/[smecontribs]/rpms/openssl3/contribs10/0061-Deny-SHA-1-signature-verification-in-FIPS-provider.patch
ViewVC logotype

Contents of /rpms/openssl3/contribs10/0061-Deny-SHA-1-signature-verification-in-FIPS-provider.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.1 - (show annotations) (download)
Wed Jan 31 17:24:42 2024 UTC (9 months, 4 weeks ago) by jpp
Branch: MAIN
CVS Tags: openssl3-3_0_7-5_el7_sme_1, HEAD
Initial import

1 From 5f4f350ce797a7cd2fdca84c474ee196da9d6fae Mon Sep 17 00:00:00 2001
2 From: Clemens Lang <cllang@redhat.com>
3 Date: Wed, 18 May 2022 17:25:59 +0200
4 Subject: [PATCH] Deny SHA-1 signature verification in FIPS provider
5
6 For RHEL, we already disable SHA-1 signatures by default in the default
7 provider, so it is unexpected that the FIPS provider would have a more
8 lenient configuration in this regard. Additionally, we do not think
9 continuing to accept SHA-1 signatures is a good idea due to the
10 published chosen-prefix collision attacks.
11
12 As a consequence, disable verification of SHA-1 signatures in the FIPS
13 provider.
14
15 This requires adjusting a few tests that would otherwise fail:
16 - 30-test_acvp: Remove the test vectors that use SHA-1.
17 - 30-test_evp: Mark tests in evppkey_rsa_common.txt and
18 evppkey_ecdsa.txt that use SHA-1 digests as "Availablein = default",
19 which will not run them when the FIPS provider is enabled.
20 - 80-test_cms: Re-create all certificates in test/smime-certificates
21 with SHA256 signatures while keeping the same private keys. These
22 certificates were signed with SHA-1 and thus fail verification in the
23 FIPS provider.
24 Fix some other tests by explicitly running them in the default
25 provider, where SHA-1 is available.
26 - 80-test_ssl_old: Skip tests that rely on SSLv3 and SHA-1 when run with
27 the FIPS provider.
28
29 Signed-off-by: Clemens Lang <cllang@redhat.com>
30 ---
31 providers/implementations/signature/dsa_sig.c | 4 --
32 .../implementations/signature/ecdsa_sig.c | 4 --
33 providers/implementations/signature/rsa_sig.c | 8 +--
34 test/acvp_test.inc | 20 -------
35 .../30-test_evp_data/evppkey_ecdsa.txt | 7 +++
36 .../30-test_evp_data/evppkey_rsa_common.txt | 51 +++++++++++++++-
37 test/recipes/80-test_cms.t | 4 +-
38 test/recipes/80-test_ssl_old.t | 4 ++
39 test/smime-certs/smdh.pem | 18 +++---
40 test/smime-certs/smdsa1.pem | 60 +++++++++----------
41 test/smime-certs/smdsa2.pem | 60 +++++++++----------
42 test/smime-certs/smdsa3.pem | 60 +++++++++----------
43 test/smime-certs/smec1.pem | 30 +++++-----
44 test/smime-certs/smec2.pem | 30 +++++-----
45 test/smime-certs/smec3.pem | 30 +++++-----
46 test/smime-certs/smroot.pem | 38 ++++++------
47 test/smime-certs/smrsa1.pem | 38 ++++++------
48 test/smime-certs/smrsa2.pem | 38 ++++++------
49 test/smime-certs/smrsa3.pem | 38 ++++++------
50 19 files changed, 286 insertions(+), 256 deletions(-)
51
52 diff --git a/providers/implementations/signature/dsa_sig.c b/providers/implementations/signature/dsa_sig.c
53 index fa3822f39f..c365d7b13a 100644
54 --- a/providers/implementations/signature/dsa_sig.c
55 +++ b/providers/implementations/signature/dsa_sig.c
56 @@ -128,11 +128,7 @@ static int dsa_setup_md(PROV_DSA_CTX *ctx,
57 EVP_MD *md = EVP_MD_fetch(ctx->libctx, mdname, mdprops);
58 int md_nid;
59 size_t mdname_len = strlen(mdname);
60 -#ifdef FIPS_MODULE
61 - int sha1_allowed = (ctx->operation != EVP_PKEY_OP_SIGN);
62 -#else
63 int sha1_allowed = 0;
64 -#endif
65 md_nid = ossl_digest_get_approved_nid_with_sha1(ctx->libctx, md,
66 sha1_allowed);
67
68 diff --git a/providers/implementations/signature/ecdsa_sig.c b/providers/implementations/signature/ecdsa_sig.c
69 index 99b228e82c..44a22832ec 100644
70 --- a/providers/implementations/signature/ecdsa_sig.c
71 +++ b/providers/implementations/signature/ecdsa_sig.c
72 @@ -237,11 +237,7 @@ static int ecdsa_setup_md(PROV_ECDSA_CTX *ctx, const char *mdname,
73 "%s could not be fetched", mdname);
74 return 0;
75 }
76 -#ifdef FIPS_MODULE
77 - sha1_allowed = (ctx->operation != EVP_PKEY_OP_SIGN);
78 -#else
79 sha1_allowed = 0;
80 -#endif
81 md_nid = ossl_digest_get_approved_nid_with_sha1(ctx->libctx, md,
82 sha1_allowed);
83 if (md_nid < 0) {
84 diff --git a/providers/implementations/signature/rsa_sig.c b/providers/implementations/signature/rsa_sig.c
85 index f66d7705c3..34f45175e8 100644
86 --- a/providers/implementations/signature/rsa_sig.c
87 +++ b/providers/implementations/signature/rsa_sig.c
88 @@ -292,11 +292,7 @@ static int rsa_setup_md(PROV_RSA_CTX *ctx, const char *mdname,
89 EVP_MD *md = EVP_MD_fetch(ctx->libctx, mdname, mdprops);
90 int md_nid;
91 size_t mdname_len = strlen(mdname);
92 -#ifdef FIPS_MODULE
93 - int sha1_allowed = (ctx->operation != EVP_PKEY_OP_SIGN);
94 -#else
95 int sha1_allowed = 0;
96 -#endif
97 md_nid = ossl_digest_rsa_sign_get_md_nid(ctx->libctx, md,
98 sha1_allowed);
99
100 @@ -1355,8 +1351,10 @@ static int rsa_set_ctx_params(void *vprsactx, const OSSL_PARAM params[])
101
102 if (prsactx->md == NULL && pmdname == NULL
103 && pad_mode == RSA_PKCS1_PSS_PADDING) {
104 +#ifdef FIPS_MODULE
105 + pmdname = RSA_DEFAULT_DIGEST_NAME_NONLEGACY;
106 +#else
107 pmdname = RSA_DEFAULT_DIGEST_NAME;
108 -#ifndef FIPS_MODULE
109 if (!ossl_ctx_legacy_digest_signatures_allowed(prsactx->libctx, 0)) {
110 pmdname = RSA_DEFAULT_DIGEST_NAME_NONLEGACY;
111 }
112 diff --git a/test/acvp_test.inc b/test/acvp_test.inc
113 index ad11d3ae1e..73b24bdb0c 100644
114 --- a/test/acvp_test.inc
115 +++ b/test/acvp_test.inc
116 @@ -1841,17 +1841,6 @@ static const struct rsa_sigver_st rsa_sigver_data[] = {
117 NO_PSS_SALT_LEN,
118 FAIL
119 },
120 - {
121 - "x931",
122 - 3072,
123 - "SHA1",
124 - ITM(rsa_sigverx931_0_msg),
125 - ITM(rsa_sigverx931_0_n),
126 - ITM(rsa_sigverx931_0_e),
127 - ITM(rsa_sigverx931_0_sig),
128 - NO_PSS_SALT_LEN,
129 - PASS
130 - },
131 {
132 "x931",
133 3072,
134 diff --git a/test/recipes/30-test_evp_data/evppkey_ecdsa.txt b/test/recipes/30-test_evp_data/evppkey_ecdsa.txt
135 index f36982845d..51e507a61c 100644
136 --- a/test/recipes/30-test_evp_data/evppkey_ecdsa.txt
137 +++ b/test/recipes/30-test_evp_data/evppkey_ecdsa.txt
138 @@ -37,12 +37,14 @@ PrivPubKeyPair = P-256:P-256-PUBLIC
139
140 Title = ECDSA tests
141
142 +Availablein = default
143 Verify = P-256
144 Ctrl = digest:SHA1
145 Input = "0123456789ABCDEF1234"
146 Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec8
147
148 # Digest too long
149 +Availablein = default
150 Verify = P-256
151 Ctrl = digest:SHA1
152 Input = "0123456789ABCDEF12345"
153 @@ -50,6 +52,7 @@ Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e
154 Result = VERIFY_ERROR
155
156 # Digest too short
157 +Availablein = default
158 Verify = P-256
159 Ctrl = digest:SHA1
160 Input = "0123456789ABCDEF123"
161 @@ -57,6 +60,7 @@ Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e
162 Result = VERIFY_ERROR
163
164 # Digest invalid
165 +Availablein = default
166 Verify = P-256
167 Ctrl = digest:SHA1
168 Input = "0123456789ABCDEF1235"
169 @@ -64,6 +68,7 @@ Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e
170 Result = VERIFY_ERROR
171
172 # Invalid signature
173 +Availablein = default
174 Verify = P-256
175 Ctrl = digest:SHA1
176 Input = "0123456789ABCDEF1234"
177 @@ -79,12 +84,14 @@ Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e
178 Result = VERIFY_ERROR
179
180 # BER signature
181 +Availablein = default
182 Verify = P-256
183 Ctrl = digest:SHA1
184 Input = "0123456789ABCDEF1234"
185 Output = 3080022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec80000
186 Result = VERIFY_ERROR
187
188 +Availablein = default
189 Verify = P-256-PUBLIC
190 Ctrl = digest:SHA1
191 Input = "0123456789ABCDEF1234"
192 diff --git a/test/recipes/30-test_evp_data/evppkey_rsa_common.txt b/test/recipes/30-test_evp_data/evppkey_rsa_common.txt
193 index b8d8bb2993..8dd566067b 100644
194 --- a/test/recipes/30-test_evp_data/evppkey_rsa_common.txt
195 +++ b/test/recipes/30-test_evp_data/evppkey_rsa_common.txt
196 @@ -96,6 +96,7 @@ NDL6WCBbets=
197
198 Title = RSA tests
199
200 +Availablein = default
201 Verify = RSA-2048
202 Ctrl = digest:SHA1
203 Input = "0123456789ABCDEF1234"
204 @@ -112,24 +113,28 @@ Ctrl = digest:SHA512-224
205 Input = "0123456789ABCDEF123456789ABC"
206 Output = 5f720e9488139bb21e1c2f027fd5ce5993e6d31c5a8faaee833487b3a944d66891178868ace8070cad3ee2ffbe54aa4885a15fd1a7cc5166970fe1fd8c0423e72bd3e3b56fc4a53ed80aaaeca42497f0ec3c62113edc05cd006608f5eef7ce3ad4cba1069f68731dd28a524a1f93fcdc5547112d48d45586dd943ba0d443be9635720d8a61697c54c96627f0d85c5fbeaa3b4af86a65cf2fc3800dd5de34c046985f25d0efc0bb6edccc1d08b3a4fb9c8faffe181c7e68b31e374ad1440a4a664eec9ca0dc53a9d2f5bc7d9940d866f64201bcbc63612754df45727ea24b531d7de83d1bb707444859fa35521320c33bf6f4dbeb6fb56e653adbf7af15843f17
207
208 +Availablein = default
209 VerifyRecover = RSA-2048
210 Ctrl = digest:SHA1
211 Input = c09d402423cbf233d26cae21f954547bc43fe80fd41360a0336cfdbe9aedad05bef6fd2eaee6cd60089a52482d4809a238149520df3bdde4cb9e23d9307b05c0a6f327052325a29adf2cc95b66523be7024e2a585c3d4db15dfbe146efe0ecdc0402e33fe5d40324ee96c5c3edd374a15cdc0f5d84aa243c0f07e188c6518fbfceae158a9943be398e31097da81b62074f626eff738be6160741d5a26957a482b3251fd85d8df78b98148459de10aa93305dbb4a5230aa1da291a9b0e481918f99b7638d72bb687f97661d304ae145d64a474437a4ef39d7b8059332ddeb07e92bf6e0e3acaf8afedc93795e4511737ec1e7aab6d5bc9466afc950c1c17b48ad
212 Output = "0123456789ABCDEF1234"
213
214 # Leading zero in the signature
215 +Availablein = default
216 Verify = RSA-2048
217 Ctrl = digest:SHA1
218 Input = "0123456789ABCDEF1234"
219 Output = 00c09d402423cbf233d26cae21f954547bc43fe80fd41360a0336cfdbe9aedad05bef6fd2eaee6cd60089a52482d4809a238149520df3bdde4cb9e23d9307b05c0a6f327052325a29adf2cc95b66523be7024e2a585c3d4db15dfbe146efe0ecdc0402e33fe5d40324ee96c5c3edd374a15cdc0f5d84aa243c0f07e188c6518fbfceae158a9943be398e31097da81b62074f626eff738be6160741d5a26957a482b3251fd85d8df78b98148459de10aa93305dbb4a5230aa1da291a9b0e481918f99b7638d72bb687f97661d304ae145d64a474437a4ef39d7b8059332ddeb07e92bf6e0e3acaf8afedc93795e4511737ec1e7aab6d5bc9466afc950c1c17b48ad
220 Result = VERIFY_ERROR
221
222 +Availablein = default
223 VerifyRecover = RSA-2048
224 Ctrl = digest:SHA1
225 Input = 00c09d402423cbf233d26cae21f954547bc43fe80fd41360a0336cfdbe9aedad05bef6fd2eaee6cd60089a52482d4809a238149520df3bdde4cb9e23d9307b05c0a6f327052325a29adf2cc95b66523be7024e2a585c3d4db15dfbe146efe0ecdc0402e33fe5d40324ee96c5c3edd374a15cdc0f5d84aa243c0f07e188c6518fbfceae158a9943be398e31097da81b62074f626eff738be6160741d5a26957a482b3251fd85d8df78b98148459de10aa93305dbb4a5230aa1da291a9b0e481918f99b7638d72bb687f97661d304ae145d64a474437a4ef39d7b8059332ddeb07e92bf6e0e3acaf8afedc93795e4511737ec1e7aab6d5bc9466afc950c1c17b48ad
226 Result = KEYOP_ERROR
227
228 # Mismatched digest
229 +Availablein = default
230 Verify = RSA-2048
231 Ctrl = digest:SHA1
232 Input = "0123456789ABCDEF1233"
233 @@ -137,6 +142,7 @@ Output = c09d402423cbf233d26cae21f954547bc43fe80fd41360a0336cfdbe9aedad05bef6fd2
234 Result = VERIFY_ERROR
235
236 # Corrupted signature
237 +Availablein = default
238 Verify = RSA-2048
239 Ctrl = digest:SHA1
240 Input = "0123456789ABCDEF1233"
241 @@ -144,6 +150,7 @@ Output = c09d402423cbf233d26cae21f954547bc43fe80fd41360a0336cfdbe9aedad05bef6fd2
242 Result = VERIFY_ERROR
243
244 # parameter is not NULLt
245 +Availablein = default
246 Verify = RSA-2048
247 Ctrl = digest:sha1
248 Input = "0123456789ABCDEF1234"
249 @@ -151,42 +158,49 @@ Output = 3ec3fc29eb6e122bd7aa361cd09fe1bcbe85311096a7b9e4799cedfb2351ce0ab7fe4e7
250 Result = VERIFY_ERROR
251
252 # embedded digest too long
253 +Availablein = default
254 Verify = RSA-2048
255 Ctrl = digest:sha1
256 Input = "0123456789ABCDEF1234"
257 Output = afec9a0d5330a08f54283bb4a9d4e7e7e70fc1342336c4c766fba713f66970151c6e27413c48c33864ea45a0238787004f338ed3e21b53b0fe9c1151c42c388cbc7cba5a06b706c407a5b48324fbe994dc7afc3a19fb3d2841e66222596c14cd72a0f0a7455a019d8eb554f59c0183f9552b75aa96fee8bf935945e079ca283d2bd3534a86f11351f6d6181fbf433e5b01a6d1422145c7a72214d3aacdd5d3af12b2d6bf6438f9f9a64010d8aeed801c87f0859412b236150b86a545f7239be022f4a7ad246b59df87514294cb4a4c7c5a997ee53c66054d9f38ca4e76c1f7af83c30f737ef70f83a45aebe18238ddb95e1998814ca4fc72388f1533147c169d
258 Result = VERIFY_ERROR
259
260 +Availablein = default
261 VerifyRecover = RSA-2048
262 Ctrl = digest:sha1
263 Input = afec9a0d5330a08f54283bb4a9d4e7e7e70fc1342336c4c766fba713f66970151c6e27413c48c33864ea45a0238787004f338ed3e21b53b0fe9c1151c42c388cbc7cba5a06b706c407a5b48324fbe994dc7afc3a19fb3d2841e66222596c14cd72a0f0a7455a019d8eb554f59c0183f9552b75aa96fee8bf935945e079ca283d2bd3534a86f11351f6d6181fbf433e5b01a6d1422145c7a72214d3aacdd5d3af12b2d6bf6438f9f9a64010d8aeed801c87f0859412b236150b86a545f7239be022f4a7ad246b59df87514294cb4a4c7c5a997ee53c66054d9f38ca4e76c1f7af83c30f737ef70f83a45aebe18238ddb95e1998814ca4fc72388f1533147c169d
264 Result = KEYOP_ERROR
265
266 # embedded digest too short
267 +Availablein = default
268 Verify = RSA-2048
269 Ctrl = digest:sha1
270 Input = "0123456789ABCDEF1234"
271 Output = afec9a0d5330a08f54283bb4a9d4e7e7e70fc1342336c4c766fba713f66970151c6e27413c48c33864ea45a0238787004f338ed3e21b53b0fe9c1151c42c388cbc7cba5a06b706c407a5b48324fbe994dc7afc3a19fb3d2841e66222596c14cd72a0f0a7455a019d8eb554f59c0183f9552b75aa96fee8bf935945e079ca283d2bd3534a86f11351f6d6181fbf433e5b01a6d1422145c7a72214d3aacdd5d3af12b2d6bf6438f9f9a64010d8aeed801c87f0859412b236150b86a545f7239be022f4a7ad246b59df87514294cb4a4c7c5a997ee53c66054d9f38ca4e76c1f7af83c30f737ef70f83a45aebe18238ddb95e1998814ca4fc72388f1533147c169d
272 Result = VERIFY_ERROR
273
274 +Availablein = default
275 VerifyRecover = RSA-2048
276 Ctrl = digest:sha1
277 Input = afec9a0d5330a08f54283bb4a9d4e7e7e70fc1342336c4c766fba713f66970151c6e27413c48c33864ea45a0238787004f338ed3e21b53b0fe9c1151c42c388cbc7cba5a06b706c407a5b48324fbe994dc7afc3a19fb3d2841e66222596c14cd72a0f0a7455a019d8eb554f59c0183f9552b75aa96fee8bf935945e079ca283d2bd3534a86f11351f6d6181fbf433e5b01a6d1422145c7a72214d3aacdd5d3af12b2d6bf6438f9f9a64010d8aeed801c87f0859412b236150b86a545f7239be022f4a7ad246b59df87514294cb4a4c7c5a997ee53c66054d9f38ca4e76c1f7af83c30f737ef70f83a45aebe18238ddb95e1998814ca4fc72388f1533147c169d
278 Result = KEYOP_ERROR
279
280 # Garbage after DigestInfo
281 +Availablein = default
282 Verify = RSA-2048
283 Ctrl = digest:sha1
284 Input = "0123456789ABCDEF1234"
285 Output = 9ee34872d4271a7d8808af0a4052a145a6d6a8437d00da3ed14428c7f087cd39f4d43334c41af63e7fa1ba363fee7bcef401d9d36a662abbab55ce89a696e1be0dfa19a5d09ca617dd488787b6048baaefeb29bc8688b2fe3882de2b77c905b5a8b56cf9616041e5ec934ba6de863efe93acc4eef783fe7f72a00fa65d6093ed32bf98ce527e62ccb1d56317f4be18b7e0f55d7c36617d2d0678a306e3350956b662ac15df45215dd8f6b314babb9788e6c272fa461e4c9b512a11a4b92bc77c3a4c95c903fccb238794eca5c750477bf56ea6ee6a167367d881b485ae3889e7c489af8fdf38e0c0f2aed780831182e34abedd43c39281b290774bf35cc25274
286 Result = VERIFY_ERROR
287
288 +Availablein = default
289 VerifyRecover = RSA-2048
290 Ctrl = digest:sha1
291 Input = 9ee34872d4271a7d8808af0a4052a145a6d6a8437d00da3ed14428c7f087cd39f4d43334c41af63e7fa1ba363fee7bcef401d9d36a662abbab55ce89a696e1be0dfa19a5d09ca617dd488787b6048baaefeb29bc8688b2fe3882de2b77c905b5a8b56cf9616041e5ec934ba6de863efe93acc4eef783fe7f72a00fa65d6093ed32bf98ce527e62ccb1d56317f4be18b7e0f55d7c36617d2d0678a306e3350956b662ac15df45215dd8f6b314babb9788e6c272fa461e4c9b512a11a4b92bc77c3a4c95c903fccb238794eca5c750477bf56ea6ee6a167367d881b485ae3889e7c489af8fdf38e0c0f2aed780831182e34abedd43c39281b290774bf35cc25274
292 Result = KEYOP_ERROR
293
294 # invalid tag for parameter
295 +Availablein = default
296 Verify = RSA-2048
297 Ctrl = digest:sha1
298 Input = "0123456789ABCDEF1234"
299 @@ -195,6 +209,7 @@ Result = VERIFY_ERROR
300
301 # Verify using public key
302
303 +Availablein = default
304 Verify = RSA-2048-PUBLIC
305 Ctrl = digest:SHA1
306 Input = "0123456789ABCDEF1234"
307 @@ -370,6 +385,8 @@ Input="0123456789ABCDEF0123456789ABCDEF"
308 Output=4DE433D5844043EF08D354DA03CB29068780D52706D7D1E4D50EFB7D58C9D547D83A747DDD0635A96B28F854E50145518482CB49E963054621B53C60C498D07C16E9C2789C893CF38D4D86900DE71BDE463BD2761D1271E358C7480A1AC0BAB930DDF39602AD1BC165B5D7436B516B7A7858E8EB7AB1C420EEB482F4D207F0E462B1724959320A084E13848D11D10FB593E66BF680BF6D3F345FC3E9C3DE60ABBAC37E1C6EC80A268C8D9FC49626C679097AA690BC1AA662B95EB8DB70390861AA0898229F9349B4B5FDD030D4928C47084708A933144BE23BD3C6E661B85B2C0EF9ED36D498D5B7320E8194D363D4AD478C059BAE804181965E0B81B663158A
309
310 # Verify using salt length auto detect
311 +# In the FIPS provider on RHEL-9, the default digest for PSS signatures is SHA-256
312 +Availablein = default
313 Verify = RSA-2048-PUBLIC
314 Ctrl = rsa_padding_mode:pss
315 Ctrl = rsa_pss_saltlen:auto
316 @@ -404,6 +421,10 @@ Output=4DE433D5844043EF08D354DA03CB29068780D52706D7D1E4D50EFB7D58C9D547D83A747DD
317 Result = VERIFY_ERROR
318
319 # Verify using default parameters, explicitly setting parameters
320 +# NOTE: RSA-PSS-DEFAULT contains a restriction to use SHA1 as digest, which
321 +# RHEL-9 does not support in FIPS mode; all these tests are thus marked
322 +# Availablein = default.
323 +Availablein = default
324 Verify = RSA-PSS-DEFAULT
325 Ctrl = rsa_padding_mode:pss
326 Ctrl = rsa_pss_saltlen:20
327 @@ -412,6 +433,7 @@ Input="0123456789ABCDEF0123"
328 Output = 3EFE09D88509027D837BFA5F8471CF7B69E6DF395DD999BB9CA42021F15722D9AC76670507C6BCFB73F64FB2211B611B8F140E76EBDB064BD762FDBA89D019E304A0D6B274E1C2FE1DF50005598A0306AF805416094E2A5BA60BC72BDE38CE061E853ED40F14967A8B9CA4DC739B462F89558F12FDF2D8D19FBEF16AD66FE2DDDA8BEE983ECBD873064244849D8D94B5B33F45E076871A47ED653E73257A2BE2DB3C0878094B0D2B6B682C8007DFD989425FB39A1FEEC9EED5876414601A49176EC344F5E3EDEE81CA2DDD29B7364F4638112CB3A547E2BC170E28CB66BDABE863754BE8AD5BA230567B575266F4B6B4CF81F28310ABF05351CC9E2DB85D00BF
329
330 # Verify explicitly setting parameters "digest" salt length
331 +Availablein = default
332 Verify = RSA-PSS-DEFAULT
333 Ctrl = rsa_padding_mode:pss
334 Ctrl = rsa_pss_saltlen:digest
335 @@ -420,18 +442,21 @@ Input="0123456789ABCDEF0123"
336 Output = 3EFE09D88509027D837BFA5F8471CF7B69E6DF395DD999BB9CA42021F15722D9AC76670507C6BCFB73F64FB2211B611B8F140E76EBDB064BD762FDBA89D019E304A0D6B274E1C2FE1DF50005598A0306AF805416094E2A5BA60BC72BDE38CE061E853ED40F14967A8B9CA4DC739B462F89558F12FDF2D8D19FBEF16AD66FE2DDDA8BEE983ECBD873064244849D8D94B5B33F45E076871A47ED653E73257A2BE2DB3C0878094B0D2B6B682C8007DFD989425FB39A1FEEC9EED5876414601A49176EC344F5E3EDEE81CA2DDD29B7364F4638112CB3A547E2BC170E28CB66BDABE863754BE8AD5BA230567B575266F4B6B4CF81F28310ABF05351CC9E2DB85D00BF
337
338 # Verify using salt length larger than minimum
339 +Availablein = default
340 Verify = RSA-PSS-DEFAULT
341 Ctrl = rsa_pss_saltlen:30
342 Input="0123456789ABCDEF0123"
343 Output = 6BF7EDC63A0BA184EEEC7F3020FEC8F5EBF38C2B76481881F48BCCE5796E7AB294548BA9AE810457C7723CABD1BDE94CF59CF7C0FC7461B22760C8ED703DD98E97BFDD61FA8D1181C411F6DEE5FF159F4850746D78EDEE385A363DC28E2CB373D5CAD7953F3BD5E639BE345732C03A1BDEA268814DA036EB1891C82D4012F3B903D86636055F87B96FC98806AD1B217685A4D754046A5DE0B0D7870664BE07902153EC85BA457BE7D7F89D7FE0F626D02A9CBBB2BB479DDA1A5CAE75247FB7BF6BFB15C1D3FD9E6B1573CCDBC72011C3B97716058BB11C7EA2E4E56ADAFE1F5DE6A7FD405AC5890100F9C3408EFFB5C73BF73F48177FF743B4B819D0699D507B
344
345 # Verify using maximum salt length
346 +Availablein = default
347 Verify = RSA-PSS-DEFAULT
348 Ctrl = rsa_pss_saltlen:max
349 Input="0123456789ABCDEF0123"
350 Output = 4470DCFE812DEE2E58E4301D4ED274AB348FE040B724B2CD1D8CD0914BFF375F0B86FCB32BFA8AEA9BD22BD7C4F1ADD4F3D215A5CFCC99055BAFECFC23800E9BECE19A08C66BEBC5802122D13A732E5958FC228DCC0B49B5B4B1154F032D8FA2F3564AA949C1310CC9266B0C47F86D449AC9D2E7678347E7266E2D7C888CCE1ADF44A109A293F8516AE2BD94CE220F26E137DB8E7A66BB9FCE052CDC1D0BE24D8CEBB20D10125F26B069F117044B9E1D16FDDAABCA5340AE1702F37D0E1C08A2E93801C0A41035C6C73DA02A0E32227EAFB0B85E79107B59650D0EE7DC32A6772CCCE90F06369B2880FE87ED76997BA61F5EA818091EE88F8B0D6F24D02A3FC6
351
352 # Attempt to change salt length below minimum
353 +Availablein = default
354 Verify = RSA-PSS-DEFAULT
355 Ctrl = rsa_pss_saltlen:0
356 Result = PKEY_CTRL_ERROR
357 @@ -439,21 +464,25 @@ Result = PKEY_CTRL_ERROR
358 # Attempt to change padding mode
359 # Note this used to return PKEY_CTRL_INVALID
360 # but it is limited because setparams only returns 0 or 1.
361 +Availablein = default
362 Verify = RSA-PSS-DEFAULT
363 Ctrl = rsa_padding_mode:pkcs1
364 Result = PKEY_CTRL_ERROR
365
366 # Attempt to change digest
367 +Availablein = default
368 Verify = RSA-PSS-DEFAULT
369 Ctrl = digest:sha256
370 Result = PKEY_CTRL_ERROR
371
372 # Invalid key: rejected when we try to init
373 +Availablein = default
374 Verify = RSA-PSS-BAD
375 Result = KEYOP_INIT_ERROR
376 Reason = invalid salt length
377
378 # Invalid key: rejected when we try to init
379 +Availablein = default
380 Verify = RSA-PSS-BAD2
381 Result = KEYOP_INIT_ERROR
382 Reason = invalid salt length
383 @@ -472,36 +501,42 @@ CAltWyuLbfXWce9jd8CSHLI8Jwpw4lmOb/idGfEFrMLT8Ms18pKA4Thrb2TE7yLh
384 4fINDOjP+yJJvZohNwIDAQAB
385 -----END PUBLIC KEY-----
386
387 +Availablein = default
388 Verify=RSA-PSS-1
389 Ctrl = rsa_padding_mode:pss
390 Ctrl = rsa_mgf1_md:sha1
391 Input=cd8b6538cb8e8de566b68bd067569dbf1ee2718e
392 Output=9074308fb598e9701b2294388e52f971faac2b60a5145af185df5287b5ed2887e57ce7fd44dc8634e407c8e0e4360bc226f3ec227f9d9e54638e8d31f5051215df6ebb9c2f9579aa77598a38f914b5b9c1bd83c4e2f9f382a0d0aa3542ffee65984a601bc69eb28deb27dca12c82c2d4c3f66cd500f1ff2b994d8a4e30cbb33c
393
394 +Availablein = default
395 Verify=RSA-PSS-1
396 Ctrl = rsa_padding_mode:pss
397 Ctrl = rsa_mgf1_md:sha1
398 Input=e35befc17a1d160b9ce35fbd8eb16e7ee491d3fd
399 Output=3ef7f46e831bf92b32274142a585ffcefbdca7b32ae90d10fb0f0c729984f04ef29a9df0780775ce43739b97838390db0a5505e63de927028d9d29b219ca2c4517832558a55d694a6d25b9dab66003c4cccd907802193be5170d26147d37b93590241be51c25055f47ef62752cfbe21418fafe98c22c4d4d47724fdb5669e843
400
401 +Availablein = default
402 Verify=RSA-PSS-1
403 Ctrl = rsa_padding_mode:pss
404 Ctrl = rsa_mgf1_md:sha1
405 Input=0652ec67bcee30f9d2699122b91c19abdba89f91
406 Output=666026fba71bd3e7cf13157cc2c51a8e4aa684af9778f91849f34335d141c00154c4197621f9624a675b5abc22ee7d5baaffaae1c9baca2cc373b3f33e78e6143c395a91aa7faca664eb733afd14d8827259d99a7550faca501ef2b04e33c23aa51f4b9e8282efdb728cc0ab09405a91607c6369961bc8270d2d4f39fce612b1
407
408 +Availablein = default
409 Verify=RSA-PSS-1
410 Ctrl = rsa_padding_mode:pss
411 Ctrl = rsa_mgf1_md:sha1
412 Input=39c21c4cceda9c1adf839c744e1212a6437575ec
413 Output=4609793b23e9d09362dc21bb47da0b4f3a7622649a47d464019b9aeafe53359c178c91cd58ba6bcb78be0346a7bc637f4b873d4bab38ee661f199634c547a1ad8442e03da015b136e543f7ab07c0c13e4225b8de8cce25d4f6eb8400f81f7e1833b7ee6e334d370964ca79fdb872b4d75223b5eeb08101591fb532d155a6de87
414
415 +Availablein = default
416 Verify=RSA-PSS-1
417 Ctrl = rsa_padding_mode:pss
418 Ctrl = rsa_mgf1_md:sha1
419 Input=36dae913b77bd17cae6e7b09453d24544cebb33c
420 Output=1d2aad221ca4d31ddf13509239019398e3d14b32dc34dc5af4aeaea3c095af73479cf0a45e5629635a53a018377615b16cb9b13b3e09d671eb71e387b8545c5960da5a64776e768e82b2c93583bf104c3fdb23512b7b4e89f633dd0063a530db4524b01c3f384c09310e315a79dcd3d684022a7f31c865a664e316978b759fad
421
422 +Availablein = default
423 Verify=RSA-PSS-1
424 Ctrl = rsa_padding_mode:pss
425 Ctrl = rsa_mgf1_md:sha1
426 @@ -517,36 +552,42 @@ swU7R97S7NSkyu/WFIM9yLtiLzF+0Ha4BX/o3j+ESArV6D5KYZBKTySPs5cCc1fh
427 0w5GMTmBXG/U/VrFuBcqRSMOy2MYoE8UVdhOWosCAwEAAQ==
428 -----END PUBLIC KEY-----
429
430 +Availablein = default
431 Verify=RSA-PSS-9
432 Ctrl = rsa_padding_mode:pss
433 Ctrl = rsa_mgf1_md:sha1
434 Input=2715a49b8b0012cd7aee84c116446e6dfe3faec0
435 Output=586107226c3ce013a7c8f04d1a6a2959bb4b8e205ba43a27b50f124111bc35ef589b039f5932187cb696d7d9a32c0c38300a5cdda4834b62d2eb240af33f79d13dfbf095bf599e0d9686948c1964747b67e89c9aba5cd85016236f566cc5802cb13ead51bc7ca6bef3b94dcbdbb1d570469771df0e00b1a8a06777472d2316279edae86474668d4e1efff95f1de61c6020da32ae92bbf16520fef3cf4d88f61121f24bbd9fe91b59caf1235b2a93ff81fc403addf4ebdea84934a9cdaf8e1a9e
436
437 +Availablein = default
438 Verify=RSA-PSS-9
439 Ctrl = rsa_padding_mode:pss
440 Ctrl = rsa_mgf1_md:sha1
441 Input=2dac956d53964748ac364d06595827c6b4f143cd
442 Output=80b6d643255209f0a456763897ac9ed259d459b49c2887e5882ecb4434cfd66dd7e1699375381e51cd7f554f2c271704b399d42b4be2540a0eca61951f55267f7c2878c122842dadb28b01bd5f8c025f7e228418a673c03d6bc0c736d0a29546bd67f786d9d692ccea778d71d98c2063b7a71092187a4d35af108111d83e83eae46c46aa34277e06044589903788f1d5e7cee25fb485e92949118814d6f2c3ee361489016f327fb5bc517eb50470bffa1afa5f4ce9aa0ce5b8ee19bf5501b958
443
444 +Availablein = default
445 Verify=RSA-PSS-9
446 Ctrl = rsa_padding_mode:pss
447 Ctrl = rsa_mgf1_md:sha1
448 Input=28d98c46cccafbd3bc04e72f967a54bd3ea12298
449 Output=484408f3898cd5f53483f80819efbf2708c34d27a8b2a6fae8b322f9240237f981817aca1846f1084daa6d7c0795f6e5bf1af59c38e1858437ce1f7ec419b98c8736adf6dd9a00b1806d2bd3ad0a73775e05f52dfef3a59ab4b08143f0df05cd1ad9d04bececa6daa4a2129803e200cbc77787caf4c1d0663a6c5987b605952019782caf2ec1426d68fb94ed1d4be816a7ed081b77e6ab330b3ffc073820fecde3727fcbe295ee61a050a343658637c3fd659cfb63736de32d9f90d3c2f63eca
450
451 +Availablein = default
452 Verify=RSA-PSS-9
453 Ctrl = rsa_padding_mode:pss
454 Ctrl = rsa_mgf1_md:sha1
455 Input=0866d2ff5a79f25ef668cd6f31b42dee421e4c0e
456 Output=84ebeb481be59845b46468bafb471c0112e02b235d84b5d911cbd1926ee5074ae0424495cb20e82308b8ebb65f419a03fb40e72b78981d88aad143053685172c97b29c8b7bf0ae73b5b2263c403da0ed2f80ff7450af7828eb8b86f0028bd2a8b176a4d228cccea18394f238b09ff758cc00bc04301152355742f282b54e663a919e709d8da24ade5500a7b9aa50226e0ca52923e6c2d860ec50ff480fa57477e82b0565f4379f79c772d5c2da80af9fbf325ece6fc20b00961614bee89a183e
457
458 +Availablein = default
459 Verify=RSA-PSS-9
460 Ctrl = rsa_padding_mode:pss
461 Ctrl = rsa_mgf1_md:sha1
462 Input=6a5b4be4cd36cc97dfde9995efbf8f097a4a991a
463 Output=82102df8cb91e7179919a04d26d335d64fbc2f872c44833943241de8454810274cdf3db5f42d423db152af7135f701420e39b494a67cbfd19f9119da233a23da5c6439b5ba0d2bc373eee3507001378d4a4073856b7fe2aba0b5ee93b27f4afec7d4d120921c83f606765b02c19e4d6a1a3b95fa4c422951be4f52131077ef17179729cddfbdb56950dbaceefe78cb16640a099ea56d24389eef10f8fecb31ba3ea3b227c0a86698bb89e3e9363905bf22777b2a3aa521b65b4cef76d83bde4c
464
465 +Availablein = default
466 Verify=RSA-PSS-9
467 Ctrl = rsa_padding_mode:pss
468 Ctrl = rsa_mgf1_md:sha1
469 @@ -564,36 +605,42 @@ F7jfF3jbOB3OCctK0FilEQAac4GY7ifPVaE7dUU5kGWC7IsXS9WNXR89dnxhNyGu
470 BQIDAQAB
471 -----END PUBLIC KEY-----
472
473 +Availablein = default
474 Verify=RSA-PSS-10
475 Ctrl = rsa_padding_mode:pss
476 Ctrl = rsa_mgf1_md:sha1
477 Input=9596bb630cf6a8d4ea4600422b9eba8b13675dd4
478 Output=82c2b160093b8aa3c0f7522b19f87354066c77847abf2a9fce542d0e84e920c5afb49ffdfdace16560ee94a1369601148ebad7a0e151cf16331791a5727d05f21e74e7eb811440206935d744765a15e79f015cb66c532c87a6a05961c8bfad741a9a6657022894393e7223739796c02a77455d0f555b0ec01ddf259b6207fd0fd57614cef1a5573baaff4ec00069951659b85f24300a25160ca8522dc6e6727e57d019d7e63629b8fe5e89e25cc15beb3a647577559299280b9b28f79b0409000be25bbd96408ba3b43cc486184dd1c8e62553fa1af4040f60663de7f5e49c04388e257f1ce89c95dab48a315d9b66b1b7628233876ff2385230d070d07e1666
479
480 +Availablein = default
481 Verify=RSA-PSS-10
482 Ctrl = rsa_padding_mode:pss
483 Ctrl = rsa_mgf1_md:sha1
484 Input=b503319399277fd6c1c8f1033cbf04199ea21716
485 Output=14ae35d9dd06ba92f7f3b897978aed7cd4bf5ff0b585a40bd46ce1b42cd2703053bb9044d64e813d8f96db2dd7007d10118f6f8f8496097ad75e1ff692341b2892ad55a633a1c55e7f0a0ad59a0e203a5b8278aec54dd8622e2831d87174f8caff43ee6c46445345d84a59659bfb92ecd4c818668695f34706f66828a89959637f2bf3e3251c24bdba4d4b7649da0022218b119c84e79a6527ec5b8a5f861c159952e23ec05e1e717346faefe8b1686825bd2b262fb2531066c0de09acde2e4231690728b5d85e115a2f6b92b79c25abc9bd9399ff8bcf825a52ea1f56ea76dd26f43baafa18bfa92a504cbd35699e26d1dcc5a2887385f3c63232f06f3244c3
486
487 +Availablein = default
488 Verify=RSA-PSS-10
489 Ctrl = rsa_padding_mode:pss
490 Ctrl = rsa_mgf1_md:sha1
491 Input=50aaede8536b2c307208b275a67ae2df196c7628
492 Output=6e3e4d7b6b15d2fb46013b8900aa5bbb3939cf2c095717987042026ee62c74c54cffd5d7d57efbbf950a0f5c574fa09d3fc1c9f513b05b4ff50dd8df7edfa20102854c35e592180119a70ce5b085182aa02d9ea2aa90d1df03f2daae885ba2f5d05afdac97476f06b93b5bc94a1a80aa9116c4d615f333b098892b25fface266f5db5a5a3bcc10a824ed55aad35b727834fb8c07da28fcf416a5d9b2224f1f8b442b36f91e456fdea2d7cfe3367268de0307a4c74e924159ed33393d5e0655531c77327b89821bdedf880161c78cd4196b5419f7acc3f13e5ebf161b6e7c6724716ca33b85c2e25640192ac2859651d50bde7eb976e51cec828b98b6563b86bb
493
494 +Availablein = default
495 Verify=RSA-PSS-10
496 Ctrl = rsa_padding_mode:pss
497 Ctrl = rsa_mgf1_md:sha1
498 Input=aa0b72b8b371ddd10c8ae474425ccccf8842a294
499 Output=34047ff96c4dc0dc90b2d4ff59a1a361a4754b255d2ee0af7d8bf87c9bc9e7ddeede33934c63ca1c0e3d262cb145ef932a1f2c0a997aa6a34f8eaee7477d82ccf09095a6b8acad38d4eec9fb7eab7ad02da1d11d8e54c1825e55bf58c2a23234b902be124f9e9038a8f68fa45dab72f66e0945bf1d8bacc9044c6f07098c9fcec58a3aab100c805178155f030a124c450e5acbda47d0e4f10b80a23f803e774d023b0015c20b9f9bbe7c91296338d5ecb471cafb032007b67a60be5f69504a9f01abb3cb467b260e2bce860be8d95bf92c0c8e1496ed1e528593a4abb6df462dde8a0968dffe4683116857a232f5ebf6c85be238745ad0f38f767a5fdbf486fb
500
501 +Availablein = default
502 Verify=RSA-PSS-10
503 Ctrl = rsa_padding_mode:pss
504 Ctrl = rsa_mgf1_md:sha1
505 Input=fad3902c9750622a2bc672622c48270cc57d3ea8
506 Output=7e0935ea18f4d6c1d17ce82eb2b3836c55b384589ce19dfe743363ac9948d1f346b7bfddfe92efd78adb21faefc89ade42b10f374003fe122e67429a1cb8cbd1f8d9014564c44d120116f4990f1a6e38774c194bd1b8213286b077b0499d2e7b3f434ab12289c556684deed78131934bb3dd6537236f7c6f3dcb09d476be07721e37e1ceed9b2f7b406887bd53157305e1c8b4f84d733bc1e186fe06cc59b6edb8f4bd7ffefdf4f7ba9cfb9d570689b5a1a4109a746a690893db3799255a0cb9215d2d1cd490590e952e8c8786aa0011265252470c041dfbc3eec7c3cbf71c24869d115c0cb4a956f56d530b80ab589acfefc690751ddf36e8d383f83cedd2cc
507
508 +Availablein = default
509 Verify=RSA-PSS-10
510 Ctrl = rsa_padding_mode:pss
511 Ctrl = rsa_mgf1_md:sha1
512 @@ -1329,11 +1376,13 @@ Title = RSA FIPS tests
513
514 # FIPS tests
515
516 -# Verifying with SHA1 is permitted in fips mode for older applications
517 +# Verifying with SHA1 is not permitted on RHEL-9 in FIPS mode
518 +Availablein = fips
519 DigestVerify = SHA1
520 Key = RSA-2048
521 Input = "Hello "
522 Output = 87ea0e2226ef35e5a2aec9ca1222fcbe39ba723f05b3203564f671dd3601271806ead3240e61d424359ee3b17bd3e32f54b82df83998a8ac4148410710361de0400f9ddf98278618fbc87747a0531972543e6e5f18ab2fdfbfda02952f6ac69690e43864690af271bf43d4be9705b303d4ff994ab3abd4d5851562b73e59be3edc01cec41a4cc13b68206329bad1a46c6608d3609e951faa321d0fdbc765d54e9a7c59248d2f67913c9903e932b769c9c8a45520cabea06e8c0b231dd3bcc7f7ec55b46b0157ccb5fc5011fa57353cd3df32edcbadcb8d168133cbd0acfb64444cb040e1298f621508a38f79e14ae8c2c5c857f90aa9d24ef5fc07d34bf23859
523 +Result = DIGESTVERIFYINIT_ERROR
524
525 # Verifying with a 1024 bit key is permitted in fips mode for older applications
526 DigestVerify = SHA256
527 diff --git a/test/recipes/80-test_cms.t b/test/recipes/80-test_cms.t
528 index 48a92f735d..34afe91b88 100644
529 --- a/test/recipes/80-test_cms.t
530 +++ b/test/recipes/80-test_cms.t
531 @@ -162,7 +162,7 @@ my @smime_pkcs7_tests = (
532 [ "{cmd1}", @defaultprov, "-sign", "-in", $smcont, "-md", "sha1",
533 "-certfile", $smroot,
534 "-signer", $smrsa1, "-out", "{output}.cms" ],
535 - [ "{cmd2}", @prov, "-verify", "-in", "{output}.cms",
536 + [ "{cmd2}", @defaultprov, "-verify", "-in", "{output}.cms",
537 "-CAfile", $smroot, "-out", "{output}.txt" ],
538 \&final_compare
539 ],
540 @@ -170,7 +170,7 @@ my @smime_pkcs7_tests = (
541 [ "signed zero-length content S/MIME format, RSA key SHA1",
542 [ "{cmd1}", @defaultprov, "-sign", "-in", $smcont_zero, "-md", "sha1",
543 "-certfile", $smroot, "-signer", $smrsa1, "-out", "{output}.cms" ],
544 - [ "{cmd2}", @prov, "-verify", "-in", "{output}.cms",
545 + [ "{cmd2}", @defaultprov, "-verify", "-in", "{output}.cms",
546 "-CAfile", $smroot, "-out", "{output}.txt" ],
547 \&zero_compare
548 ],
549 diff --git a/test/recipes/80-test_ssl_old.t b/test/recipes/80-test_ssl_old.t
550 index 8c52b637fc..ff75c5b6ec 100644
551 --- a/test/recipes/80-test_ssl_old.t
552 +++ b/test/recipes/80-test_ssl_old.t
553 @@ -394,6 +394,9 @@ sub testssl {
554 'test sslv2/sslv3 with 1024bit DHE via BIO pair');
555 }
556
557 + SKIP: {
558 + skip "SSLv3 is not supported by the FIPS provider", 4
559 + if $provider eq "fips";
560 ok(run(test([@ssltest, "-bio_pair", "-server_auth", @CA])),
561 'test sslv2/sslv3 with server authentication');
562 ok(run(test([@ssltest, "-bio_pair", "-client_auth", @CA])),
563 @@ -402,6 +405,7 @@ sub testssl {
564 'test sslv2/sslv3 with both client and server authentication via BIO pair');
565 ok(run(test([@ssltest, "-bio_pair", "-server_auth", "-client_auth", "-app_verify", @CA])),
566 'test sslv2/sslv3 with both client and server authentication via BIO pair and app verify');
567 + }
568
569 SKIP: {
570 skip "No IPv4 available on this machine", 4

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed