| 1 |
From 5f4f350ce797a7cd2fdca84c474ee196da9d6fae Mon Sep 17 00:00:00 2001 |
| 2 |
From: Clemens Lang <cllang@redhat.com> |
| 3 |
Date: Wed, 18 May 2022 17:25:59 +0200 |
| 4 |
Subject: [PATCH] Deny SHA-1 signature verification in FIPS provider |
| 5 |
|
| 6 |
For RHEL, we already disable SHA-1 signatures by default in the default |
| 7 |
provider, so it is unexpected that the FIPS provider would have a more |
| 8 |
lenient configuration in this regard. Additionally, we do not think |
| 9 |
continuing to accept SHA-1 signatures is a good idea due to the |
| 10 |
published chosen-prefix collision attacks. |
| 11 |
|
| 12 |
As a consequence, disable verification of SHA-1 signatures in the FIPS |
| 13 |
provider. |
| 14 |
|
| 15 |
This requires adjusting a few tests that would otherwise fail: |
| 16 |
- 30-test_acvp: Remove the test vectors that use SHA-1. |
| 17 |
- 30-test_evp: Mark tests in evppkey_rsa_common.txt and |
| 18 |
evppkey_ecdsa.txt that use SHA-1 digests as "Availablein = default", |
| 19 |
which will not run them when the FIPS provider is enabled. |
| 20 |
- 80-test_cms: Re-create all certificates in test/smime-certificates |
| 21 |
with SHA256 signatures while keeping the same private keys. These |
| 22 |
certificates were signed with SHA-1 and thus fail verification in the |
| 23 |
FIPS provider. |
| 24 |
Fix some other tests by explicitly running them in the default |
| 25 |
provider, where SHA-1 is available. |
| 26 |
- 80-test_ssl_old: Skip tests that rely on SSLv3 and SHA-1 when run with |
| 27 |
the FIPS provider. |
| 28 |
|
| 29 |
Signed-off-by: Clemens Lang <cllang@redhat.com> |
| 30 |
--- |
| 31 |
providers/implementations/signature/dsa_sig.c | 4 -- |
| 32 |
.../implementations/signature/ecdsa_sig.c | 4 -- |
| 33 |
providers/implementations/signature/rsa_sig.c | 8 +-- |
| 34 |
test/acvp_test.inc | 20 ------- |
| 35 |
.../30-test_evp_data/evppkey_ecdsa.txt | 7 +++ |
| 36 |
.../30-test_evp_data/evppkey_rsa_common.txt | 51 +++++++++++++++- |
| 37 |
test/recipes/80-test_cms.t | 4 +- |
| 38 |
test/recipes/80-test_ssl_old.t | 4 ++ |
| 39 |
test/smime-certs/smdh.pem | 18 +++--- |
| 40 |
test/smime-certs/smdsa1.pem | 60 +++++++++---------- |
| 41 |
test/smime-certs/smdsa2.pem | 60 +++++++++---------- |
| 42 |
test/smime-certs/smdsa3.pem | 60 +++++++++---------- |
| 43 |
test/smime-certs/smec1.pem | 30 +++++----- |
| 44 |
test/smime-certs/smec2.pem | 30 +++++----- |
| 45 |
test/smime-certs/smec3.pem | 30 +++++----- |
| 46 |
test/smime-certs/smroot.pem | 38 ++++++------ |
| 47 |
test/smime-certs/smrsa1.pem | 38 ++++++------ |
| 48 |
test/smime-certs/smrsa2.pem | 38 ++++++------ |
| 49 |
test/smime-certs/smrsa3.pem | 38 ++++++------ |
| 50 |
19 files changed, 286 insertions(+), 256 deletions(-) |
| 51 |
|
| 52 |
diff --git a/providers/implementations/signature/dsa_sig.c b/providers/implementations/signature/dsa_sig.c |
| 53 |
index fa3822f39f..c365d7b13a 100644 |
| 54 |
--- a/providers/implementations/signature/dsa_sig.c |
| 55 |
+++ b/providers/implementations/signature/dsa_sig.c |
| 56 |
@@ -128,11 +128,7 @@ static int dsa_setup_md(PROV_DSA_CTX *ctx, |
| 57 |
EVP_MD *md = EVP_MD_fetch(ctx->libctx, mdname, mdprops); |
| 58 |
int md_nid; |
| 59 |
size_t mdname_len = strlen(mdname); |
| 60 |
-#ifdef FIPS_MODULE |
| 61 |
- int sha1_allowed = (ctx->operation != EVP_PKEY_OP_SIGN); |
| 62 |
-#else |
| 63 |
int sha1_allowed = 0; |
| 64 |
-#endif |
| 65 |
md_nid = ossl_digest_get_approved_nid_with_sha1(ctx->libctx, md, |
| 66 |
sha1_allowed); |
| 67 |
|
| 68 |
diff --git a/providers/implementations/signature/ecdsa_sig.c b/providers/implementations/signature/ecdsa_sig.c |
| 69 |
index 99b228e82c..44a22832ec 100644 |
| 70 |
--- a/providers/implementations/signature/ecdsa_sig.c |
| 71 |
+++ b/providers/implementations/signature/ecdsa_sig.c |
| 72 |
@@ -237,11 +237,7 @@ static int ecdsa_setup_md(PROV_ECDSA_CTX *ctx, const char *mdname, |
| 73 |
"%s could not be fetched", mdname); |
| 74 |
return 0; |
| 75 |
} |
| 76 |
-#ifdef FIPS_MODULE |
| 77 |
- sha1_allowed = (ctx->operation != EVP_PKEY_OP_SIGN); |
| 78 |
-#else |
| 79 |
sha1_allowed = 0; |
| 80 |
-#endif |
| 81 |
md_nid = ossl_digest_get_approved_nid_with_sha1(ctx->libctx, md, |
| 82 |
sha1_allowed); |
| 83 |
if (md_nid < 0) { |
| 84 |
diff --git a/providers/implementations/signature/rsa_sig.c b/providers/implementations/signature/rsa_sig.c |
| 85 |
index f66d7705c3..34f45175e8 100644 |
| 86 |
--- a/providers/implementations/signature/rsa_sig.c |
| 87 |
+++ b/providers/implementations/signature/rsa_sig.c |
| 88 |
@@ -292,11 +292,7 @@ static int rsa_setup_md(PROV_RSA_CTX *ctx, const char *mdname, |
| 89 |
EVP_MD *md = EVP_MD_fetch(ctx->libctx, mdname, mdprops); |
| 90 |
int md_nid; |
| 91 |
size_t mdname_len = strlen(mdname); |
| 92 |
-#ifdef FIPS_MODULE |
| 93 |
- int sha1_allowed = (ctx->operation != EVP_PKEY_OP_SIGN); |
| 94 |
-#else |
| 95 |
int sha1_allowed = 0; |
| 96 |
-#endif |
| 97 |
md_nid = ossl_digest_rsa_sign_get_md_nid(ctx->libctx, md, |
| 98 |
sha1_allowed); |
| 99 |
|
| 100 |
@@ -1355,8 +1351,10 @@ static int rsa_set_ctx_params(void *vprsactx, const OSSL_PARAM params[]) |
| 101 |
|
| 102 |
if (prsactx->md == NULL && pmdname == NULL |
| 103 |
&& pad_mode == RSA_PKCS1_PSS_PADDING) { |
| 104 |
+#ifdef FIPS_MODULE |
| 105 |
+ pmdname = RSA_DEFAULT_DIGEST_NAME_NONLEGACY; |
| 106 |
+#else |
| 107 |
pmdname = RSA_DEFAULT_DIGEST_NAME; |
| 108 |
-#ifndef FIPS_MODULE |
| 109 |
if (!ossl_ctx_legacy_digest_signatures_allowed(prsactx->libctx, 0)) { |
| 110 |
pmdname = RSA_DEFAULT_DIGEST_NAME_NONLEGACY; |
| 111 |
} |
| 112 |
diff --git a/test/acvp_test.inc b/test/acvp_test.inc |
| 113 |
index ad11d3ae1e..73b24bdb0c 100644 |
| 114 |
--- a/test/acvp_test.inc |
| 115 |
+++ b/test/acvp_test.inc |
| 116 |
@@ -1841,17 +1841,6 @@ static const struct rsa_sigver_st rsa_sigver_data[] = { |
| 117 |
NO_PSS_SALT_LEN, |
| 118 |
FAIL |
| 119 |
}, |
| 120 |
- { |
| 121 |
- "x931", |
| 122 |
- 3072, |
| 123 |
- "SHA1", |
| 124 |
- ITM(rsa_sigverx931_0_msg), |
| 125 |
- ITM(rsa_sigverx931_0_n), |
| 126 |
- ITM(rsa_sigverx931_0_e), |
| 127 |
- ITM(rsa_sigverx931_0_sig), |
| 128 |
- NO_PSS_SALT_LEN, |
| 129 |
- PASS |
| 130 |
- }, |
| 131 |
{ |
| 132 |
"x931", |
| 133 |
3072, |
| 134 |
diff --git a/test/recipes/30-test_evp_data/evppkey_ecdsa.txt b/test/recipes/30-test_evp_data/evppkey_ecdsa.txt |
| 135 |
index f36982845d..51e507a61c 100644 |
| 136 |
--- a/test/recipes/30-test_evp_data/evppkey_ecdsa.txt |
| 137 |
+++ b/test/recipes/30-test_evp_data/evppkey_ecdsa.txt |
| 138 |
@@ -37,12 +37,14 @@ PrivPubKeyPair = P-256:P-256-PUBLIC |
| 139 |
|
| 140 |
Title = ECDSA tests |
| 141 |
|
| 142 |
+Availablein = default |
| 143 |
Verify = P-256 |
| 144 |
Ctrl = digest:SHA1 |
| 145 |
Input = "0123456789ABCDEF1234" |
| 146 |
Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec8 |
| 147 |
|
| 148 |
# Digest too long |
| 149 |
+Availablein = default |
| 150 |
Verify = P-256 |
| 151 |
Ctrl = digest:SHA1 |
| 152 |
Input = "0123456789ABCDEF12345" |
| 153 |
@@ -50,6 +52,7 @@ Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e |
| 154 |
Result = VERIFY_ERROR |
| 155 |
|
| 156 |
# Digest too short |
| 157 |
+Availablein = default |
| 158 |
Verify = P-256 |
| 159 |
Ctrl = digest:SHA1 |
| 160 |
Input = "0123456789ABCDEF123" |
| 161 |
@@ -57,6 +60,7 @@ Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e |
| 162 |
Result = VERIFY_ERROR |
| 163 |
|
| 164 |
# Digest invalid |
| 165 |
+Availablein = default |
| 166 |
Verify = P-256 |
| 167 |
Ctrl = digest:SHA1 |
| 168 |
Input = "0123456789ABCDEF1235" |
| 169 |
@@ -64,6 +68,7 @@ Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e |
| 170 |
Result = VERIFY_ERROR |
| 171 |
|
| 172 |
# Invalid signature |
| 173 |
+Availablein = default |
| 174 |
Verify = P-256 |
| 175 |
Ctrl = digest:SHA1 |
| 176 |
Input = "0123456789ABCDEF1234" |
| 177 |
@@ -79,12 +84,14 @@ Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e |
| 178 |
Result = VERIFY_ERROR |
| 179 |
|
| 180 |
# BER signature |
| 181 |
+Availablein = default |
| 182 |
Verify = P-256 |
| 183 |
Ctrl = digest:SHA1 |
| 184 |
Input = "0123456789ABCDEF1234" |
| 185 |
Output = 3080022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec80000 |
| 186 |
Result = VERIFY_ERROR |
| 187 |
|
| 188 |
+Availablein = default |
| 189 |
Verify = P-256-PUBLIC |
| 190 |
Ctrl = digest:SHA1 |
| 191 |
Input = "0123456789ABCDEF1234" |
| 192 |
diff --git a/test/recipes/30-test_evp_data/evppkey_rsa_common.txt b/test/recipes/30-test_evp_data/evppkey_rsa_common.txt |
| 193 |
index b8d8bb2993..8dd566067b 100644 |
| 194 |
--- a/test/recipes/30-test_evp_data/evppkey_rsa_common.txt |
| 195 |
+++ b/test/recipes/30-test_evp_data/evppkey_rsa_common.txt |
| 196 |
@@ -96,6 +96,7 @@ NDL6WCBbets= |
| 197 |
|
| 198 |
Title = RSA tests |
| 199 |
|
| 200 |
+Availablein = default |
| 201 |
Verify = RSA-2048 |
| 202 |
Ctrl = digest:SHA1 |
| 203 |
Input = "0123456789ABCDEF1234" |
| 204 |
@@ -112,24 +113,28 @@ Ctrl = digest:SHA512-224 |
| 205 |
Input = "0123456789ABCDEF123456789ABC" |
| 206 |
Output = 5f720e9488139bb21e1c2f027fd5ce5993e6d31c5a8faaee833487b3a944d66891178868ace8070cad3ee2ffbe54aa4885a15fd1a7cc5166970fe1fd8c0423e72bd3e3b56fc4a53ed80aaaeca42497f0ec3c62113edc05cd006608f5eef7ce3ad4cba1069f68731dd28a524a1f93fcdc5547112d48d45586dd943ba0d443be9635720d8a61697c54c96627f0d85c5fbeaa3b4af86a65cf2fc3800dd5de34c046985f25d0efc0bb6edccc1d08b3a4fb9c8faffe181c7e68b31e374ad1440a4a664eec9ca0dc53a9d2f5bc7d9940d866f64201bcbc63612754df45727ea24b531d7de83d1bb707444859fa35521320c33bf6f4dbeb6fb56e653adbf7af15843f17 |
| 207 |
|
| 208 |
+Availablein = default |
| 209 |
VerifyRecover = RSA-2048 |
| 210 |
Ctrl = digest:SHA1 |
| 211 |
Input = c09d402423cbf233d26cae21f954547bc43fe80fd41360a0336cfdbe9aedad05bef6fd2eaee6cd60089a52482d4809a238149520df3bdde4cb9e23d9307b05c0a6f327052325a29adf2cc95b66523be7024e2a585c3d4db15dfbe146efe0ecdc0402e33fe5d40324ee96c5c3edd374a15cdc0f5d84aa243c0f07e188c6518fbfceae158a9943be398e31097da81b62074f626eff738be6160741d5a26957a482b3251fd85d8df78b98148459de10aa93305dbb4a5230aa1da291a9b0e481918f99b7638d72bb687f97661d304ae145d64a474437a4ef39d7b8059332ddeb07e92bf6e0e3acaf8afedc93795e4511737ec1e7aab6d5bc9466afc950c1c17b48ad |
| 212 |
Output = "0123456789ABCDEF1234" |
| 213 |
|
| 214 |
# Leading zero in the signature |
| 215 |
+Availablein = default |
| 216 |
Verify = RSA-2048 |
| 217 |
Ctrl = digest:SHA1 |
| 218 |
Input = "0123456789ABCDEF1234" |
| 219 |
Output = 00c09d402423cbf233d26cae21f954547bc43fe80fd41360a0336cfdbe9aedad05bef6fd2eaee6cd60089a52482d4809a238149520df3bdde4cb9e23d9307b05c0a6f327052325a29adf2cc95b66523be7024e2a585c3d4db15dfbe146efe0ecdc0402e33fe5d40324ee96c5c3edd374a15cdc0f5d84aa243c0f07e188c6518fbfceae158a9943be398e31097da81b62074f626eff738be6160741d5a26957a482b3251fd85d8df78b98148459de10aa93305dbb4a5230aa1da291a9b0e481918f99b7638d72bb687f97661d304ae145d64a474437a4ef39d7b8059332ddeb07e92bf6e0e3acaf8afedc93795e4511737ec1e7aab6d5bc9466afc950c1c17b48ad |
| 220 |
Result = VERIFY_ERROR |
| 221 |
|
| 222 |
+Availablein = default |
| 223 |
VerifyRecover = RSA-2048 |
| 224 |
Ctrl = digest:SHA1 |
| 225 |
Input = 00c09d402423cbf233d26cae21f954547bc43fe80fd41360a0336cfdbe9aedad05bef6fd2eaee6cd60089a52482d4809a238149520df3bdde4cb9e23d9307b05c0a6f327052325a29adf2cc95b66523be7024e2a585c3d4db15dfbe146efe0ecdc0402e33fe5d40324ee96c5c3edd374a15cdc0f5d84aa243c0f07e188c6518fbfceae158a9943be398e31097da81b62074f626eff738be6160741d5a26957a482b3251fd85d8df78b98148459de10aa93305dbb4a5230aa1da291a9b0e481918f99b7638d72bb687f97661d304ae145d64a474437a4ef39d7b8059332ddeb07e92bf6e0e3acaf8afedc93795e4511737ec1e7aab6d5bc9466afc950c1c17b48ad |
| 226 |
Result = KEYOP_ERROR |
| 227 |
|
| 228 |
# Mismatched digest |
| 229 |
+Availablein = default |
| 230 |
Verify = RSA-2048 |
| 231 |
Ctrl = digest:SHA1 |
| 232 |
Input = "0123456789ABCDEF1233" |
| 233 |
@@ -137,6 +142,7 @@ Output = c09d402423cbf233d26cae21f954547bc43fe80fd41360a0336cfdbe9aedad05bef6fd2 |
| 234 |
Result = VERIFY_ERROR |
| 235 |
|
| 236 |
# Corrupted signature |
| 237 |
+Availablein = default |
| 238 |
Verify = RSA-2048 |
| 239 |
Ctrl = digest:SHA1 |
| 240 |
Input = "0123456789ABCDEF1233" |
| 241 |
@@ -144,6 +150,7 @@ Output = c09d402423cbf233d26cae21f954547bc43fe80fd41360a0336cfdbe9aedad05bef6fd2 |
| 242 |
Result = VERIFY_ERROR |
| 243 |
|
| 244 |
# parameter is not NULLt |
| 245 |
+Availablein = default |
| 246 |
Verify = RSA-2048 |
| 247 |
Ctrl = digest:sha1 |
| 248 |
Input = "0123456789ABCDEF1234" |
| 249 |
@@ -151,42 +158,49 @@ Output = 3ec3fc29eb6e122bd7aa361cd09fe1bcbe85311096a7b9e4799cedfb2351ce0ab7fe4e7 |
| 250 |
Result = VERIFY_ERROR |
| 251 |
|
| 252 |
# embedded digest too long |
| 253 |
+Availablein = default |
| 254 |
Verify = RSA-2048 |
| 255 |
Ctrl = digest:sha1 |
| 256 |
Input = "0123456789ABCDEF1234" |
| 257 |
Output = afec9a0d5330a08f54283bb4a9d4e7e7e70fc1342336c4c766fba713f66970151c6e27413c48c33864ea45a0238787004f338ed3e21b53b0fe9c1151c42c388cbc7cba5a06b706c407a5b48324fbe994dc7afc3a19fb3d2841e66222596c14cd72a0f0a7455a019d8eb554f59c0183f9552b75aa96fee8bf935945e079ca283d2bd3534a86f11351f6d6181fbf433e5b01a6d1422145c7a72214d3aacdd5d3af12b2d6bf6438f9f9a64010d8aeed801c87f0859412b236150b86a545f7239be022f4a7ad246b59df87514294cb4a4c7c5a997ee53c66054d9f38ca4e76c1f7af83c30f737ef70f83a45aebe18238ddb95e1998814ca4fc72388f1533147c169d |
| 258 |
Result = VERIFY_ERROR |
| 259 |
|
| 260 |
+Availablein = default |
| 261 |
VerifyRecover = RSA-2048 |
| 262 |
Ctrl = digest:sha1 |
| 263 |
Input = afec9a0d5330a08f54283bb4a9d4e7e7e70fc1342336c4c766fba713f66970151c6e27413c48c33864ea45a0238787004f338ed3e21b53b0fe9c1151c42c388cbc7cba5a06b706c407a5b48324fbe994dc7afc3a19fb3d2841e66222596c14cd72a0f0a7455a019d8eb554f59c0183f9552b75aa96fee8bf935945e079ca283d2bd3534a86f11351f6d6181fbf433e5b01a6d1422145c7a72214d3aacdd5d3af12b2d6bf6438f9f9a64010d8aeed801c87f0859412b236150b86a545f7239be022f4a7ad246b59df87514294cb4a4c7c5a997ee53c66054d9f38ca4e76c1f7af83c30f737ef70f83a45aebe18238ddb95e1998814ca4fc72388f1533147c169d |
| 264 |
Result = KEYOP_ERROR |
| 265 |
|
| 266 |
# embedded digest too short |
| 267 |
+Availablein = default |
| 268 |
Verify = RSA-2048 |
| 269 |
Ctrl = digest:sha1 |
| 270 |
Input = "0123456789ABCDEF1234" |
| 271 |
Output = afec9a0d5330a08f54283bb4a9d4e7e7e70fc1342336c4c766fba713f66970151c6e27413c48c33864ea45a0238787004f338ed3e21b53b0fe9c1151c42c388cbc7cba5a06b706c407a5b48324fbe994dc7afc3a19fb3d2841e66222596c14cd72a0f0a7455a019d8eb554f59c0183f9552b75aa96fee8bf935945e079ca283d2bd3534a86f11351f6d6181fbf433e5b01a6d1422145c7a72214d3aacdd5d3af12b2d6bf6438f9f9a64010d8aeed801c87f0859412b236150b86a545f7239be022f4a7ad246b59df87514294cb4a4c7c5a997ee53c66054d9f38ca4e76c1f7af83c30f737ef70f83a45aebe18238ddb95e1998814ca4fc72388f1533147c169d |
| 272 |
Result = VERIFY_ERROR |
| 273 |
|
| 274 |
+Availablein = default |
| 275 |
VerifyRecover = RSA-2048 |
| 276 |
Ctrl = digest:sha1 |
| 277 |
Input = afec9a0d5330a08f54283bb4a9d4e7e7e70fc1342336c4c766fba713f66970151c6e27413c48c33864ea45a0238787004f338ed3e21b53b0fe9c1151c42c388cbc7cba5a06b706c407a5b48324fbe994dc7afc3a19fb3d2841e66222596c14cd72a0f0a7455a019d8eb554f59c0183f9552b75aa96fee8bf935945e079ca283d2bd3534a86f11351f6d6181fbf433e5b01a6d1422145c7a72214d3aacdd5d3af12b2d6bf6438f9f9a64010d8aeed801c87f0859412b236150b86a545f7239be022f4a7ad246b59df87514294cb4a4c7c5a997ee53c66054d9f38ca4e76c1f7af83c30f737ef70f83a45aebe18238ddb95e1998814ca4fc72388f1533147c169d |
| 278 |
Result = KEYOP_ERROR |
| 279 |
|
| 280 |
# Garbage after DigestInfo |
| 281 |
+Availablein = default |
| 282 |
Verify = RSA-2048 |
| 283 |
Ctrl = digest:sha1 |
| 284 |
Input = "0123456789ABCDEF1234" |
| 285 |
Output = 9ee34872d4271a7d8808af0a4052a145a6d6a8437d00da3ed14428c7f087cd39f4d43334c41af63e7fa1ba363fee7bcef401d9d36a662abbab55ce89a696e1be0dfa19a5d09ca617dd488787b6048baaefeb29bc8688b2fe3882de2b77c905b5a8b56cf9616041e5ec934ba6de863efe93acc4eef783fe7f72a00fa65d6093ed32bf98ce527e62ccb1d56317f4be18b7e0f55d7c36617d2d0678a306e3350956b662ac15df45215dd8f6b314babb9788e6c272fa461e4c9b512a11a4b92bc77c3a4c95c903fccb238794eca5c750477bf56ea6ee6a167367d881b485ae3889e7c489af8fdf38e0c0f2aed780831182e34abedd43c39281b290774bf35cc25274 |
| 286 |
Result = VERIFY_ERROR |
| 287 |
|
| 288 |
+Availablein = default |
| 289 |
VerifyRecover = RSA-2048 |
| 290 |
Ctrl = digest:sha1 |
| 291 |
Input = 9ee34872d4271a7d8808af0a4052a145a6d6a8437d00da3ed14428c7f087cd39f4d43334c41af63e7fa1ba363fee7bcef401d9d36a662abbab55ce89a696e1be0dfa19a5d09ca617dd488787b6048baaefeb29bc8688b2fe3882de2b77c905b5a8b56cf9616041e5ec934ba6de863efe93acc4eef783fe7f72a00fa65d6093ed32bf98ce527e62ccb1d56317f4be18b7e0f55d7c36617d2d0678a306e3350956b662ac15df45215dd8f6b314babb9788e6c272fa461e4c9b512a11a4b92bc77c3a4c95c903fccb238794eca5c750477bf56ea6ee6a167367d881b485ae3889e7c489af8fdf38e0c0f2aed780831182e34abedd43c39281b290774bf35cc25274 |
| 292 |
Result = KEYOP_ERROR |
| 293 |
|
| 294 |
# invalid tag for parameter |
| 295 |
+Availablein = default |
| 296 |
Verify = RSA-2048 |
| 297 |
Ctrl = digest:sha1 |
| 298 |
Input = "0123456789ABCDEF1234" |
| 299 |
@@ -195,6 +209,7 @@ Result = VERIFY_ERROR |
| 300 |
|
| 301 |
# Verify using public key |
| 302 |
|
| 303 |
+Availablein = default |
| 304 |
Verify = RSA-2048-PUBLIC |
| 305 |
Ctrl = digest:SHA1 |
| 306 |
Input = "0123456789ABCDEF1234" |
| 307 |
@@ -370,6 +385,8 @@ Input="0123456789ABCDEF0123456789ABCDEF" |
| 308 |
Output=4DE433D5844043EF08D354DA03CB29068780D52706D7D1E4D50EFB7D58C9D547D83A747DDD0635A96B28F854E50145518482CB49E963054621B53C60C498D07C16E9C2789C893CF38D4D86900DE71BDE463BD2761D1271E358C7480A1AC0BAB930DDF39602AD1BC165B5D7436B516B7A7858E8EB7AB1C420EEB482F4D207F0E462B1724959320A084E13848D11D10FB593E66BF680BF6D3F345FC3E9C3DE60ABBAC37E1C6EC80A268C8D9FC49626C679097AA690BC1AA662B95EB8DB70390861AA0898229F9349B4B5FDD030D4928C47084708A933144BE23BD3C6E661B85B2C0EF9ED36D498D5B7320E8194D363D4AD478C059BAE804181965E0B81B663158A |
| 309 |
|
| 310 |
# Verify using salt length auto detect |
| 311 |
+# In the FIPS provider on RHEL-9, the default digest for PSS signatures is SHA-256 |
| 312 |
+Availablein = default |
| 313 |
Verify = RSA-2048-PUBLIC |
| 314 |
Ctrl = rsa_padding_mode:pss |
| 315 |
Ctrl = rsa_pss_saltlen:auto |
| 316 |
@@ -404,6 +421,10 @@ Output=4DE433D5844043EF08D354DA03CB29068780D52706D7D1E4D50EFB7D58C9D547D83A747DD |
| 317 |
Result = VERIFY_ERROR |
| 318 |
|
| 319 |
# Verify using default parameters, explicitly setting parameters |
| 320 |
+# NOTE: RSA-PSS-DEFAULT contains a restriction to use SHA1 as digest, which |
| 321 |
+# RHEL-9 does not support in FIPS mode; all these tests are thus marked |
| 322 |
+# Availablein = default. |
| 323 |
+Availablein = default |
| 324 |
Verify = RSA-PSS-DEFAULT |
| 325 |
Ctrl = rsa_padding_mode:pss |
| 326 |
Ctrl = rsa_pss_saltlen:20 |
| 327 |
@@ -412,6 +433,7 @@ Input="0123456789ABCDEF0123" |
| 328 |
Output = 3EFE09D88509027D837BFA5F8471CF7B69E6DF395DD999BB9CA42021F15722D9AC76670507C6BCFB73F64FB2211B611B8F140E76EBDB064BD762FDBA89D019E304A0D6B274E1C2FE1DF50005598A0306AF805416094E2A5BA60BC72BDE38CE061E853ED40F14967A8B9CA4DC739B462F89558F12FDF2D8D19FBEF16AD66FE2DDDA8BEE983ECBD873064244849D8D94B5B33F45E076871A47ED653E73257A2BE2DB3C0878094B0D2B6B682C8007DFD989425FB39A1FEEC9EED5876414601A49176EC344F5E3EDEE81CA2DDD29B7364F4638112CB3A547E2BC170E28CB66BDABE863754BE8AD5BA230567B575266F4B6B4CF81F28310ABF05351CC9E2DB85D00BF |
| 329 |
|
| 330 |
# Verify explicitly setting parameters "digest" salt length |
| 331 |
+Availablein = default |
| 332 |
Verify = RSA-PSS-DEFAULT |
| 333 |
Ctrl = rsa_padding_mode:pss |
| 334 |
Ctrl = rsa_pss_saltlen:digest |
| 335 |
@@ -420,18 +442,21 @@ Input="0123456789ABCDEF0123" |
| 336 |
Output = 3EFE09D88509027D837BFA5F8471CF7B69E6DF395DD999BB9CA42021F15722D9AC76670507C6BCFB73F64FB2211B611B8F140E76EBDB064BD762FDBA89D019E304A0D6B274E1C2FE1DF50005598A0306AF805416094E2A5BA60BC72BDE38CE061E853ED40F14967A8B9CA4DC739B462F89558F12FDF2D8D19FBEF16AD66FE2DDDA8BEE983ECBD873064244849D8D94B5B33F45E076871A47ED653E73257A2BE2DB3C0878094B0D2B6B682C8007DFD989425FB39A1FEEC9EED5876414601A49176EC344F5E3EDEE81CA2DDD29B7364F4638112CB3A547E2BC170E28CB66BDABE863754BE8AD5BA230567B575266F4B6B4CF81F28310ABF05351CC9E2DB85D00BF |
| 337 |
|
| 338 |
# Verify using salt length larger than minimum |
| 339 |
+Availablein = default |
| 340 |
Verify = RSA-PSS-DEFAULT |
| 341 |
Ctrl = rsa_pss_saltlen:30 |
| 342 |
Input="0123456789ABCDEF0123" |
| 343 |
Output = 6BF7EDC63A0BA184EEEC7F3020FEC8F5EBF38C2B76481881F48BCCE5796E7AB294548BA9AE810457C7723CABD1BDE94CF59CF7C0FC7461B22760C8ED703DD98E97BFDD61FA8D1181C411F6DEE5FF159F4850746D78EDEE385A363DC28E2CB373D5CAD7953F3BD5E639BE345732C03A1BDEA268814DA036EB1891C82D4012F3B903D86636055F87B96FC98806AD1B217685A4D754046A5DE0B0D7870664BE07902153EC85BA457BE7D7F89D7FE0F626D02A9CBBB2BB479DDA1A5CAE75247FB7BF6BFB15C1D3FD9E6B1573CCDBC72011C3B97716058BB11C7EA2E4E56ADAFE1F5DE6A7FD405AC5890100F9C3408EFFB5C73BF73F48177FF743B4B819D0699D507B |
| 344 |
|
| 345 |
# Verify using maximum salt length |
| 346 |
+Availablein = default |
| 347 |
Verify = RSA-PSS-DEFAULT |
| 348 |
Ctrl = rsa_pss_saltlen:max |
| 349 |
Input="0123456789ABCDEF0123" |
| 350 |
Output = 4470DCFE812DEE2E58E4301D4ED274AB348FE040B724B2CD1D8CD0914BFF375F0B86FCB32BFA8AEA9BD22BD7C4F1ADD4F3D215A5CFCC99055BAFECFC23800E9BECE19A08C66BEBC5802122D13A732E5958FC228DCC0B49B5B4B1154F032D8FA2F3564AA949C1310CC9266B0C47F86D449AC9D2E7678347E7266E2D7C888CCE1ADF44A109A293F8516AE2BD94CE220F26E137DB8E7A66BB9FCE052CDC1D0BE24D8CEBB20D10125F26B069F117044B9E1D16FDDAABCA5340AE1702F37D0E1C08A2E93801C0A41035C6C73DA02A0E32227EAFB0B85E79107B59650D0EE7DC32A6772CCCE90F06369B2880FE87ED76997BA61F5EA818091EE88F8B0D6F24D02A3FC6 |
| 351 |
|
| 352 |
# Attempt to change salt length below minimum |
| 353 |
+Availablein = default |
| 354 |
Verify = RSA-PSS-DEFAULT |
| 355 |
Ctrl = rsa_pss_saltlen:0 |
| 356 |
Result = PKEY_CTRL_ERROR |
| 357 |
@@ -439,21 +464,25 @@ Result = PKEY_CTRL_ERROR |
| 358 |
# Attempt to change padding mode |
| 359 |
# Note this used to return PKEY_CTRL_INVALID |
| 360 |
# but it is limited because setparams only returns 0 or 1. |
| 361 |
+Availablein = default |
| 362 |
Verify = RSA-PSS-DEFAULT |
| 363 |
Ctrl = rsa_padding_mode:pkcs1 |
| 364 |
Result = PKEY_CTRL_ERROR |
| 365 |
|
| 366 |
# Attempt to change digest |
| 367 |
+Availablein = default |
| 368 |
Verify = RSA-PSS-DEFAULT |
| 369 |
Ctrl = digest:sha256 |
| 370 |
Result = PKEY_CTRL_ERROR |
| 371 |
|
| 372 |
# Invalid key: rejected when we try to init |
| 373 |
+Availablein = default |
| 374 |
Verify = RSA-PSS-BAD |
| 375 |
Result = KEYOP_INIT_ERROR |
| 376 |
Reason = invalid salt length |
| 377 |
|
| 378 |
# Invalid key: rejected when we try to init |
| 379 |
+Availablein = default |
| 380 |
Verify = RSA-PSS-BAD2 |
| 381 |
Result = KEYOP_INIT_ERROR |
| 382 |
Reason = invalid salt length |
| 383 |
@@ -472,36 +501,42 @@ CAltWyuLbfXWce9jd8CSHLI8Jwpw4lmOb/idGfEFrMLT8Ms18pKA4Thrb2TE7yLh |
| 384 |
4fINDOjP+yJJvZohNwIDAQAB |
| 385 |
-----END PUBLIC KEY----- |
| 386 |
|
| 387 |
+Availablein = default |
| 388 |
Verify=RSA-PSS-1 |
| 389 |
Ctrl = rsa_padding_mode:pss |
| 390 |
Ctrl = rsa_mgf1_md:sha1 |
| 391 |
Input=cd8b6538cb8e8de566b68bd067569dbf1ee2718e |
| 392 |
Output=9074308fb598e9701b2294388e52f971faac2b60a5145af185df5287b5ed2887e57ce7fd44dc8634e407c8e0e4360bc226f3ec227f9d9e54638e8d31f5051215df6ebb9c2f9579aa77598a38f914b5b9c1bd83c4e2f9f382a0d0aa3542ffee65984a601bc69eb28deb27dca12c82c2d4c3f66cd500f1ff2b994d8a4e30cbb33c |
| 393 |
|
| 394 |
+Availablein = default |
| 395 |
Verify=RSA-PSS-1 |
| 396 |
Ctrl = rsa_padding_mode:pss |
| 397 |
Ctrl = rsa_mgf1_md:sha1 |
| 398 |
Input=e35befc17a1d160b9ce35fbd8eb16e7ee491d3fd |
| 399 |
Output=3ef7f46e831bf92b32274142a585ffcefbdca7b32ae90d10fb0f0c729984f04ef29a9df0780775ce43739b97838390db0a5505e63de927028d9d29b219ca2c4517832558a55d694a6d25b9dab66003c4cccd907802193be5170d26147d37b93590241be51c25055f47ef62752cfbe21418fafe98c22c4d4d47724fdb5669e843 |
| 400 |
|
| 401 |
+Availablein = default |
| 402 |
Verify=RSA-PSS-1 |
| 403 |
Ctrl = rsa_padding_mode:pss |
| 404 |
Ctrl = rsa_mgf1_md:sha1 |
| 405 |
Input=0652ec67bcee30f9d2699122b91c19abdba89f91 |
| 406 |
Output=666026fba71bd3e7cf13157cc2c51a8e4aa684af9778f91849f34335d141c00154c4197621f9624a675b5abc22ee7d5baaffaae1c9baca2cc373b3f33e78e6143c395a91aa7faca664eb733afd14d8827259d99a7550faca501ef2b04e33c23aa51f4b9e8282efdb728cc0ab09405a91607c6369961bc8270d2d4f39fce612b1 |
| 407 |
|
| 408 |
+Availablein = default |
| 409 |
Verify=RSA-PSS-1 |
| 410 |
Ctrl = rsa_padding_mode:pss |
| 411 |
Ctrl = rsa_mgf1_md:sha1 |
| 412 |
Input=39c21c4cceda9c1adf839c744e1212a6437575ec |
| 413 |
Output=4609793b23e9d09362dc21bb47da0b4f3a7622649a47d464019b9aeafe53359c178c91cd58ba6bcb78be0346a7bc637f4b873d4bab38ee661f199634c547a1ad8442e03da015b136e543f7ab07c0c13e4225b8de8cce25d4f6eb8400f81f7e1833b7ee6e334d370964ca79fdb872b4d75223b5eeb08101591fb532d155a6de87 |
| 414 |
|
| 415 |
+Availablein = default |
| 416 |
Verify=RSA-PSS-1 |
| 417 |
Ctrl = rsa_padding_mode:pss |
| 418 |
Ctrl = rsa_mgf1_md:sha1 |
| 419 |
Input=36dae913b77bd17cae6e7b09453d24544cebb33c |
| 420 |
Output=1d2aad221ca4d31ddf13509239019398e3d14b32dc34dc5af4aeaea3c095af73479cf0a45e5629635a53a018377615b16cb9b13b3e09d671eb71e387b8545c5960da5a64776e768e82b2c93583bf104c3fdb23512b7b4e89f633dd0063a530db4524b01c3f384c09310e315a79dcd3d684022a7f31c865a664e316978b759fad |
| 421 |
|
| 422 |
+Availablein = default |
| 423 |
Verify=RSA-PSS-1 |
| 424 |
Ctrl = rsa_padding_mode:pss |
| 425 |
Ctrl = rsa_mgf1_md:sha1 |
| 426 |
@@ -517,36 +552,42 @@ swU7R97S7NSkyu/WFIM9yLtiLzF+0Ha4BX/o3j+ESArV6D5KYZBKTySPs5cCc1fh |
| 427 |
0w5GMTmBXG/U/VrFuBcqRSMOy2MYoE8UVdhOWosCAwEAAQ== |
| 428 |
-----END PUBLIC KEY----- |
| 429 |
|
| 430 |
+Availablein = default |
| 431 |
Verify=RSA-PSS-9 |
| 432 |
Ctrl = rsa_padding_mode:pss |
| 433 |
Ctrl = rsa_mgf1_md:sha1 |
| 434 |
Input=2715a49b8b0012cd7aee84c116446e6dfe3faec0 |
| 435 |
Output=586107226c3ce013a7c8f04d1a6a2959bb4b8e205ba43a27b50f124111bc35ef589b039f5932187cb696d7d9a32c0c38300a5cdda4834b62d2eb240af33f79d13dfbf095bf599e0d9686948c1964747b67e89c9aba5cd85016236f566cc5802cb13ead51bc7ca6bef3b94dcbdbb1d570469771df0e00b1a8a06777472d2316279edae86474668d4e1efff95f1de61c6020da32ae92bbf16520fef3cf4d88f61121f24bbd9fe91b59caf1235b2a93ff81fc403addf4ebdea84934a9cdaf8e1a9e |
| 436 |
|
| 437 |
+Availablein = default |
| 438 |
Verify=RSA-PSS-9 |
| 439 |
Ctrl = rsa_padding_mode:pss |
| 440 |
Ctrl = rsa_mgf1_md:sha1 |
| 441 |
Input=2dac956d53964748ac364d06595827c6b4f143cd |
| 442 |
Output=80b6d643255209f0a456763897ac9ed259d459b49c2887e5882ecb4434cfd66dd7e1699375381e51cd7f554f2c271704b399d42b4be2540a0eca61951f55267f7c2878c122842dadb28b01bd5f8c025f7e228418a673c03d6bc0c736d0a29546bd67f786d9d692ccea778d71d98c2063b7a71092187a4d35af108111d83e83eae46c46aa34277e06044589903788f1d5e7cee25fb485e92949118814d6f2c3ee361489016f327fb5bc517eb50470bffa1afa5f4ce9aa0ce5b8ee19bf5501b958 |
| 443 |
|
| 444 |
+Availablein = default |
| 445 |
Verify=RSA-PSS-9 |
| 446 |
Ctrl = rsa_padding_mode:pss |
| 447 |
Ctrl = rsa_mgf1_md:sha1 |
| 448 |
Input=28d98c46cccafbd3bc04e72f967a54bd3ea12298 |
| 449 |
Output=484408f3898cd5f53483f80819efbf2708c34d27a8b2a6fae8b322f9240237f981817aca1846f1084daa6d7c0795f6e5bf1af59c38e1858437ce1f7ec419b98c8736adf6dd9a00b1806d2bd3ad0a73775e05f52dfef3a59ab4b08143f0df05cd1ad9d04bececa6daa4a2129803e200cbc77787caf4c1d0663a6c5987b605952019782caf2ec1426d68fb94ed1d4be816a7ed081b77e6ab330b3ffc073820fecde3727fcbe295ee61a050a343658637c3fd659cfb63736de32d9f90d3c2f63eca |
| 450 |
|
| 451 |
+Availablein = default |
| 452 |
Verify=RSA-PSS-9 |
| 453 |
Ctrl = rsa_padding_mode:pss |
| 454 |
Ctrl = rsa_mgf1_md:sha1 |
| 455 |
Input=0866d2ff5a79f25ef668cd6f31b42dee421e4c0e |
| 456 |
Output=84ebeb481be59845b46468bafb471c0112e02b235d84b5d911cbd1926ee5074ae0424495cb20e82308b8ebb65f419a03fb40e72b78981d88aad143053685172c97b29c8b7bf0ae73b5b2263c403da0ed2f80ff7450af7828eb8b86f0028bd2a8b176a4d228cccea18394f238b09ff758cc00bc04301152355742f282b54e663a919e709d8da24ade5500a7b9aa50226e0ca52923e6c2d860ec50ff480fa57477e82b0565f4379f79c772d5c2da80af9fbf325ece6fc20b00961614bee89a183e |
| 457 |
|
| 458 |
+Availablein = default |
| 459 |
Verify=RSA-PSS-9 |
| 460 |
Ctrl = rsa_padding_mode:pss |
| 461 |
Ctrl = rsa_mgf1_md:sha1 |
| 462 |
Input=6a5b4be4cd36cc97dfde9995efbf8f097a4a991a |
| 463 |
Output=82102df8cb91e7179919a04d26d335d64fbc2f872c44833943241de8454810274cdf3db5f42d423db152af7135f701420e39b494a67cbfd19f9119da233a23da5c6439b5ba0d2bc373eee3507001378d4a4073856b7fe2aba0b5ee93b27f4afec7d4d120921c83f606765b02c19e4d6a1a3b95fa4c422951be4f52131077ef17179729cddfbdb56950dbaceefe78cb16640a099ea56d24389eef10f8fecb31ba3ea3b227c0a86698bb89e3e9363905bf22777b2a3aa521b65b4cef76d83bde4c |
| 464 |
|
| 465 |
+Availablein = default |
| 466 |
Verify=RSA-PSS-9 |
| 467 |
Ctrl = rsa_padding_mode:pss |
| 468 |
Ctrl = rsa_mgf1_md:sha1 |
| 469 |
@@ -564,36 +605,42 @@ F7jfF3jbOB3OCctK0FilEQAac4GY7ifPVaE7dUU5kGWC7IsXS9WNXR89dnxhNyGu |
| 470 |
BQIDAQAB |
| 471 |
-----END PUBLIC KEY----- |
| 472 |
|
| 473 |
+Availablein = default |
| 474 |
Verify=RSA-PSS-10 |
| 475 |
Ctrl = rsa_padding_mode:pss |
| 476 |
Ctrl = rsa_mgf1_md:sha1 |
| 477 |
Input=9596bb630cf6a8d4ea4600422b9eba8b13675dd4 |
| 478 |
Output=82c2b160093b8aa3c0f7522b19f87354066c77847abf2a9fce542d0e84e920c5afb49ffdfdace16560ee94a1369601148ebad7a0e151cf16331791a5727d05f21e74e7eb811440206935d744765a15e79f015cb66c532c87a6a05961c8bfad741a9a6657022894393e7223739796c02a77455d0f555b0ec01ddf259b6207fd0fd57614cef1a5573baaff4ec00069951659b85f24300a25160ca8522dc6e6727e57d019d7e63629b8fe5e89e25cc15beb3a647577559299280b9b28f79b0409000be25bbd96408ba3b43cc486184dd1c8e62553fa1af4040f60663de7f5e49c04388e257f1ce89c95dab48a315d9b66b1b7628233876ff2385230d070d07e1666 |
| 479 |
|
| 480 |
+Availablein = default |
| 481 |
Verify=RSA-PSS-10 |
| 482 |
Ctrl = rsa_padding_mode:pss |
| 483 |
Ctrl = rsa_mgf1_md:sha1 |
| 484 |
Input=b503319399277fd6c1c8f1033cbf04199ea21716 |
| 485 |
Output=14ae35d9dd06ba92f7f3b897978aed7cd4bf5ff0b585a40bd46ce1b42cd2703053bb9044d64e813d8f96db2dd7007d10118f6f8f8496097ad75e1ff692341b2892ad55a633a1c55e7f0a0ad59a0e203a5b8278aec54dd8622e2831d87174f8caff43ee6c46445345d84a59659bfb92ecd4c818668695f34706f66828a89959637f2bf3e3251c24bdba4d4b7649da0022218b119c84e79a6527ec5b8a5f861c159952e23ec05e1e717346faefe8b1686825bd2b262fb2531066c0de09acde2e4231690728b5d85e115a2f6b92b79c25abc9bd9399ff8bcf825a52ea1f56ea76dd26f43baafa18bfa92a504cbd35699e26d1dcc5a2887385f3c63232f06f3244c3 |
| 486 |
|
| 487 |
+Availablein = default |
| 488 |
Verify=RSA-PSS-10 |
| 489 |
Ctrl = rsa_padding_mode:pss |
| 490 |
Ctrl = rsa_mgf1_md:sha1 |
| 491 |
Input=50aaede8536b2c307208b275a67ae2df196c7628 |
| 492 |
Output=6e3e4d7b6b15d2fb46013b8900aa5bbb3939cf2c095717987042026ee62c74c54cffd5d7d57efbbf950a0f5c574fa09d3fc1c9f513b05b4ff50dd8df7edfa20102854c35e592180119a70ce5b085182aa02d9ea2aa90d1df03f2daae885ba2f5d05afdac97476f06b93b5bc94a1a80aa9116c4d615f333b098892b25fface266f5db5a5a3bcc10a824ed55aad35b727834fb8c07da28fcf416a5d9b2224f1f8b442b36f91e456fdea2d7cfe3367268de0307a4c74e924159ed33393d5e0655531c77327b89821bdedf880161c78cd4196b5419f7acc3f13e5ebf161b6e7c6724716ca33b85c2e25640192ac2859651d50bde7eb976e51cec828b98b6563b86bb |
| 493 |
|
| 494 |
+Availablein = default |
| 495 |
Verify=RSA-PSS-10 |
| 496 |
Ctrl = rsa_padding_mode:pss |
| 497 |
Ctrl = rsa_mgf1_md:sha1 |
| 498 |
Input=aa0b72b8b371ddd10c8ae474425ccccf8842a294 |
| 499 |
Output=34047ff96c4dc0dc90b2d4ff59a1a361a4754b255d2ee0af7d8bf87c9bc9e7ddeede33934c63ca1c0e3d262cb145ef932a1f2c0a997aa6a34f8eaee7477d82ccf09095a6b8acad38d4eec9fb7eab7ad02da1d11d8e54c1825e55bf58c2a23234b902be124f9e9038a8f68fa45dab72f66e0945bf1d8bacc9044c6f07098c9fcec58a3aab100c805178155f030a124c450e5acbda47d0e4f10b80a23f803e774d023b0015c20b9f9bbe7c91296338d5ecb471cafb032007b67a60be5f69504a9f01abb3cb467b260e2bce860be8d95bf92c0c8e1496ed1e528593a4abb6df462dde8a0968dffe4683116857a232f5ebf6c85be238745ad0f38f767a5fdbf486fb |
| 500 |
|
| 501 |
+Availablein = default |
| 502 |
Verify=RSA-PSS-10 |
| 503 |
Ctrl = rsa_padding_mode:pss |
| 504 |
Ctrl = rsa_mgf1_md:sha1 |
| 505 |
Input=fad3902c9750622a2bc672622c48270cc57d3ea8 |
| 506 |
Output=7e0935ea18f4d6c1d17ce82eb2b3836c55b384589ce19dfe743363ac9948d1f346b7bfddfe92efd78adb21faefc89ade42b10f374003fe122e67429a1cb8cbd1f8d9014564c44d120116f4990f1a6e38774c194bd1b8213286b077b0499d2e7b3f434ab12289c556684deed78131934bb3dd6537236f7c6f3dcb09d476be07721e37e1ceed9b2f7b406887bd53157305e1c8b4f84d733bc1e186fe06cc59b6edb8f4bd7ffefdf4f7ba9cfb9d570689b5a1a4109a746a690893db3799255a0cb9215d2d1cd490590e952e8c8786aa0011265252470c041dfbc3eec7c3cbf71c24869d115c0cb4a956f56d530b80ab589acfefc690751ddf36e8d383f83cedd2cc |
| 507 |
|
| 508 |
+Availablein = default |
| 509 |
Verify=RSA-PSS-10 |
| 510 |
Ctrl = rsa_padding_mode:pss |
| 511 |
Ctrl = rsa_mgf1_md:sha1 |
| 512 |
@@ -1329,11 +1376,13 @@ Title = RSA FIPS tests |
| 513 |
|
| 514 |
# FIPS tests |
| 515 |
|
| 516 |
-# Verifying with SHA1 is permitted in fips mode for older applications |
| 517 |
+# Verifying with SHA1 is not permitted on RHEL-9 in FIPS mode |
| 518 |
+Availablein = fips |
| 519 |
DigestVerify = SHA1 |
| 520 |
Key = RSA-2048 |
| 521 |
Input = "Hello " |
| 522 |
Output = 87ea0e2226ef35e5a2aec9ca1222fcbe39ba723f05b3203564f671dd3601271806ead3240e61d424359ee3b17bd3e32f54b82df83998a8ac4148410710361de0400f9ddf98278618fbc87747a0531972543e6e5f18ab2fdfbfda02952f6ac69690e43864690af271bf43d4be9705b303d4ff994ab3abd4d5851562b73e59be3edc01cec41a4cc13b68206329bad1a46c6608d3609e951faa321d0fdbc765d54e9a7c59248d2f67913c9903e932b769c9c8a45520cabea06e8c0b231dd3bcc7f7ec55b46b0157ccb5fc5011fa57353cd3df32edcbadcb8d168133cbd0acfb64444cb040e1298f621508a38f79e14ae8c2c5c857f90aa9d24ef5fc07d34bf23859 |
| 523 |
+Result = DIGESTVERIFYINIT_ERROR |
| 524 |
|
| 525 |
# Verifying with a 1024 bit key is permitted in fips mode for older applications |
| 526 |
DigestVerify = SHA256 |
| 527 |
diff --git a/test/recipes/80-test_cms.t b/test/recipes/80-test_cms.t |
| 528 |
index 48a92f735d..34afe91b88 100644 |
| 529 |
--- a/test/recipes/80-test_cms.t |
| 530 |
+++ b/test/recipes/80-test_cms.t |
| 531 |
@@ -162,7 +162,7 @@ my @smime_pkcs7_tests = ( |
| 532 |
[ "{cmd1}", @defaultprov, "-sign", "-in", $smcont, "-md", "sha1", |
| 533 |
"-certfile", $smroot, |
| 534 |
"-signer", $smrsa1, "-out", "{output}.cms" ], |
| 535 |
- [ "{cmd2}", @prov, "-verify", "-in", "{output}.cms", |
| 536 |
+ [ "{cmd2}", @defaultprov, "-verify", "-in", "{output}.cms", |
| 537 |
"-CAfile", $smroot, "-out", "{output}.txt" ], |
| 538 |
\&final_compare |
| 539 |
], |
| 540 |
@@ -170,7 +170,7 @@ my @smime_pkcs7_tests = ( |
| 541 |
[ "signed zero-length content S/MIME format, RSA key SHA1", |
| 542 |
[ "{cmd1}", @defaultprov, "-sign", "-in", $smcont_zero, "-md", "sha1", |
| 543 |
"-certfile", $smroot, "-signer", $smrsa1, "-out", "{output}.cms" ], |
| 544 |
- [ "{cmd2}", @prov, "-verify", "-in", "{output}.cms", |
| 545 |
+ [ "{cmd2}", @defaultprov, "-verify", "-in", "{output}.cms", |
| 546 |
"-CAfile", $smroot, "-out", "{output}.txt" ], |
| 547 |
\&zero_compare |
| 548 |
], |
| 549 |
diff --git a/test/recipes/80-test_ssl_old.t b/test/recipes/80-test_ssl_old.t |
| 550 |
index 8c52b637fc..ff75c5b6ec 100644 |
| 551 |
--- a/test/recipes/80-test_ssl_old.t |
| 552 |
+++ b/test/recipes/80-test_ssl_old.t |
| 553 |
@@ -394,6 +394,9 @@ sub testssl { |
| 554 |
'test sslv2/sslv3 with 1024bit DHE via BIO pair'); |
| 555 |
} |
| 556 |
|
| 557 |
+ SKIP: { |
| 558 |
+ skip "SSLv3 is not supported by the FIPS provider", 4 |
| 559 |
+ if $provider eq "fips"; |
| 560 |
ok(run(test([@ssltest, "-bio_pair", "-server_auth", @CA])), |
| 561 |
'test sslv2/sslv3 with server authentication'); |
| 562 |
ok(run(test([@ssltest, "-bio_pair", "-client_auth", @CA])), |
| 563 |
@@ -402,6 +405,7 @@ sub testssl { |
| 564 |
'test sslv2/sslv3 with both client and server authentication via BIO pair'); |
| 565 |
ok(run(test([@ssltest, "-bio_pair", "-server_auth", "-client_auth", "-app_verify", @CA])), |
| 566 |
'test sslv2/sslv3 with both client and server authentication via BIO pair and app verify'); |
| 567 |
+ } |
| 568 |
|
| 569 |
SKIP: { |
| 570 |
skip "No IPv4 available on this machine", 4 |
Parent Directory
| 
Revision Log
| 
Revision Graph
