAND-FIPS-140-3-DRBG-NEEDS-REVIEW.patch Patch25: 0025-FIPS-RAND-Forbid-truncated-hashes-SHA-3.patch Patch26: 0026-FIPS-PBKDF2-Set-minimum-password-length.patch Patch27: 0027-FIPS-DH-PCT.patch +Patch28: 0028-TMP-KTLS-test-skip.patch +Patch29: 0029-FIPS-RSA-size-mode-restrictions.patch +Patch30: 0030-FIPS-RSA-Mark-x931-as-not-approved-by-default.patch +Patch31: 0031-FIPS-TLS-Enforce-EMS-in-TLS-1.2-NOTE.patch +Patch32: 0032-FIPS-Fix-encoder-decoder-negative-test.patch +Patch33: 0033-FIPS-Fix-some-tests-due-to-our-versioning-change.patch +Patch34: 0034-FIPS-KDF-key-lenght-errors.patch +Patch35: 0035-FIPS-fix-disallowed-digests-tests.patch +Patch36: 0036-apps-speed.c-Disable-testing-of-composite-signature-.patch +Patch37: 0037-apps-speed.c-Support-more-signature-algorithms.patch +Patch38: 0038-Add-targets-to-skip-build-of-non-installable-program.patch +Patch39: 0039-RSA_encrypt-decrypt-with-padding-NONE-is-not-support.patch BuildRequires: gcc git coreutils perl-interpreter sed zlib-devel /usr/bin/cmp BuildRequires: lksctp-tools-devel @@ -149,7 +161,7 @@ export HASHBANGPERL=/usr/bin/perl --system-ciphers-file=%{_sysconfdir}/crypto-policies/back-ends/openssl.config \ zlib enable-camellia enable-seed enable-rfc3779 enable-sctp \ enable-cms enable-md2 enable-rc5 enable-ktls enable-fips\ - no-mdc2 no-ec2m enable-sm2 enable-sm4 enable-buildtest-c++\ + no-mdc2 no-ec2m no-sm2 no-sm4 no-atexit enable-buildtest-c++\ shared ${sslarch} $RPM_OPT_FLAGS '-DDEVRANDOM="\"/dev/urandom\"" -DREDHAT_FIPS_VERSION="\"%{fips}\""'\ -Wl,--allow-multiple-definition @@ -263,6 +275,9 @@ rm -f $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/{openssl.cnf.dist,ct_log_list.cnf.di %doc NEWS.md README.md %changelog +* Fri Dec 05 2025 konglidong 1:3.5.4-3 +- fix some failed test case in check phase + * Wed Dec 03 2025 konglidong 1:3.5.4-2 - fix Startup failure for apps/openssl in check phase -- Gitee